Phillip Hallam-Baker

Dr Phillip Hallam-Baker has been working on the security of the World Wide Web since 1992. He was the inventor of the HTTP Referer field and proposed the first use of cryptography in the Web (DIGEST Authentication).

In the two decades since, Hallam-Baker has been at the center of the development of Web and Internet standards at CERN, MIT and in the commercial world making substantial contributions to the design of the XML Security, XKMS, SAML and WS-Security standards and protocols.

AusCERT2012 Presentation

Attacks on Authentication: States enter the threat landscape

The recent attacks on authentication infrastructures require a rapid reappraisal of existing security assumptions. Financially motivated attackers may be deterred by raising the cost of doing business, politically motivated actors are not. While debate will continue on whether specific recent attacks were performed by state agencies or independent actors it is clear that both types of group were behind at least some of the recent high profile attacks.

In this presentation, Dr Hallam-Baker will provide a first hand account of recent attacks on CA infrastructure launched from Internet addresses within Iran and the subsequent industry response: In what ways did the infrastructure respond to these indents as intended and how did it fail? What underlying problems do these events uncover and how should these be addressed?

AusCERT2012 Presentation in PDF format