Abstract: This blockchain tutorial begins with a technical survey of the building blocks of distributed ledger technology (DLT) and a self-contained introduction to the underlying cryptographic principles. Gaining perspective via predecessor digital cash systems, linked timestamping, consensus mechanisms in the presence of faults, one-way hash functions, hash trees, digital signatures, and countermeasures against spam and denial-of-service paves the way to understanding that there are attack vectors beyond those designed to successfully double spend, and applications of immutable and replicated DLT beyond cryptocurrency. We will examine both permissioned and permissionless blockchains, and the related considerations of access control, performance, scalability, and maintained level of decentralization. Security hardware plays a role in the discussion of decentralization, such as pertaining to potentially sidestepping the debate concerning ASIC resistance in Proof-of-Work- based permissionless consensus by using anonymously-attested and trusted execution environment-governed Proof-of-Elapsed-Time in place of establishing direct knowledge of the participants in Practical Byzantine Fault Tolerance permissioned consensus. We will cover aspects of smart contracts, and utilization of off-chain as well as on-chain processing within smart home and smart city environments that must account for securing the use of resource-constrained IoT devices. The tutorial will conclude with an introduction into some of the tradeoffs involved in securing proof-of-possession of identities and attributes, as required by advanced applications, while addressing privacy of individuals and safeguarding of proprietary data in accordance with maintaining corporate competitiveness of stakeholders participating in a consortium blockchain for organizational collaboration and efficiency.

Bio: David W. Kravitz is Vice President of Crypto Systems Research at DarkMatter, and heads DarkMatter's blockchain team that is focused on providing an IoT-compatible access-controlled, auditable and privacy-preserving transaction platform. His extensive information security experience spans a wide range of application areas, including voice and data critical infrastructure, digital rights management, payments, smart grid, IoT, and high-value assets transfer. He began his career at the National Security Agency, where as Senior Technical Advisor he combined his exceptional skills in protocol and algorithm design with his evaluation capabilities to profoundly enhance the security posture of communications, as stated in the Certificate of Achievement he was awarded by the Director of NSA. He has also held senior positions at Sandia National Laboratories, CertCo/Bankers Trust Electronic Commerce, Digital Video Express, Wave Systems Corp., Motorola Labs, Certicom Research/BlackBerry, and IBM Research. He was the principal architect of the Membership Services identity management framework of the Linux Foundation's Hyperledger Fabric project, and invented DSA, the elliptic curve variant of which, ECDSA, underlies Bitcoin and Ethereum blockchains. He serves as a Technical Advisor for CENTRI-Advanced Security for IoT, and Atonomi-The Secure Ledger of Things. He holds a Ph.D. and Masters in Electrical Engineering-Systems from University of Southern California, a Masters in Mathematical Sciences from Johns Hopkins University, and a Bachelors in Mathematics from Rutgers University.

Abstract: Software Defined Networking (SDN) and Network Function Virtualization (NFV) are the key pillars of future networks, including 5G and Beyond that promise to support emerging applications such as enhanced mobile broadband, ultra low latency, massive sensing type applications while providing the resiliency in the network. Service providers and other verticals (e.g., Connected Cars, IOT, eHealth) can leverage SDN/NFV to provide flexible and cost-effective service without compromising the end user quality of service (QoS). While NFV and SDN open up the door for flexible networks and rapid service creation, these offer both security opportunities while also introducing additional challenges and complexities, in some cases. With the rapid proliferation of 4G and 5G networks, operators have now started the trial deployment of network function virtualization, especially with the introduction of various virtualized network elements in the access and core networks. These include elements such as virtualized Evolved Packet Core (vEPC), virtualized IP Multimedia Services (vIMS), Virtualized Residential Gateway, and Virtualized Next Generation Firewalls. However, very little attention has been given to the security aspects of virtualization. While several standardization bodies (e.g., ETSI, 3GPP, NGMN, ATIS, TIA) have started looking into the many security issues introduced by SDN/NFV, additional work is needed with larger security community involvement including vendors, operators, universities, and regulators. This tutorial will address evolution of cellular technologies towards 5G but will largely focus on various security challenges and opportunities introduced by SDN/NFV and 5G networks such as Hypervisor, Virtual Network Functions (VNFs), SDN Controller, Orchestrator, Network slicing, Cloud RAN, and security function virtualization. This tutorial will also highlight some of the ongoing activities within various standards communities and will illustrate a few deployment use case scenarios for security including threat taxonomy for both operator and enterprise networks. In addition, I will also describe some of the ongoing activities within IEEE Future Network initiative including roadmap efforts and various ways one can get involved and contribute to this initiative.

Bio: Ashutosh Dutta is currently Senior Wireless Communication Systems Research Scientist at Johns Hopkins University Applied Physics Labs (JHU/APL), USA. Most recently he served as Principal Member of Technical Staff at AT&T Labs in Middletown, New Jersey. His career, spanning more than 30 years, includes Director of Technology Security and Lead Member of Technical Staff at AT&T, CTO of Wireless at a Cybersecurity company NIKSUN, Inc., Senior Scientist in Telcordia Research, Director of Central Research Facility at Columbia University, adjunct faculty at NJIT, and Computer Engineer with TATA Motors. He has more than 90 conference and journal publications, three book chapters, and 30 issued patents. Ashutosh is co-author of the book, titled, “Mobility Protocols and Handover Optimization: Design, Evaluation and Application” published by IEEE and John & Wiley that has recently been translated into Chinese Language. Ashutosh served as the chair for IEEE Princeton / Central Jersey Section, Industry Relation Chair for Region 1 and MGA, Pre-University Coordinator for IEEE MGA and vice chair of Education Society Chapter of PCJS. He co-founded the IEEE STEM conference (ISEC) and helped to implement EPICS (Engineering Projects in Community Service) projects in several high schools. Ashutosh currently serves as the Director of Industry Outreach for IEEE Communications Society and is the founding co-chair for IEEE 5G initiative. He also serves as IEEE Communications Society's Distinguished Lecturer for 2017-2018. Ashutosh serves as the general co-chair for the premier IEEE 5G World Forum. He was recipient of the prestigious 2009 IEEE MGA Leadership award and 2010 IEEE-USA professional leadership award. Ashutosh obtained his BS in Electrical Engineering from NIT Rourkela, India, MS in Computer Science from NJIT, and Ph.D. in Electrical Engineering from Columbia University under the supervision of Prof. Henning Schulzrinne. Ashutosh is a senior member of IEEE and ACM.