ABOUT THE CONFERENCE
CONFERENCE PROGRAM
SPONSORS AND EXHIBITORS
HIGHLIGHTS AND EVENTS
TRAVEL
My RSA Conference

Pre-Conference 1-Day Tutorials

The pre-Conference 1-Day Tutorials will offer you a wide range of technically oriented sessions from highly regarded RSA® Conference presenters.

Monday, April 7

9:00 am - 3:30 pm

TUT-M11 - Securing Tamper Resistant Devices – Introduction to Timing Attacks, SPA and DPA 
Register Now

Side channel vulnerabilities such as Simple Power Analysis (SPA), Differential Power Analysis (DPA), and Timing Attacks have emerged as powerful real-world threats to tamper resistant devices and embedded systems. Workshop attendees will receive an introduction to the fundamentals of power analysis, perform hands-on tutorials, examine practical design approaches to countering power analysis, and review the current state of related U.S. and international security certifications.

Speakers:
Joseph Bonneau, Cryptographic Scientist, Cryptography Research, Inc.
Josh Jaffe, Cryptosystem Researcher and Engineer, Cryptography Research, Inc.
Ben Jun, Vice President of Technology, Cryptography Research, Inc.
Mark Marson, Senior Cryptographer, Cryptography Research, Inc.
Trevor Perrin, Software Engineer, Cryptography Research, Inc.

9:00 am - 4:15 pm

TUT-M21 - Building an Enterprise-Strength Identity & Access Management Architecture
Register Now

Identity and access management presents a unique set of challenges. This interactive session, taught by experienced IdM gurus, will provide detailed and informative discussions on directories, web access management, federated identity, provisioning, infrastructure and more. Advanced discussions and case studies will include strategy, governance, and detailed federation and architecture discussions.

Speakers: 
Daniel Houser, Senior Security Identity Architect, Cardinal Health
Erik Heidt, Information Security Team Manager, Fifth Third Bank

9:00 am -10:45 am

TUT-M31 - Smart Cards and Information Technology Tutorial – Part 1
Register Now

This session begins with a market overview of smart cards in secure identification and authentication implementations in government and commercial projects worldwide.  Next, it will explain the practical usage of digital credentials stored on smart cards, and how they are issued, managed and revoked. As the U.S. Government continues progress towards issuing millions of FIPS 201 compliant credentials, this session will look at how a standard for interoperable credentials will impact your Identity management decisions in the future?  A standards based, interoperable credential enables many new opportunities such as convergence of logical and physical access, increased functionality, and a reduction in deployment costs. This session will examine how these interoperable credentials make good security and fiscal sense and are moving outside of the initial domain of federal agencies.

Speakers:
Steve Howard, VP Business Development, Thales eSecurity
Randy Vanderhoof, Executive Director, Smart Card Alliance

11:00 am - 12:45 pm

TUT-M32 - Smart Cards and Information Technology Tutorial – Part 2
Register Now

This session begins by exploring the independence and interrelationships between the concepts of Identity, Privilege and Person in relation to privacy, consent, and authentication.  Examples are presented on how specific smart card technologies are utilized to implement these concepts in well-known application contexts.  The session will conclude with an overview of the latest technology innovations in smart cards for IT, such as .NET card services that move cards towards an integrated service-oriented model. Advances in application and content management capabilities are shown that create flexibility for how smart cards are applied in IT environments.

Speakers:
Gilles Lisimaque, Partner, Identification Technology Partners, Inc.
Michael Neumann, Director, Business Development, StepNexus

1:45 pm - 3:30 pm

TUT-M33 - Smart Cards and Information Technology Tutorial – Part 3
Register Now

This session will look at large scale smart card deployments. Registered Traveler combines smart cards with biometrics and addresses critical notions of security and privacy. This program also addresses the requirement for industry standards and specifications, and how interoperability was achieved across disparate service providers. Next, Pfizer's Integrated Badge program provides a model for a converged platform for logical and physical access.  Key applications include multi-site physical access across disparate physical access control systems and the use of digital signatures for logical security. These use cases are excellent examples of smart card deployments and highlight, from two very different perspectives, how smart cards are used in today's business environments.

Speakers:
Brian Ichikawa, Identity Solutions Architect, Unisys
  

9:00 am - 10:45 am

TUT-M41 - Learning to Speak Crypto
Register Now

Cryptography has become a fundamental technology for ensuring data privacy in business and government applications. An understanding of cryptography is therefore becoming essential for all information security professionals. However, the language and concepts associated with cryptography can seem "cryptic" in themselves. This interactive session will decipher cryptography’s key concepts and terminology as well as address the management and deployment issues associated with today’s implementations of cryptography. It is designed for those with no prior experience in the subject.

Speakers:
Kathy Kriese, Senior Product Manager, Data Security Group, RSA, The Security Division of EMC
Peter Robinson, Principal Software Engineer, Data Security Group, RSA, The Security Division of EMC

11:00 am - 12:45 pm

TUT-M42 - Do You Really Understand Your Data?
Register Now

Most companies do not even understand their data or where and what it is — much less how to protect it. Evolutions in and convergence of content search and tagging, distributed computing, and rule-based control technologies are finally making it possible to automate understanding your data — and thus make automation of data security closer to reality. This session will discuss these technologies and techniques and how they are affecting current approaches to security.

Speakers:
Todd Graham, Senior Technologist, Office of the CTO, RSA, The Security Division of EMC
David How, Director of Product Management, RSA, The Security Division of EMC

1:45 pm - 3:30 pm

TUT-M43 - The Evolution of Authentication 
Register Now

There continues to be an alarming increase in phishing, pharming and fraud attacks as well as identity theft. As the attackers have become more professional and targeted in their attacks, so have the tools designed to detect, defend, and stop them. This session will survey these new tools and techniques, the emergence of new and existing authentication technologies (such as passive authentication and risk-based analytics), and their application to dealing with these types of attacks.

Speakers:
Bill Duane, Technical Director, Office of the CTO, RSA, The Security Division of EMC
Louie Gasparini, Authentication Technologist