By Topic

Security and Privacy, 1999. Proceedings of the 1999 IEEE Symposium on

Date 14-14 May 1999

Filter Results

Displaying Results 1 - 25 of 28
  • Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344)

    Publication Year: 1999
    Request permission for commercial reuse | PDF file iconPDF (192 KB)
    Freely Available from IEEE
  • Index of authors

    Publication Year: 1999, Page(s): 243
    Request permission for commercial reuse | PDF file iconPDF (73 KB)
    Freely Available from IEEE
  • Twenty year time capsule panel the future of networking

    Publication Year: 1999
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (8 KB)

    The paper considers how one score hence will be an era of communication networks that will affect the lives of most of the people on the planet and will affect those in the developed countries profoundly. Communications technology is tightly bound with the development of society and culture, and the coming changes in network speed and availability will drive changes in the way we perceive the worl... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Twenty years of evaluation criteria and commercial technology

    Publication Year: 1999, Page(s):111 - 112
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (20 KB)

    The major source of progress in computer security products during the last twenty years (1980-99) has been the Internet revolution of the mid-nineties. Evaluation criteria and processes have provided users with some characterization of the security attributes of operating system products. The newly developed Common Criteria show promise of offering more timely and relevant evaluation results. Howe... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Verification of control flow based security properties

    Publication Year: 1999, Page(s):89 - 103
    Cited by:  Papers (10)  |  Patents (7)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (164 KB)

    A fundamental problem in software based security is whether local security checks inserted into the code are sufficient to implement a global security property. We introduce a formalism based on a two-level linear time temporal logic for specifying global security properties pertaining to the control flow of the program, and illustrate its expressive power with a number of existing properties. We ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • 20 years of operating systems security

    Publication Year: 1999, Page(s):108 - 110
    Cited by:  Papers (2)  |  Patents (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (24 KB)

    The author presents some highlights of two areas of operating systems security that figured prominently in some of the best research in the areas of security and privacy over the past twenty years (1980-99). He examines the following: reference monitors and trusted computing bases, and intrusion detection View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Firmato: a novel firewall management toolkit

    Publication Year: 1999, Page(s):17 - 31
    Cited by:  Papers (41)  |  Patents (6)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (168 KB)

    In recent years, packet filtering firewalls have seen some impressive technological advances (e.g., stateful inspection, transparency, performance, etc.) and widespread deployment. In contrast, firewall and security management technology is lacking. We present Firmato, a firewall management toolkit, with the following distinguishing properties and components: (1) an entity relationship model conta... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The future is not assured-but it should be

    Publication Year: 1999, Page(s):240 - 241
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (16 KB)

    Twenty years from now there will still be software security-enhanced applications vulnerable to buffer overflow problems. These products should not be called secure, but will be sold as such. Twenty years from now there will still be security-enhanced operating systems that will crash when applications misbehave. They will not be secure either. The author considers how we will have sufficient func... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A user-centered, modular authorization service built on an RBAC foundation

    Publication Year: 1999, Page(s):57 - 71
    Cited by:  Papers (17)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (172 KB)

    Psychological acceptability has been mentioned as a requirement for secure systems for as long as least privilege and fail safe defaults, but until now has been all but ignored in the actual design of secure systems. We place this principle at the center of our design for Adage, an authorization service for distributed applications. We employ usability design techniques to specify and test the fea... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Twenty years of cryptography in the open literature

    Publication Year: 1999, Page(s):106 - 107
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (16 KB)

    The paper concentrates on the real world problems created in the last two decades (1973-99) by cryptographers who publish in the open literature, and also mentions what gave rise to these problems-the solutions we gave to various theoretical problems, often of our own posing. For the last twenty years (1980-99), the annual IEEE Symposia on Security and Privacy have provided us with a stimulating a... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Hardening COTS software with generic software wrappers

    Publication Year: 1999, Page(s):2 - 16
    Cited by:  Papers (7)  |  Patents (52)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (256 KB)

    Numerous techniques exist to augment the security functionality of commercial off-the-shelf (COTS) applications and operating systems, making them more suitable for use in mission-critical systems. Although individually useful, as a group these techniques present difficulties to system developers because they are not based on a common framework which might simplify integration and promote portabil... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The hardware environment

    Publication Year: 1999
    Cited by:  Patents (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (12 KB)

    The paper considers how security protocols are as they are in part because of the hardware environment in which they are expected to function. Expectations were set nearly twenty years ago, when communications were very unreliable and slow, when reliable sources of time were most unusual, when encryption was extremely slow, when memories and disks were small and slow. In consequence protocol desig... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • 20 years of covert channel modeling and analysis

    Publication Year: 1999, Page(s):113 - 114
    Cited by:  Papers (15)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (20 KB)

    Covert channels emerged in mystery and departed in confusion. Covert channels are a means of communication between two processes that are not permitted to communicate, but do so anyway, a few bits at a time, by affecting shared resources. Information hiding is slightly different: the two communicating parties are allowed to talk, but the content is censored and restricted to certain subjects. The ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Network security: then and now or 20 years in 10 minutes

    Publication Year: 1999
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (12 KB)

    Summary form only given. The history of network security is outlined by looking at technology in 1979 and comparing it with that of 1999. The following areas are included: crypto based net security; access control and authentication; and security protocols View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Local reconfiguration policies

    Publication Year: 1999, Page(s):48 - 56
    Cited by:  Papers (6)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (136 KB)

    Survivable systems are modelled abstractly as collections of services supported by any of a set of configurations of components. Reconfiguration to restore services as a result of component failure is viewed as a kind of “flow” analogous to information flow. We apply C. Meadows' (1990) theorem on datset aggregates to characterize the maximum safe flow policy for distributed systems. Fo... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Software smart cards via cryptographic camouflage

    Publication Year: 1999, Page(s):208 - 215
    Cited by:  Papers (6)  |  Patents (13)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (72 KB)

    A sensitive point in public key cryptography is how to protect the private key. We outline a method of protecting private keys using cryptographic camouflage. Specifically, we do not encrypt the private key with a password that is too long for exhaustive attack. Instead, we encrypt it so that only one password will decrypt it correctly, but many passwords will decrypt it to produce a key that look... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Analysis of the Internet Key Exchange protocol using the NRL Protocol Analyzer

    Publication Year: 1999, Page(s):216 - 231
    Cited by:  Papers (17)  |  Patents (3)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (280 KB)

    We show how the NRL Protocol Analyzer, a special-purpose formal methods tool designed for the verification of cryptographic protocols, was used in the analysis of the Internet Key Exchange (IKE) protocol. We describe some of the challenges we faced in analyzing IKE, which specifies a set of closely related subprotocols, and we show how this led to a number of improvements to the Analyzer. We also ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Flexible policy-directed code safety

    Publication Year: 1999, Page(s):32 - 45
    Cited by:  Papers (24)  |  Patents (30)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (132 KB)

    The article introduces a new approach to code safety. We present Naccio, a system architecture that allows a large class of safety policies to be expressed in a general and platform-independent way. Policies are defined in terms of abstract resource manipulations. We describe mechanisms that can be used to efficiently and conveniently enforce these safety policies by transforming programs. We are ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Specification and enforcement of classification and inference constraints

    Publication Year: 1999, Page(s):181 - 195
    Cited by:  Papers (4)  |  Patents (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (228 KB)

    Although mandatory access control in database systems has been extensively studied in recent years, and several models and systems have been proposed, capabilities for enforcement of mandatory constraints remain limited. Lack of support for expressing and combating inference channels that improperly leak protected information remains a major limitation in today's multilevel systems. Moreover the w... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Software technology of the future

    Publication Year: 1999, Page(s):237 - 238
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (8 KB)

    The challenge for the future is to create software systems which interact with their environment. The key feature of such systems will be their ability to adapt their own behaviors to the variety of conditions presented by the harsh environment in which they function. The runtime environment of a self-adaptive system will include descriptions of the purposes and goals of its components, alternativ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A multi-threading architecture for multilevel secure transaction processing

    Publication Year: 1999, Page(s):166 - 180
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (108 KB)

    A TCB and security kernel architecture for supporting multi-threaded, queue-driven transaction processing applications in a multilevel secure environment is presented. Our design exploits hardware security features of the Intel 80×86 processor family. Intel's CPU architecture provides hardware with two distinct descriptor tables. We use one of these in the usual way for process isolation. Fo... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Twenty years of formal methods

    Publication Year: 1999, Page(s):115 - 116
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (76 KB)

    Following Godel, consider a formal mathematical system to be a system of symbols together with rules for employing them (K. Godel, 1965). The rules may be formation rules (stipulating the strings of symbols that constitute well formed formulae), proof rules (stipulating the strings of formulae that constitute proofs), or semantic rules (mapping formulae into an algebraic domain). The rules must be... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A test for non-disclosure in security level translations

    Publication Year: 1999, Page(s):196 - 206
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (96 KB)

    Two security domains that want to exchange information securely may need to agree on translations of mandatory access control (MAC) labels of their information, if their MAC labels have a different syntax or semantics. It is desirable that these translations do not introduce any confidentiality violations. We present a property, the security level translation property (SLTP), which must hold if th... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A data mining framework for building intrusion detection models

    Publication Year: 1999, Page(s):120 - 132
    Cited by:  Papers (138)  |  Patents (12)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (184 KB)

    There is often the need to update an installed intrusion detection system (IDS) due to new attack methods or upgraded computing environments. Since many current IDSs are constructed by manual encoding of expert knowledge, changes to IDSs are expensive and slow. We describe a data mining framework for adaptively building Intrusion Detection (ID) models. The central idea is to utilize auditing progr... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Detecting intrusions using system calls: alternative data models

    Publication Year: 1999, Page(s):133 - 145
    Cited by:  Papers (206)  |  Patents (40)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (176 KB)

    Intrusion detection systems rely on a wide variety of observable data to distinguish between legitimate and illegitimate activities. We study one such observable-sequences of system calls into the kernel of an operating system. Using system-call data sets generated by several different programs, we compare the ability of different data modeling methods to represent normal behavior accurately and t... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.