By Topic

IEEE Security & Privacy

Issue 1 • Date Jan.-Feb. 2007

Filter Results

Displaying Results 1 - 24 of 24
  • [Front cover]

    Publication Year: 2007, Page(s): c1
    Request permission for commercial reuse | PDF file iconPDF (972 KB)
    Freely Available from IEEE
  • [Inside front cover]

    Publication Year: 2007, Page(s): c2
    Request permission for commercial reuse | PDF file iconPDF (1576 KB)
    Freely Available from IEEE
  • Table of contents

    Publication Year: 2007, Page(s):1 - 2
    Request permission for commercial reuse | PDF file iconPDF (813 KB)
    Freely Available from IEEE
  • New Challenges for the New Year

    Publication Year: 2007, Page(s):3 - 4
    Request permission for commercial reuse | PDF file iconPDF (147 KB) | HTML iconHTML
    Freely Available from IEEE
  • Masthead

    Publication Year: 2007, Page(s): 5
    Request permission for commercial reuse | PDF file iconPDF (45 KB)
    Freely Available from IEEE
  • Special Thanks to S&P's Reviewers

    Publication Year: 2007, Page(s):6 - 7
    Request permission for commercial reuse | PDF file iconPDF (53 KB)
    Freely Available from IEEE
  • Software Security: State of the Art

    Publication Year: 2007, Page(s): 8
    Request permission for commercial reuse | PDF file iconPDF (41 KB) | HTML iconHTML
    Freely Available from IEEE
  • Silver Bullet Speaks with John Stewart [Interview]

    Publication Year: 2007, Page(s):9 - 11
    Request permission for commercial reuse | PDF file iconPDF (78 KB) | HTML iconHTML
    Freely Available from IEEE
  • News Briefs

    Publication Year: 2007, Page(s):12 - 15
    Request permission for commercial reuse | PDF file iconPDF (49 KB) | HTML iconHTML
    Freely Available from IEEE
  • Providing Certified Mail Services on the Internet

    Publication Year: 2007, Page(s):16 - 22
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (494 KB) | HTML iconHTML

    Even though email is an increasingly important application, the Internet doesn't yet provide a reliable messaging infrastructure. Thus, an email message's sender can never be certain - and doesn't receive any evidence -that his or her message was actually delivered to and received by its intended recipients. Furthermore, a recipient can always deny having received a particular message, and the sen... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Dependability in Wireless Networks: Can We Rely on WiFi?

    Publication Year: 2007, Page(s):23 - 29
    Cited by:  Papers (4)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (192 KB) | HTML iconHTML

    WiFi - short for "wireless fidelity" - is the commercial name for the 802.11 products that have flooded the corporate wireless local area network (WLAN) market and are becoming rapidly ingrained in our daily lives via public hotspots and digital home networks. Authentication and confidentiality are crucial issues for corporate WiFi use, but privacy and availability tend to dominate pervasive usage... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Considering Operational Security Risk during System Development

    Publication Year: 2007, Page(s):30 - 35
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (211 KB) | HTML iconHTML

    Software products today are riddled with defects, some of which leave systems vulnerable to cyber-attacks. Although high-quality development processes can limit vulnerabilities, these processes alone aren't sufficient for operational security. The operational security of software-intensive systems is closely linked to the practices and techniques used during system design and development. In this ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Is Information Security Under Control?: Investigating Quality in Information Security Management

    Publication Year: 2007, Page(s):36 - 44
    Cited by:  Papers (10)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (416 KB) | HTML iconHTML

    Over the past decade, organizations have sought to become more efficient and productive by adopting information and communication technologies. Organizations are consequently more aware of information security risks and the need to take appropriate action. Previous studies of organizations' use of information security controls have focused on the presence or absence of controls, rather than their ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • HIPAA's Effect on Web Site Privacy Policies

    Publication Year: 2007, Page(s):45 - 52
    Cited by:  Papers (8)  |  Patents (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (306 KB) | HTML iconHTML

    Healthcare institutions typically post their privacy practices online as privacy policy documents. We conducted a longitudinal study that examines the effects of HIPAA's enactment on a collection of privacy policy documents for a fixed set of organizations over a four-year period. We present our analysis of 24 healthcare privacy policy documents from nine healthcare Web sites, analyzed using goal ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Achieving Learning Objectives through E-Voting Case Studies

    Publication Year: 2007, Page(s):53 - 56
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (524 KB) | HTML iconHTML

    The rapidly increasing use of electronic voting machines in US elections provides a wonderful opportunity to teach students about computer security. In this article, we present an informal e-voting case study to achieve five learning outcomes for students in a typical college (or even high school) classroom. Our intent is to motivate a set of lessons specifically involving e-voting, as well as ill... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Toward Application-Aware Security and Reliability

    Publication Year: 2007, Page(s):57 - 62
    Cited by:  Papers (9)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1117 KB) | HTML iconHTML

    Two trends - the increasing complexity of computer systems and their deployment in mission- and life-critical applications - are driving the need to provide applications with security and reliability support. Compounding the situation, the Internet's ubiquity has made systems much more vulnerable to malicious attacks that can have far-reaching implications on our daily lives. Clearly, the traditio... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Special-Purpose Hardware in Cryptanalysis: The Case of 1,024-Bit RSA

    Publication Year: 2007, Page(s):63 - 66
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (724 KB) | HTML iconHTML

    For efficiency, we should implement cryptographic subsystems with short keys, but reliably estimating minimal key lengths is a rather involved and complicated process - especially for systems with long life cycles and limited update capabilities. In symmetric cryptography, experts consider 56-bit IDES (Data Encryption Standard) keys to be inadequate for most applications: new devices can efficient... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • How Not to Be Seen

    Publication Year: 2007, Page(s):67 - 69
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (78 KB) | HTML iconHTML

    The concept of stealth - as it pertains to computers - shares a great deal with its real-world counterpart. In this article, we take a look at stealth from both a historical and a technological perspective. This is a hugely important topic, for if an unwanted computer program can't be seen, it can't be eliminated. In addition, software developers - especially security software developers - must ha... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The Evolutionary Microcosm of Stock Spam

    Publication Year: 2007, Page(s):70 - 75
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (541 KB) | HTML iconHTML

    Spam is a form of advertisement. Through the years, spammers have tried to entice us to purchase a wide variety of gray market products, including pharmaceuticals without prescriptions, pornography without taste, master's degrees with substandard credentials, and mortgages with subprime rates. The messages have become so standardized that both spammers and spam fighters treat the mail sender, the ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Providing Web Service Security in a Federated Environment

    Publication Year: 2007, Page(s):73 - 75
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (89 KB) | HTML iconHTML

    One of the Internet's biggest successes has been the automation of the travel-reservation system. Travelocity, Expedia, and Orbitz have all thrived in a fickle economic sector. The key to their success is Web services, which are exploding across government and industry. A business federation is very similar to a political federation, which is a union of self-governing states united by a central go... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Who's Watching You Now?

    Publication Year: 2007, Page(s):76 - 79
    Cited by:  Patents (5)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (524 KB) | HTML iconHTML

    Location-based applications and services are emerging at a pace that's likely to accelerate over the next few years. Such services offer everything from consumer convenience to life-saving security. All these scenarios involve the transmission of location information over an IP network, and all raise significant issues about that information's privacy, security, and control. The IETF's Geographic ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • DRM, Complexity, and Correctness

    Publication Year: 2007, Page(s): 80
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (77 KB) | HTML iconHTML

    Steve Bellovin looks at the complex code behind Microsoft Vista and its DRM mechanisms. Increased amounts of code add to insecurity, but the real danger with DRM is with increased interaction among different pieces of code. A lot of new mechanisms have been introduced; more seriously, a lot of new communications paths and dependencies have been introduced. Worst of all, these paths and mechanisms ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • [Back inside cover]

    Publication Year: 2007, Page(s): c3
    Request permission for commercial reuse | PDF file iconPDF (2340 KB)
    Freely Available from IEEE
  • [Advertisement - Back cover]

    Publication Year: 2007, Page(s): c4
    Request permission for commercial reuse | PDF file iconPDF (1045 KB)
    Freely Available from IEEE

Aims & Scope

The primary objective of IEEE Security & Privacy is to stimulate and track advances in information assurance and security and present these advances in a form that can be useful to a broad cross-section of the professional community-ranging from academic researchers to industry practitioners. It is intended to serve a broad readership.

Full Aims & Scope

Meet Our Editors

Editor-in-Chief
Shari Lawrence Pfleeger
shari.l.pfleeger@dartmouth.edu