Proceedings 1993 IEEE Computer Society Symposium on Research in Security and Privacy

24-26 May 1993

Filter Results

Displaying Results 1 - 18 of 18
  • Proceedings of IEEE Symposium on Research in Security and Privacy

    Publication Year: 1993
    Request permission for commercial reuse | PDF file iconPDF (52 KB)
    Freely Available from IEEE
  • Preventing denial and forgery of causal relationships in distributed systems

    Publication Year: 1993, Page(s):30 - 40
    Cited by:  Papers (7)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (880 KB)

    In a distributed system, it is often important to detect the causal relationships between events, where event e1 is causally before event e2 if e1 happened before e 2 and could possibly have affected the occurrence of e2 . The authors argue that detecting causal relationships among events can be important for security, in the sense that it may... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A logical analysis of authorized and prohibited information flows

    Publication Year: 1993, Page(s):100 - 109
    Cited by:  Papers (4)  |  Patents (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (772 KB)

    In reasoning about security policy based on information flow control, two different points of view can be adopted depending on whether explicit permissions or explicit prohibitions are being dealt with. In both cases, an epistemic and deontic logic is used to formally define information a subject is permitted to know. Then it is shown that the causality property can be derived from the explicit pe... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Protocol design for integrity protection

    Publication Year: 1993, Page(s):41 - 53
    Cited by:  Papers (3)  |  Patents (4)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1060 KB)

    The authors present a design method for message integrity protection. They illustrate the use of the method by designing large classes of message types whose integrity is provably preserved and by applying the method to the symmetric key option of the privacy-enhanced electronic mail protocol to help discover and eliminate an integrity vulnerability. The method is independent of the specific encry... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The cascade vulnerability problem

    Publication Year: 1993, Page(s):110 - 116
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (512 KB)

    A cascade problem exists in a network of computers when data of a security level d can be passed to a user with a lower security clearance u elsewhere on the network without having to defeat any single component of the system that has an accreditation range great enough to allow users of level u and data of level d on a single system. An algorithm of time comple... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Authentication method with impersonal token cards

    Publication Year: 1993, Page(s):56 - 65
    Cited by:  Papers (4)  |  Patents (12)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (728 KB)

    The authors describe a novel authentication method whereby the fixed relationship between the user and the device is avoided. They present a method whereby the authentication device, which is a token card, is used solely to provide a secure channel between a human user and an authentication server. Since the communication channel is secured by the card, the user can still utilize weak secrets such... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A model of atomicity for multilevel transactions

    Publication Year: 1993, Page(s):120 - 134
    Cited by:  Papers (3)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1016 KB)

    Data management applications that use multilevel database management system (DBMS) capabilities have the requirement to read and write objects at multiple levels within the bounds of a multilevel transaction. The authors define a new notion of atomicity that is meaningful within the constraints of the multilevel environment. They offer a model of multilevel atomicity that defines varying degrees o... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Interconnecting domains with heterogeneous key distribution and authentication protocols

    Publication Year: 1993, Page(s):66 - 79
    Cited by:  Patents (5)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (956 KB)

    A number of mechanisms are described that can be used in the design of a protocol converter for authentication and key distribution protocols. First, the scope of the mechanisms is defined. The authors outline the class of authentication systems that were considered during the design of the mechanisms. A first mechanism, based on proxies and a synchronization protocol, allows for a transparent pro... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Achieving stricter correctness requirements in multilevel secure databases

    Publication Year: 1993, Page(s):135 - 147
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (872 KB)

    The concurrency control protocol that has been implemented in the commercially available Trusted Oracle multilevel secure database management system (DBMS) generates histories that are level-wise serializable. Level-wise serializability suffers from the inconsistent retrieval problems which may seriously harm database integrity. The authors show that it is possible to meet stricter correctness cri... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Measuring and modeling computer virus prevalence

    Publication Year: 1993, Page(s):2 - 15
    Cited by:  Papers (94)  |  Patents (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1196 KB)

    To understand the current extent of the computer virus problem and predict its future course, the authors have conducted a statistical analysis of computer virus incidents in a large, stable sample population of PCs and developed new epidemiological models of computer virus spread. Only a small fraction of all known viruses have appeared in real incidents, partly because many viruses are below the... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Modelling a fuzzy time system

    Publication Year: 1993, Page(s):82 - 89
    Cited by:  Papers (5)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (668 KB)

    The author gives an analysis of the fuzzy time covert channel reduction technique developed at the Digital Equipment Corporation (DEC) and applied to the VAX security kernel for both a single computer system and a network of hosts. Specifically, he investigates covert channels in a model of a fuzzy time system and in a network model of n fuzzy time hosts and one nonfuzzy time host. The fu... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Trust relationships in secure systems-a distributed authentication perspective

    Publication Year: 1993, Page(s):150 - 164
    Cited by:  Papers (68)  |  Patents (6)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1164 KB)

    The notion of trust is fundamental in inter-domain authentication protocols. The goal is to develop an effective formalism for explicit expressions of trust relations between entities involved in authentication protocols. Different relevant types of trust are identified and classified. A formalism for expressing trust relations is presented along with an algorithm for deriving trust relations from... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • USTAT: a real-time intrusion detection system for UNIX

    Publication Year: 1993, Page(s):16 - 28
    Cited by:  Papers (49)  |  Patents (13)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (892 KB)

    The author presents the design and implementation of a real-time intrusion detection tool, called USTAT, a state transition analysis tool for UNIX. This is a UNIX-specific implementation of a generic design developed by A. Porras and R.A. Kemmerer (1992) as STAT, a state transition analysis tool. State transition analysis is a new approach to representing computer penetrations. In STAT, a penetrat... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • On introducing noise into the bus-contention channel

    Publication Year: 1993, Page(s):90 - 98
    Cited by:  Papers (20)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (724 KB)

    The author explores two approaches to introducing noise into the bus-contention channel: an existing approach called fuzzy time, and a novel approach called probabilistic partitioning. He compares the two approaches in terms of the impact on covert channel capacity, the impact on performance, the amount of random data needed, and their suitability for various applications. For probabilistic partit... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Assuring Distributed Trusted Mach

    Publication Year: 1993, Page(s):206 - 217
    Cited by:  Papers (11)  |  Patents (18)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1216 KB)

    Distributed Trusted Mach (DTMach) is an operating system designed by Secure Computing Corporation. The goal of the project is to use the Mach 3.0 kernel as the base for a secure, distributed system. As a first step in developing the DTMach security policy, a categorization of general security concerns was constructed. Concerns that were not adequately addressed by the Mach 3.0 kernel indicated pot... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Detection and elimination of inference channels in multilevel relational database systems

    Publication Year: 1993, Page(s):196 - 205
    Cited by:  Papers (15)  |  Patents (3)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (952 KB)

    Multilevel relational database systems store information at different security classifications. An inference problem exists if it is possible for a user with a low-level clearance to draw conclusions about information at higher classifications. The authors are developing DISSECT, a tool for analyzing multilevel relational database schemas to assist in the detection and elimination of inference pro... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A semantic model for authentication protocols

    Publication Year: 1993, Page(s):178 - 194
    Cited by:  Papers (74)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1112 KB)

    The authors specify authentication protocols as formal objects with precise syntax and semantics, and define a semantic model that characterizes protocol executions. They have identified two basic types of correctness properties, namely, correspondence and secrecy; that underlie the correctness concerns of authentication protocols. Assertions for specifying these properties, and a formal semantics... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A logical language for specifying cryptographic protocol requirements

    Publication Year: 1993, Page(s):165 - 177
    Cited by:  Papers (13)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1104 KB)

    A formal language is presented for specifying and reasoning about cryptographic protocol requirements. Examples of simple sets of requirements in that language are given. The authors examine two versions of a protocol that might meet those requirements and show how to specify them in the language of the NRL Protocol Analyzer. They also show how to map one of the sets of formal requirements to the ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.