By Topic

Security and Privacy, 1998. Proceedings. 1998 IEEE Symposium on

Date 6-6 May 1998

Filter Results

Displaying Results 1 - 21 of 21
  • Proceedings. 1998 IEEE Symposium on Security and Privacy (Cat. No.98CB36186)

    Publication Year: 1998
    Request permission for commercial reuse | PDF file iconPDF (167 KB)
    Freely Available from IEEE
  • Author index

    Publication Year: 1998, Page(s): 225
    Request permission for commercial reuse | PDF file iconPDF (59 KB)
    Freely Available from IEEE
  • On enabling secure applications through off-line biometric identification

    Publication Year: 1998, Page(s):148 - 157
    Cited by:  Papers (106)  |  Patents (59)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (120 KB)

    In developing secure applications and systems, designers must often incorporate secure user identification in the design specification. In this paper, we study secure off-line authenticated user identification schemes based on a biometric system that can measure a user's biometrics accurately (up to some Hamming distance). The presented schemes enhance identification and authorization in secure ap... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Partial security policies to support timeliness in secure real-time databases

    Publication Year: 1998, Page(s):136 - 147
    Cited by:  Papers (7)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (52 KB)

    Conflicts in database systems with both real-time and security requirements can be unresolvable. We address this issue by allowing a database system to provide partial security in order to improve real-time performance when necessary. Systems that are partially secure allow potential security violations such as covert channel use in certain situations. We present the idea of requirement specificat... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Timing attacks against trusted path

    Publication Year: 1998, Page(s):125 - 134
    Cited by:  Papers (4)  |  Patents (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (152 KB)

    Presents new attacks against a user workstation's trusted path mechanism. These timing attacks can cause a user's password to leak bits. The timing attacks can then be combined with network authentication protocol brute-force attacks against the remainder of the key space to obtain the user's password. We present several countermeasures against this attack. We also define a property of user system... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Detecting disruptive routers: a distributed network monitoring approach

    Publication Year: 1998, Page(s):115 - 124
    Cited by:  Papers (36)  |  Patents (25)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (272 KB)

    An attractive target for a computer system attacker is the router. An attacker in control of a router can disrupt communication by dropping or misrouting packets passing through the router. We present a protocol called WATCHERS that detects and reacts to routers that drop or misroute packets. WATCHERS is based on the principle of conservation of flow in a network: all data bytes sent into a node, ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Stack and queue integrity on hostile platforms

    Publication Year: 1998, Page(s):198 - 206
    Cited by:  Papers (3)  |  Patents (20)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (296 KB)

    When computationally intensive tasks have to be carried out on trusted, but limited, platforms such as smart cards, it becomes necessary to compensate for the limited resources (memory, CPU speed) by off-loading implementations of data structures on to an available (but insecure, untrusted) fast co-processor. However, data structures such as stacks, queues, RAMs and hash tables can be corrupted (a... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • An automated approach for identifying potential vulnerabilities in software

    Publication Year: 1998, Page(s):104 - 114
    Cited by:  Papers (21)  |  Patents (11)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (252 KB)

    The paper presents results from analyzing the vulnerability of security-critical software applications to malicious threats and anomalous events using an automated fault injection analysis approach. The work is based on the well understood premise that a large proportion of security violations result from errors in software source code and configuration. The methodology employs software fault inje... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Understanding Java stack inspection

    Publication Year: 1998, Page(s):52 - 63
    Cited by:  Papers (25)  |  Patents (5)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (100 KB)

    Current implementations of Java make security decisions by searching the runtime call stack. These systems have attractive security properties, but they have been criticized as being dependent on specific artifacts of the Java implementation. The paper models the stack inspection algorithm in terms of a well understood logic for access control and demonstrates how stack inspection is a useful tool... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Complete, safe information flow with decentralized labels

    Publication Year: 1998, Page(s):186 - 197
    Cited by:  Papers (28)  |  Patents (9)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (148 KB)

    The growing use of mobile code in downloaded applications and servlets has increased interest in robust mechanisms for ensuring privacy and secrecy. Information flow control is intended to directly address privacy and secrecy concerns, but most information flow models are too restrictive to be widely used. The decentralized label model is a new information flow model that extends traditional model... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Asynchronous protocols for optimistic fair exchange

    Publication Year: 1998, Page(s):86 - 99
    Cited by:  Papers (58)  |  Patents (13)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (272 KB)

    The optimistic approach of involving a third party only in the case of exceptions is a useful technique to build secure, yet practical fair exchange protocols. Previous solutions using this approach implicitly assumed that players had reliable communication channels to the third party. We present a set of optimistic fair exchange protocols which tolerate temporary failures in the communication cha... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Secure execution of Java applets using a remote playground

    Publication Year: 1998, Page(s):40 - 51
    Cited by:  Papers (7)  |  Patents (5)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (224 KB)

    Mobile code presents a number of threats to machines that execute it. We introduce an approach for protecting machines and the resources they hold from mobile code, and describe a system based on our approach for protecting host machines from Java 1.1 applets. In our approach, each Java applet downloaded to the protected domain is rerouted to a dedicated machine (or set of machines), the playgroun... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • On the formal definition of separation-of-duty policies and their composition

    Publication Year: 1998, Page(s):172 - 183
    Cited by:  Papers (49)  |  Patents (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1540 KB)

    Formally defines a wide variety of separation-of-duty (SoD) properties, including the best known to date, and establishes their relationships within a formal model of role-based access control (RBAC). The formalism helps to remove all the ambiguities of informal definition and offers a wide choice of implementation strategies. We also explore the composability of SoD properties and policies under ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Towards mobile cryptography

    Publication Year: 1998, Page(s):215 - 224
    Cited by:  Papers (66)  |  Patents (5)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (104 KB)

    Mobile code technology has become a driving force for recent advances in distributed systems. The concept of the mobility of executable code raises major security problems. In this paper, we deal with the protection of mobile code from possibly malicious hosts. We conceptualize the specific cryptographic problems posed by mobile code, and we are able to provide a solution for some of these problem... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Efficient and practical fair exchange protocols with off-line TTP

    Publication Year: 1998, Page(s):77 - 85
    Cited by:  Papers (40)  |  Patents (4)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (216 KB)

    We present protocols for fair exchange of electronic data (digital signatures, payment and confidential data) between two parties A and B. Novel properties of the proposed protocols include: 1) offline trusted third party (TTP), i.e., TTP does not take part in the exchange unless one of the parties behaves improperly; 2) only three message exchanges are required in the normal situation; 3) true fa... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Composing partially-specified systems

    Publication Year: 1998, Page(s):27 - 37
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (204 KB)

    Many representations of secure systems rely on implicit assumptions about the desired behaviour of the environment. We introduce a means of explicitly representing and evaluating these assumptions within a system specification. This is based on the identification of the safeguards to protect the system by implementing or enforcing these assumptions. These assumptions correspond to vulnerabilities ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Strand spaces: why is a security protocol correct?

    Publication Year: 1998, Page(s):160 - 171
    Cited by:  Papers (54)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (140 KB)

    A strand is a sequence of events; it represents either the execution of an action by a legitimate party in a security protocol or else a sequence of actions by a penetrator. A strand space is a collection of strands, equipped with a graph structure generated by causal interaction. In this framework, protocol correctness claims may be expressed in terms of the connections between strands of differe... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Necessity and realization of universally verifiable secret sharing

    Publication Year: 1998, Page(s):208 - 214
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (180 KB)

    Argues the necessity of universally verifiable secret sharing for secrets as individual users' cryptographic keys, and proposes protocols to realize such secret sharing for two most common public-key cryptosystems: discrete logarithm-based and integer factorization-based. The universal verifiability achieves the sharing of secrets with multiple third parties as shareholders using two-party protoco... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Efficient key distribution for slow computing devices: achieving fast over the air activation for wireless systems

    Publication Year: 1998, Page(s):66 - 76
    Cited by:  Papers (3)  |  Patents (13)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (188 KB)

    Any system which contains some form of cryptographic authentication, confidentiality and/or identification requires the provisioning of a secure key generation and distribution capability. The key distribution mechanism for wireless cellular systems, such as IS-95 CDMA, IS-136 TDMA and IS-91 Analog, has recently been investigated by the Telephone Industry Association's standards working groups. Th... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Access control in an open distributed environment

    Publication Year: 1998, Page(s):3 - 14
    Cited by:  Papers (20)  |  Patents (23)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (204 KB)

    We describe an architecture for secure, independent, interworking services (Oasis). Each service is made responsible for the classification of its clients into named roles, using a formal logic to specify precise conditions for entering each role. A client becomes authenticated by presenting credentials to a service that enable the service to prove that the client conforms to its policy for entry ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Ensuring continuity during dynamic security policy reconfiguration in DTE

    Publication Year: 1998, Page(s):15 - 26
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (232 KB)

    Operating system kernels capable of simultaneously enforcing multiple security policies provide economic benefits over those that cannot: they allow a single kernel to concurrently provide its costly or unique resources to a number of projects, each with its own individual security requirements. The additional ability to dynamically reconfigure its policy during run time allows a kernel to take on... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.