By Topic

IEEE Security & Privacy

Issue 4 • Date July-Aug. 2005

Filter Results

Displaying Results 1 - 21 of 21
  • [Front cover]

    Publication Year: 2005, Page(s): c1
    Request permission for commercial reuse | PDF file iconPDF (1752 KB)
    Freely Available from IEEE
  • Table of contents

    Publication Year: 2005, Page(s):1 - 2
    Request permission for commercial reuse | PDF file iconPDF (939 KB)
    Freely Available from IEEE
  • The One-Eyed Man Is King

    Publication Year: 2005, Page(s):4 - 5
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (288 KB) | HTML iconHTML

    Where are the great ideas in security and privacy research? View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Masthead

    Publication Year: 2005, Page(s): 6
    Request permission for commercial reuse | PDF file iconPDF (31 KB)
    Freely Available from IEEE
  • A Closer Look at Viruses and Worms

    Publication Year: 2005, Page(s): 7
    Request permission for commercial reuse | PDF file iconPDF (43 KB) | HTML iconHTML
    Freely Available from IEEE
  • Alliance Addresses VoIP Security

    Publication Year: 2005, Page(s): 8
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (37 KB) | HTML iconHTML

    The Voice over IP Security Alliance (VOIPSA) established in February 2005 has emerged to help organizations understand and mitigate VoIP security risks. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Call for IEEE MultiMedia Editor-in-Chief Applicants

    Publication Year: 2005, Page(s): 9
    Request permission for commercial reuse | PDF file iconPDF (26 KB)
    Freely Available from IEEE
  • Secure Software Development by Example

    Publication Year: 2005, Page(s):10 - 17
    Cited by:  Papers (21)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (384 KB) | HTML iconHTML

    When trying to incorporate security into a program, software developers face either too much theoretical information that they can't apply or exhaustive and discouraging recommendation lists. This article gives an overview of security concerns at each step of a project's life cycle. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Toward an Automated Attack Model for Red Teams

    Publication Year: 2005, Page(s):18 - 25
    Cited by:  Papers (3)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (424 KB) | HTML iconHTML

    To better understand system vulnerabilities, proactive security services use red teams that simulate malicious attacks. The authors contend that an attack model with UML-based use cases, sequence and state chart diagrams, and XML would best help red teams achieve attack automation. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The Blaster Worm: Then and Now

    Publication Year: 2005, Page(s):26 - 31
    Cited by:  Papers (19)  |  Patents (4)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (480 KB) | HTML iconHTML

    In August of 2003 the Blaster worm struck the Internet, infecting at least 100,000 Microsoft Windows systems and causing millions of dollars in damages. In spite of considerable cleanup efforts, an antiworm aimed at patching systems, and a widely downloaded clean-up tool from Microsoft, the worm is still very much alive. In this article we describe observations of the Blaster worm from its onset i... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Handling and Reporting Security Advisories: A Scorecard Approach

    Publication Year: 2005, Page(s):32 - 41
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (272 KB) | HTML iconHTML

    Vendors and independent response centers have vastly different views regarding security advisories--what to publish and how to organize the information. The authors’ scorecard approach aims to provide a practical guide for how to publish, read, evaluate, and handle advisories. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • 2005 IEEE Computer Society Professional Membership/Subscription Application

    Publication Year: 2005, Page(s):43 - 44
    Request permission for commercial reuse | PDF file iconPDF (70 KB)
    Full text access may be available. Click article title to sign in or learn about subscription options.
  • EICAR 2005

    Publication Year: 2005, Page(s):45 - 48
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (176 KB) | HTML iconHTML

    The European Institute Center for Anti-Virus Research (EICAR; www.eicar.org) held its 14th annual conference and attracted about 100 researchers, vendors, users, and government representatives interested in discussing the field’s latest developments. This report presents a brief overview of what went on at the invited talks, paper presentations, and industry sessions. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Human Endeavor: Lessons from Shakespeare and Beyond

    Publication Year: 2005, Page(s):49 - 51
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (64 KB) | HTML iconHTML

    As the fall term begins, computer security students expect to buy heavy textbooks filled with equations, information theory, and programs that sort, encipher, and route network packets. Yet, nontechnical classes also have much to offer today’s security students. In addition to satisfying general education requirements, such classes provide core background material that explains aspects of com... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Toward a Cyberconflict Studies Research Agenda

    Publication Year: 2005, Page(s):52 - 55
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (120 KB) | HTML iconHTML

    In January 2003, the Massachusetts Institute of Technology hosted a workshop attended by dynamic mix of computer security professionals, political scientists, economists, engineers, policy wonks, and a few notable government officials (including then-"cyber czar" Richard Clarke). The main topic of discussion was the purpose and scope of a new cross-disciplinary community--the Cyber Conflict Studie... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Security Usability

    Publication Year: 2005, Page(s):56 - 58
    Cited by:  Papers (5)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (536 KB) | HTML iconHTML

    In the security community, we’ve always recognized that our security proposals come with certain costs in terms of usability. Traditionally, that’s the compromise we make to get security. But the market has ruled against us. Time and time again, our fielded secure systems are ignored, bypassed, turned off, or constrained to such a small part of the process that the security result is pra... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Computer Forensics

    Publication Year: 2005, Page(s):59 - 62
    Cited by:  Papers (3)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (144 KB) | HTML iconHTML

    Evidence gathered from computers is increasingly important in criminal investigations, and forensic examination of computer and other digital data has become an indispensable tool for law enforcement, corporate security, and intelligence gathering. This columns presents an overview of the processes and problems related to computer forensics. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The Land of the Blind

    Publication Year: 2005, Page(s):63 - 67
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (496 KB) | HTML iconHTML

    A look at the security vendor space in search of new vulnerability types and attack trends. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The TIPPI Point: Toward Trustworthy Interfaces

    Publication Year: 2005, Page(s):68 - 71
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (69 KB) | HTML iconHTML

    The Trustworthy Interfaces for Passwords and Personal Information workshop brought security and user interface professionals together to determine ways to improve authentication methods so that users won't be tricked by phishers into giving away personal information. The authors consider some of the themes discussed at TIPPI, including the nature of the authentication problem, systems that might h... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Protecting Personal Privacy: Hauling Down the Jolly Roger

    Publication Year: 2005, Page(s):72 - 74
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1216 KB) | HTML iconHTML

    Internet piracy is a growing threat to organizations as their customers become increasingly unwilling to place their personal private information (PPI) at risk for the convenience of electronic transactions. Although this threat isn't severe enough to significantly reduce e-commerce and Internet usage, the threat to PPI does portend a future in which individuals shy away from performing online tra... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Portal for Software Security

    Publication Year: 2005, Page(s):75 - 79
    Cited by:  Papers (4)  |  Patents (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (144 KB) | HTML iconHTML

    We describe a software security portal, created under the guidance of the US Department of Homeland Security by the Software Engineering Institute and Cigital. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.

Aims & Scope

The primary objective of IEEE Security & Privacy is to stimulate and track advances in information assurance and security and present these advances in a form that can be useful to a broad cross-section of the professional community-ranging from academic researchers to industry practitioners. It is intended to serve a broad readership.

Full Aims & Scope

Meet Our Editors

Editor-in-Chief
Shari Lawrence Pfleeger
shari.l.pfleeger@dartmouth.edu