By Topic

Security and Privacy, 2002. Proceedings. 2002 IEEE Symposium on

Date 2002

Filter Results

Displaying Results 1 - 23 of 23
  • P5 : a protocol for scalable anonymous communication

    Publication Year: 2002, Page(s):58 - 70
    Cited by:  Papers (39)  |  Patents (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (456 KB) | HTML iconHTML

    We present a protocol for anonymous communication over the Internet. Our protocol, called P5 (peer-to-peer personal privacy protocol) provides sender-, receiver-, and sender-receiver anonymity. P5 is designed to be implemented over current Internet protocols, and does not require any special infrastructure support. A novel feature of P5 is that it allows individual... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Self-healing key distribution with revocation

    Publication Year: 2002, Page(s):241 - 257
    Cited by:  Papers (60)  |  Patents (7)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (543 KB) | HTML iconHTML

    We address the problem of establishing a group key amongst a dynamic group of users over an unreliable, or lossy, network. We term our key distribution mechanisms self-healing because users are capable of recovering lost group keys on their own, without requesting additional transmissions from the group manager thus cutting back on network traffic, decreasing the load on the group manager and redu... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Design of a role-based trust-management framework

    Publication Year: 2002, Page(s):114 - 130
    Cited by:  Papers (108)  |  Patents (12)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (506 KB) | HTML iconHTML

    We introduce the RT framework, a family of role-based trust management languages for representing policies and credentials in distributed authorization. RT combines the strengths of role-based access control and trust-management systems and is especially suitable for attribute-based access control. Using a few simple credential forms, RT provides localized authority over roles, delegation in role ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Constrained delegation

    Publication Year: 2002, Page(s):131 - 140
    Cited by:  Papers (10)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (389 KB) | HTML iconHTML

    Sometimes it is useful to be able to separate management of a set of resources, and access to the resources themselves. However, current accounts of delegation do not allow such distinctions to be easily made. We introduce a new model for delegation to address this issue. The approach is based on the idea of controlling the possible shapes of delegation chains. We use constraints to restrict the c... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Statistical identification of encrypted Web browsing traffic

    Publication Year: 2002, Page(s):19 - 30
    Cited by:  Papers (48)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (667 KB) | HTML iconHTML

    Encryption is often proposed as a tool for protecting the privacy of World Wide Web browsing. However, encryption-particularly as typically implemented in, or in concert with popular Web browsers-does not hide all information about the encrypted plaintext. Specifically, HTTP object count and sizes are often revealed (or at least incompletely concealed). We investigate the identifiability of World ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Partitioning attacks: or how to rapidly clone some GSM cards

    Publication Year: 2002, Page(s):31 - 41
    Cited by:  Papers (14)  |  Patents (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (546 KB) | HTML iconHTML

    In this paper, we introduce a new class of side-channel attacks called partitioning attacks. We have successfully launched a version of the attack on several implementations of COMP128, the popular GSM authentication algorithm that has been deployed by different service providers in several types of SIM cards, to retrieve the 128 bit key using as few as 8 chosen plaintexts. We show how partitionin... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Alert correlation in a cooperative intrusion detection framework

    Publication Year: 2002, Page(s):202 - 215
    Cited by:  Papers (128)  |  Patents (15)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (394 KB) | HTML iconHTML

    This paper presents the work we have done within the MIRADOR project to design CRIM, a cooperative module for intrusion detection systems (IDS). This module implements functions to manage, cluster, merge and correlate alerts. The clustering and merging functions recognize alerts that correspond to the same occurrence of an attack and create a new alert that merge data contained in these various al... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Efficient multicast packet authentication using signature amortization

    Publication Year: 2002, Page(s):227 - 240
    Cited by:  Papers (22)  |  Patents (4)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (426 KB) | HTML iconHTML

    We describe a novel method for authenticating multicast packets that is robust against packet loss. Our main focus is to minimize the size of the communication overhead required to authenticate the packets. Our approach is to encode the hash values and the signatures with Rabin's Information Dispersal Algorithm (IDA) to construct an authentication scheme that amortizes a single signature operation... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Using programmer-written compiler extensions to catch security holes

    Publication Year: 2002, Page(s):143 - 159
    Cited by:  Papers (30)  |  Patents (20)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (586 KB) | HTML iconHTML

    This paper shows how system-specific static analysis can find security errors that violate rules such as "integers from untrusted sources must be sanitized before use" and "do not dereference user-supplied pointers." In our approach, programmers write system-specific extensions that are linked into the compiler and check their code for errors. We demonstrate the approach's effectiveness by using i... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Noninterference and intrusion detection

    Publication Year: 2002, Page(s):177 - 187
    Cited by:  Papers (9)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (340 KB) | HTML iconHTML

    This paper presents an intrusion detection methodology based on the concept of noninterference for detecting race-condition attacks. In general, this type of attack occurs when an unprivileged process causes a privileged process to perform illegal operations by executing strategic operations in the appropriate timing window. We apply the noninterference model in a novel way that allows us to forma... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Methods and limitations of security policy reconciliation

    Publication Year: 2002, Page(s):73 - 87
    Cited by:  Papers (4)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (604 KB) | HTML iconHTML

    A security policy is a means by which participant session requirements are specified. However, existing frameworks provide limited facilities for the automated reconciliation of participant policies. This paper considers the limits and methods of reconciliation in a general-purpose policy model. We identify an algorithm for efficient two-policy reconciliation, and show that, in the worst-case, rec... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Collaborative filtering with privacy

    Publication Year: 2002, Page(s):45 - 57
    Cited by:  Papers (68)  |  Patents (10)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (384 KB) | HTML iconHTML

    Server-based collaborative filtering systems have been very successful in e-commerce and in direct recommendation applications. In future, they have many potential applications in ubiquitous computing settings. But today's schemes have problems such as loss of privacy, favoring retail monopolies, and with hampering diffusion of innovations. We propose an alternative model in which users control al... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Intrusion-tolerant Enclaves

    Publication Year: 2002, Page(s):216 - 224
    Cited by:  Papers (5)  |  Patents (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (384 KB) | HTML iconHTML

    Despite our best efforts, any sufficiently complex computer system has vulnerabilities. It is safe to assume that such vulnerabilities can be exploited by attackers who will be able to penetrate the system. Intrusion tolerance attempts to maintain acceptable service despite such intrusions. This paper presents an application of intrusion-tolerance concepts to Enclaves, a software infrastructure fo... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Automated generation and analysis of attack graphs

    Publication Year: 2002, Page(s):273 - 284
    Cited by:  Papers (202)  |  Patents (12)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1326 KB) | HTML iconHTML

    An integral part of modeling the global view of network security is constructing attack graphs. Manual attack graph construction is tedious, error-prone, and impractical for attack graphs larger than a hundred nodes. In this paper we present an automated technique for generating and analyzing attack graphs. We base our technique on symbolic model checking algorithms, letting us construct attack gr... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • "Why 6?" Defining the operational limits of stide, an anomaly-based intrusion detector

    Publication Year: 2002, Page(s):188 - 201
    Cited by:  Papers (19)  |  Patents (12)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (539 KB) | HTML iconHTML

    Anomaly-detection techniques have considerable promise for two difficult and critical problems in information security and intrusion detection: detecting novel attacks, and detecting masqueraders. One of the best-known anomaly detectors used in intrusion detection is stide. Developed at the University of New Mexico, stide aims to detect attacks that exploit processes that run with root privileges.... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Expander graphs for digital stream authentication and robust overlay networks

    Publication Year: 2002, Page(s):258 - 270
    Cited by:  Papers (14)  |  Patents (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (478 KB) | HTML iconHTML

    We use expander graphs to provide efficient new constructions for two security applications: authentication of long digital streams over lossy networks and building scalable, robust overlay networks. Here is a summary of our contributions: (1) To authenticate long digital streams over lossy networks, we provide a construction with a provable lower bound on the ability to authenticate a packet - an... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Improving computer security using extended static checking

    Publication Year: 2002, Page(s):160 - 173
    Cited by:  Papers (19)  |  Patents (17)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (355 KB) | HTML iconHTML

    We describe a method for finding security flaws in source code by way of static analysis. The method is notable because it allows a user to specify a wide range of security properties while also leveraging a set of predefined common flaws. It works by using an automated theorem prover to analyze verification conditions generated from C source code and a set of specifications that define security p... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Stateful intrusion detection for high-speed network's

    Publication Year: 2002, Page(s):285 - 293
    Cited by:  Papers (42)  |  Patents (6)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (334 KB) | HTML iconHTML

    As networks become faster there is an emerging need for security, analysis techniques that can keep up with the increased network throughput. Existing network-based intrusion detection sensors can barely, keep up with bandwidths of a few hundred Mbps. Analysis tools that can deal with higher throughput are unable to maintain state between different steps of an attack or they are limited to the ana... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Optical time-domain eavesdropping risks of CRT displays

    Publication Year: 2002, Page(s):3 - 18
    Cited by:  Papers (24)  |  Patents (3)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (601 KB) | HTML iconHTML

    A new eavesdropping technique can be used to read cathode-ray tube (CRT) displays at a distance. The intensity of the light emitted by a raster-scan screen as a function of time corresponds to the video signal convolved with the impulse response of the phosphors. Experiments with a typical personal computer color monitor show that enough high-frequency content remains in the emitted light to permi... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Binder, a logic-based security language

    Publication Year: 2002, Page(s):105 - 113
    Cited by:  Papers (29)  |  Patents (12)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (365 KB) | HTML iconHTML

    We introduce the concept of a security language, used to express security statements in a distributed system. Most existing security languages encode security statements as schematized data structures, such as ACLs and X.509 certificates. In contrast, Binder is an open logic-based security language that encodes security statements as components of communicating distributed logic programs. Binder p... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • On the composition of secure systems

    Publication Year: 2002, Page(s):88 - 101
    Cited by:  Papers (14)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (473 KB) | HTML iconHTML

    When complex systems are constructed from simpler components it is important to know how properties of the components behave under composition. We present various compositionality results for security properties. In particular we introduce a novel security property and show that this property is, in general, composable although it is weaker than forward correctability. Moreover we demonstrate that... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Proceedings 2002 IEEE Symposium on Security and Privacy

    Publication Year: 2002
    Request permission for commercial reuse | PDF file iconPDF (245 KB)
    Freely Available from IEEE
  • Author index

    Publication Year: 2002, Page(s): 295
    Request permission for commercial reuse | PDF file iconPDF (182 KB)
    Freely Available from IEEE