By Topic

IEEE Security & Privacy

Issue 2 • March-April 2003

Filter Results

Displaying Results 1 - 15 of 15
  • Privacy Concerns

    Publication Year: 2003, Page(s):11 - 13
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (190 KB) | HTML iconHTML

    First Page of the Article
    View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Post-apocalypse now

    Publication Year: 2003, Page(s):53 - 55
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (243 KB) | HTML iconHTML

    First Page of the Article
    View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Engineering or sloganeering? the counterattack on privacy

    Publication Year: 2003, Page(s):84 - 87
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (230 KB) | HTML iconHTML

    First Page of the Article
    View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Locks and full disclosure

    Publication Year: 2003, Page(s): 88
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (165 KB) | HTML iconHTML

    First Page of the Article
    View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Biometric recognition: security and privacy concerns

    Publication Year: 2003, Page(s):33 - 42
    Cited by:  Papers (260)  |  Patents (3)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (552 KB) | HTML iconHTML

    Biometrics offers greater security and convenience than traditional methods of personal recognition. In some applications, biometrics can replace or supplement the existing technology. In others, it is the only viable approach. But how secure is biometrics? And what are the privacy implications?. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Rights amplification in master-keyed mechanical locks

    Publication Year: 2003, Page(s):24 - 32
    Cited by:  Papers (5)  |  Patents (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (760 KB) | HTML iconHTML

    This article examines mechanical lock security from a computer-science and cryptology perspective, focusing on new and practical attacks for amplifying rights in master-keyed mechanical pin tumbler locks. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The Honeynet Project: trapping the hackers

    Publication Year: 2003, Page(s):15 - 23
    Cited by:  Papers (73)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (621 KB) | HTML iconHTML

    What specific threats do computer networks face from hackers? Who's perpetrating these threats and how? The Honeynet Project is an organization dedicated to answering these questions. It studies the bad guys and shares the lessons learned. The group gathers information by deploying networks (called honeynets) that are designed to be compromised. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Teaching students to design secure systems

    Publication Year: 2003, Page(s):56 - 58
    Cited by:  Papers (4)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (201 KB) | HTML iconHTML

    The pedagogy used to teach computer security to students new to the field is usually handled by a one- or two-course augmentation to an existing curriculum. Furthermore, the courses tend to be technology-centric and often do not uncover the underlying processes that students can transfer to new situations. In this article, we look more closely at determining an appropriate scope and sequence for i... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Moving forward? [digital security]

    Publication Year: 2003, Page(s):70 - 71
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (185 KB) | HTML iconHTML

    The US government and the European Commission recently made major Cyber security policy pronouncements in their attempts to achieve the right mix. The US strategy states that the newly created Department of Homeland Security will become a federal center of excellence for Cyber security, providing a focal point for federal outreach to state and local authorities, nongovernmental organizations, the ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Why secure applications are difficult to write

    Publication Year: 2003, Page(s):81 - 83
    Cited by:  Papers (5)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (305 KB)

    The author categorizes application security concerns into four specific issues: input streams, output production, internal data, and algorithms and computation. The first two concerns - input and output - are related to the environment in which applications execute. The last two - data and algorithms - are related to an application's awareness of its own internal secrets. Those secrets could be th... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Copyright enforcement or censorship: new uses for the DMCA?

    Publication Year: 2003, Page(s):67 - 69
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (247 KB) | HTML iconHTML

    Section 512 of the Digital Millennium Copyright Act (DMCA) has a provision that protects ISPs from liability for transmitting copyright violations-as long as they have and follow a process for removing infringements when notified of them. Given the DMCA's wording, any attempt to be sure that we will know in the future what was said today will depend on clarifying the rights and responsibilities of... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Patient privacy in electronic prescription transfer

    Publication Year: 2003, Page(s):77 - 80
    Cited by:  Papers (14)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (213 KB) | HTML iconHTML

    In paper-based prescribing in the United Kingdom's National Health Service (NHS), patients are responsible for protecting the privacy of their prescription information while it is in transit from the prescriber to the dispenser. The UK government has introduced a plan for future NHS reform that includes a change from paper-based prescribing to a national electronic transfer of prescriptions (ETP) ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Selecting the Advanced Encryption Standard

    Publication Year: 2003, Page(s):43 - 52
    Cited by:  Papers (37)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (346 KB) | HTML iconHTML

    The USA National Institute of Standards and Technology selected the Advanced Encryption Standard, a new standard symmetric key encryption algorithm, from 15 qualifying algorithms. NIST has also made efforts to update and extend their standard cryptographic modes of operation. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • From the ground up: the DIMACS software security workshop

    Publication Year: 2003, Page(s):59 - 66
    Cited by:  Papers (22)  |  Patents (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (309 KB) | HTML iconHTML

    The DIMACS Software Security Workshop held in New Jersey explored issues such as security engineering, architecture and implementation risks, security analysis, mobile and malicious code, education and training, and open research issues. Many promising techniques have grown from connections between computer security, programming languages, and software engineering, and one workshop goal was to bri... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The weakest link revisited [information security]

    Publication Year: 2003, Page(s):72 - 76
    Cited by:  Papers (16)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (527 KB) | HTML iconHTML

    It is a common saying that a chain is only as strong as its weakest link-a phrase information security officers, IT managers, consultants, researchers, journalists, and opinion makers reiterate ad nauseam when referring to an organization's information security posture. Most in the information security community would agree that a security architecture is only as strong as its weakest link. Howeve... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.

Aims & Scope

IEEE Security & Privacy’s primary objective is to stimulate and track advances in security, privacy, and dependability and present these advances in a form that can be useful to a broad cross-section of the professional community—ranging from academic researchers to industry practitioners. It provides articles with both a practical and research bent by the top thinkers in the field of security and privacy, along with case studies, surveys, tutorials, columns, and in-depth interviews and podcasts for the information security industry.
 

Full Aims & Scope

Meet Our Editors

Editor-in-Chief
Ahmad-Reza Sadeghi
Technische Universität Darmstadt
ahmad.sadeghi@trust.tu-darmstadt.de