By Topic

IEEE Security & Privacy

Issue 2 • Date March-April 2009

Filter Results

Displaying Results 1 - 25 of 30
  • [Front cover]

    Publication Year: 2009, Page(s): c1
    Request permission for commercial reuse | PDF file iconPDF (1319 KB)
    Freely Available from IEEE
  • IEEE Security & Privacy Subscription Offer

    Publication Year: 2009, Page(s): c2
    Request permission for commercial reuse | PDF file iconPDF (791 KB)
    Freely Available from IEEE
  • Table of contents

    Publication Year: 2009, Page(s):1 - 2
    Request permission for commercial reuse | PDF file iconPDF (873 KB)
    Freely Available from IEEE
  • Accountability for Perfection

    Publication Year: 2009, Page(s):3 - 4
    Cited by:  Papers (4)
    Request permission for commercial reuse | PDF file iconPDF (103 KB) | HTML iconHTML
    Freely Available from IEEE
  • Special Thanks to S&P's Peer Reviewers

    Publication Year: 2009, Page(s):5 - 6
    Request permission for commercial reuse | PDF file iconPDF (268 KB)
    Freely Available from IEEE
  • IEEE Security & Privacy [masthead]

    Publication Year: 2009, Page(s): 7
    Request permission for commercial reuse | PDF file iconPDF (102 KB)
    Freely Available from IEEE
  • News Briefs

    Publication Year: 2009, Page(s):8 - 9
    Request permission for commercial reuse | PDF file iconPDF (80 KB) | HTML iconHTML
    Freely Available from IEEE
  • Silver Bullet Talks with Jeremiah Grossman

    Publication Year: 2009, Page(s):10 - 14
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (134 KB) | HTML iconHTML

    Silver Bullet Security Podcast host Gary McGraw interviews Jeremiah Grossman, founder and CTO of WhiteHat Security, who is well known for his work in Web application security. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Searching for You [Book reviews]

    Publication Year: 2009, Page(s): 15
    Request permission for commercial reuse | PDF file iconPDF (57 KB) | HTML iconHTML
    Freely Available from IEEE
  • Digital Forensics

    Publication Year: 2009, Page(s):16 - 17
    Cited by:  Papers (2)
    Request permission for commercial reuse | PDF file iconPDF (369 KB) | HTML iconHTML
    Freely Available from IEEE
  • Forensics Is So "Yesterday"

    Publication Year: 2009, Page(s):18 - 25
    Cited by:  Papers (6)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (684 KB) | HTML iconHTML

    Computer forensics' presumed usefulness against anyone with computer savvy is minimal because such persons can readily defeat forensics techniques. Because computer forensics can't show who put the data where forensics found it, it can be evidence of nothing. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Digital Forensics Works

    Publication Year: 2009, Page(s):26 - 29
    Cited by:  Papers (5)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (376 KB) | HTML iconHTML

    In response to another article in this special issue, "Forensics Is So 'Yesterday,'" the author proposes that although digital forensics does face challenges, it works, so digital investigations shouldn't stop as long as they follow the law. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Live Analysis: Progress and Challenges

    Publication Year: 2009, Page(s):30 - 37
    Cited by:  Papers (16)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1618 KB) | HTML iconHTML

    As computer technologies become increasingly ubiquitous, so must supporting digital forensics tools and techniques for efficiently and effectively analyzing associated systems' behavior. Live analysis is a logical and challenging step forward in this area and a method that has recently received increased R&D focus. This article describes some live analysis approaches as well as tools and techn... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • New XML-Based Files Implications for Forensics

    Publication Year: 2009, Page(s):38 - 44
    Cited by:  Papers (5)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (416 KB) | HTML iconHTML

    Two new office document file formats (Office Open XML and OpenDocument Format) make it easier to glean time stamps and unique document identifiers while also improving opportunities for file carving and data recovery. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Overview of Licensing and Legal Issues for Digital Forensic Investigators

    Publication Year: 2009, Page(s):45 - 48
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (423 KB) | HTML iconHTML

    Digital forensic examiners face challenges outside the technical aspects of collecting, investigating, and storing digital information. Rules about admissibility and the licensing requirements for forensic professionals must also be taken into account. The use of digital data in an expanding number of US court cases and business investigations has precipitated changes in evidence handling and admi... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Hashing and Data Fingerprinting in Digital Forensics

    Publication Year: 2009, Page(s):49 - 55
    Cited by:  Papers (11)  |  Patents (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (535 KB) | HTML iconHTML

    Hashing is a primary, yet under appreciated, tool in digital forensic investigations. Recent R&D has demonstrated that, with clever design, we can construct robust fingerprinting and similarity hashes that can significantly speed up an investigation. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Critical RFID Privacy-Enhancing Technologies

    Publication Year: 2009, Page(s):56 - 62
    Cited by:  Papers (20)  |  Patents (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (484 KB) | HTML iconHTML

    RFID technology can help automatically and remotely identify objects, which raises many security concerns. The authors review and categorize several RFID security and privacy solutions, and conclude that the most promising and low-cost approach currently attracts little academic attention. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • 2009 Computer Society Membership Application

    Publication Year: 2009, Page(s):63 - 65
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1090 KB)

    First Page of the Article
    View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • IEEE CS Press [advertisement]

    Publication Year: 2009, Page(s): 66
    Request permission for commercial reuse | PDF file iconPDF (1763 KB)
    Freely Available from IEEE
  • A New Era of Presidential Security: The President and His BlackBerry

    Publication Year: 2009, Page(s):67 - 70
    Cited by:  Papers (4)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (134 KB) | HTML iconHTML

    Americans are addicted to their personal digital assistants (PDAs), and President Barack Obama is no exception. Throughout the primaries and the presidential campaign, Obama was often seen using his BlackBerry. Once he won the election, great debate ensued as to whether he would be allowed to continue using it once in office. Initially, the secret service determined that his BlackBerry did not pro... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Security Education Using Second Life

    Publication Year: 2009, Page(s):71 - 74
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (813 KB) | HTML iconHTML

    Institutions of higher education, government agencies, and private organizations have been making sustained efforts to teach some information security skills more efficiently. In these efforts to improve security education, the dominant pedagogical approach has been to use security exercises in a lab setting. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Privacy Interests in Prescription Data, Part 2: Patient Privacy

    Publication Year: 2009, Page(s):75 - 78
    Cited by:  Papers (7)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (624 KB) | HTML iconHTML

    For several years, concern has been mounting about the privacy implications of using and disclosing prescription data. Several transactions forming part of a growing chain of valuable health information have come under scrutiny, including 1) the sale or transfer of prescription data from pharmacies to commercial data brokers;2) processing of the data to analyze physicians' prescribing patterns; 3)... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Crypto Corner 
  • Temperature Attacks

    Publication Year: 2009, Page(s):79 - 82
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1355 KB) | HTML iconHTML

    Confining a program during its execution so that it can't leak information to other programs is an old concern. Recently, several researchers succeeded in fingerprinting distant machines by measuring temperature side effects on clocks. But can temperature also leak secrets in a computer or a chip? We started by implementing a covert channel between two processes (a sender and a receiver) running o... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Fools Download Where Angels Fear to Tread

    Publication Year: 2009, Page(s):83 - 86
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (175 KB) | HTML iconHTML

    Our study illustrates that the risk of getting infected by malware that antivirus protection doesn't detect is alarmingly high. New malware that the antivirus engines don't have signatures for is likely to escape detection by a desktop antivirus solution. Taking precautions while using the Internet can protect users only to a certain extent. If they visit the wrong Web site or download a file infe... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The Real Cost of Software Errors

    Publication Year: 2009, Page(s):87 - 90
    Cited by:  Papers (13)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (689 KB) | HTML iconHTML

    Software is no longer creeping into every aspect of our lives - it's already there. In fact, failing to recognize just how much everything we do depends on software functioning correctly makes modern society vulnerable to software errors. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.

Aims & Scope

The primary objective of IEEE Security & Privacy is to stimulate and track advances in information assurance and security and present these advances in a form that can be useful to a broad cross-section of the professional community-ranging from academic researchers to industry practitioners. It is intended to serve a broad readership.

Full Aims & Scope

Meet Our Editors

Editor-in-Chief
Shari Lawrence Pfleeger
shari.l.pfleeger@dartmouth.edu