By Topic

IEEE Security & Privacy

Issue 1 • Date Jan.-Feb. 2003

Filter Results

Displaying Results 1 - 17 of 17
  • Legal battle looming for internet protections acts

    Publication Year: 2003, Page(s):10 - 12
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (791 KB) | HTML iconHTML

    First Page of the Article
    View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Two views on security software liability. Let the legal system decide

    Publication Year: 2003, Page(s):70 - 72
    Cited by:  Papers (7)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (205 KB) | HTML iconHTML

    Rather than use the product liability screwdriver as a chisel, why not consider a package of more effective tools. Corporations and individuals that market software despite knowledge of software security flaws should face criminal prosecution as well as civil lawsuits with punitive damages. Perhaps bounties should be available for the first to discover and establish the existence of a security fla... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • We are all security consumers

    Publication Year: 2003, Page(s): 104
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (172 KB) | HTML iconHTML

    First Page of the Article
    View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Two views on security software liability: Using the right legal tools

    Publication Year: 2003, Page(s):73 - 75
    Cited by:  Papers (4)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1772 KB) | HTML iconHTML

    First Page of the Article
    View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • What is computer security?

    Publication Year: 2003, Page(s):67 - 69
    Cited by:  Papers (25)  |  Patents (4)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (512 KB)

    Computer and network security, or cybersecurity, are critical issues. But merely protecting the systems that hold data about citizens, corporations, and government agencies it is not enough. The infrastructure of networks, routers, domain name servers, and switches that glue these systems together must not fail, or computers will no longer be able to communicate accurately or reliably. Given the m... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Software security for open-source systems

    Publication Year: 2003, Page(s):38 - 45
    Cited by:  Papers (18)  |  Patents (3)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (452 KB) | HTML iconHTML

    Debate over whether open-source software development leads to more or less secure software has raged for years. Neither is intrinsically correct: open-source software gives both attackers and defenders greater power over system security. Fortunately, several security-enhancing technologies for open-source systems can help defenders improve their security. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Fairy dust, secrets, and the real world [computer security]

    Publication Year: 2003, Page(s):89 - 93
    Cited by:  Papers (6)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (228 KB) | HTML iconHTML

    Computation must exist in the physical world. Security designs that require secrets must hide and use them in the real world. Unfortunately, the real world offers more paths to secret storage and more observable computational artifacts than these security designs anticipate. Careful integration of physical defenses and security architecture can sometimes succeed against the adversary class designe... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • International participation. The continuing march toward security and privacy

    Publication Year: 2003, Page(s):79 - 81
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (241 KB) | HTML iconHTML

    To create a future with improved prospects for dealing with security and privacy, nations will have to reach agreement on many issues, including Banking and financial services; privacy laws related to sensitive data such as healthcare information; intellectual property (IP) rights, their reasonable protection, and the significant challenge of achieving international agreement on an enforceable set... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • AI bites man? [science fiction stories]

    Publication Year: 2003, Page(s):63 - 66
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (208 KB) | HTML iconHTML

    In future installments of this department we'll look at the important writers, thinkers, works, and ideas in speculative fiction that have got us thinking about the way technological change could affect our lives. This is not to imply that science fiction writers represent a particularly prescient bunch-I think the norm is ray guns and spaceships-but when they're good, they're very good. And whate... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The dangers of mitigating security design flaws: a wireless case study

    Publication Year: 2003, Page(s):28 - 36
    Cited by:  Papers (5)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (343 KB) | HTML iconHTML

    Mitigating design flaws often provides the only means to protect legacy equipment, particularly in wireless local area networks. A synchronous active attack against the wired equivalent privacy protocol demonstrates how mitigating one flaw or attack can facilitate another. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Validation of sensor alert correlators

    Publication Year: 2003, Page(s):46 - 56
    Cited by:  Papers (28)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (366 KB) | HTML iconHTML

    The authors describe the first experimental validation of correlation systems with the goal of assessing the overall progress in the field. Their experiment set out to measure the collective ability of correlators to recognize cyber attacks and designate their targets. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Software protection: security's last stand?

    Publication Year: 2003, Page(s):95 - 98
    Cited by:  Papers (7)  |  Patents (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (223 KB) | HTML iconHTML

    Given that application software protection is necessary, what form and function should it take? There are three principal forms of protection: watermarking, obfuscation, and application performance degradation. These techniques perform three main functions: detection of attempts to pirate, misuse, or tamper with software, protection of software against those attempts, and alteration of the softwar... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • An analysis of the Slapper worm

    Publication Year: 2003, Page(s):82 - 87
    Cited by:  Papers (28)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (225 KB) | HTML iconHTML

    We can prove that the Slapper is a variation of the Apache Scalper worm by comparing the source code. Modifications introduced in the Slapper worm improved the robustness and efficiency of its predecessor's simplistic P2P networking capabilities. Slapper's author also removed certain features from the original-either because they were redundant or to reduce the perception that it was a tool develo... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Copyright extension: Eldred v. Ashcroft

    Publication Year: 2003, Page(s):76 - 78
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (337 KB) | HTML iconHTML

    In recent years the US Congress has expanded both the scope and duration of copyright law. For example, the United States now recognizes copyrights in sound recordings, computer software, and (since 1990) the moral rights of a visual artist, such as the right to be identified as the author and the right against destruction of a work. Four years ago, the Sonny Bono Act (more formally known as the C... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Inside the Windows security push

    Publication Year: 2003, Page(s):57 - 61
    Cited by:  Papers (11)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (334 KB) | HTML iconHTML

    The Microsoft Windows development team spent two months in 2002 analyzing product design, code, and documentation to fix security issues. The results of this security push include a new process and several lessons learned for future projects. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Remembrance of data passed: a study of disk sanitization practices

    Publication Year: 2003, Page(s):17 - 27
    Cited by:  Papers (39)  |  Patents (16)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (354 KB) | HTML iconHTML

    Many discarded hard drives contain information that is both confidential and recoverable, as the authors' own experiment shows. The availability of this information is little publicized, but awareness of it will surely spread. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Privacy vs. information technology

    Publication Year: 2003, Page(s):100 - 103
    Cited by:  Papers (4)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (209 KB) | HTML iconHTML

    Modern information technology is facilitating the steady disappearance of individual privacy - even under normal circumstances. Add a real or hyped threat to the common good, and the erosion of individual privacy is further accelerated. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.

Aims & Scope

The primary objective of IEEE Security & Privacy is to stimulate and track advances in information assurance and security and present these advances in a form that can be useful to a broad cross-section of the professional community-ranging from academic researchers to industry practitioners. It is intended to serve a broad readership.

Full Aims & Scope

Meet Our Editors

Editor-in-Chief
Shari Lawrence Pfleeger
shari.l.pfleeger@dartmouth.edu