There’s an excellent turnout, and Fraunhofer Fokus are doing a great job of hosting, with free WLAN (hence this blog entry) and everything you would expect from a well-run conference.

The keynote speech today was provided by Virgil Gligor of the University of Maryland, on the subject Adversary Models; in other words it is necessary to define the adversary before we can decide what ‘secure’ means. Prof. Gligor was the 2006 recipient of the prestigious National Security Award, and he also has the distinction of being the first person ever to write a paper about Denial of Service attacks

In a wide-ranging talk, Prof Gligor pointed out that in the history of computing there has often been a 10 or more year gap between the use of technology and the addressing of security issues that arise from it. This of course also true today of VoIP and VoIP security, and he assures us that at least this means we will all have jobs for life.

One of the key messages of his talk was that “Perfect is the Enemy of the Good”, or in other words, we can secure a system 100%, but end up with a completely unworkable system. On the other hand we can engineer systems that work, but only detect perhaps 70% of intrusions and other security problems. There is no such thing as a completely secure system.