IEEE Security & Privacy

Issue 5 • Sept.-Oct. 2010

Filter Results

Displaying Results 1 - 25 of 27
  • [Front cover]

    Publication Year: 2010, Page(s): c1
    Request permission for commercial reuse | PDF file iconPDF (2238 KB)
    Freely Available from IEEE
  • LISA 2010 Conference [advertisement]

    Publication Year: 2010, Page(s): c2
    Request permission for commercial reuse | PDF file iconPDF (4363 KB)
    Freely Available from IEEE
  • Table of contents

    Publication Year: 2010, Page(s):1 - 2
    Request permission for commercial reuse | PDF file iconPDF (1240 KB)
    Freely Available from IEEE
  • Phagocytes in Cyberspace

    Publication Year: 2010, Page(s):3 - 4
    Cited by:  Papers (1)
    Request permission for commercial reuse | PDF file iconPDF (571 KB) | HTML iconHTML
    Freely Available from IEEE
  • IEEE Security & Privacy [masthead]

    Publication Year: 2010, Page(s): 5
    Request permission for commercial reuse | PDF file iconPDF (153 KB)
    Freely Available from IEEE
  • Silver Bullet Talks with Greg Morrisett

    Publication Year: 2010, Page(s):6 - 9
    Request permission for commercial reuse | PDF file iconPDF (262 KB) | HTML iconHTML Multimedia Media
    Freely Available from IEEE
  • News Briefs

    Publication Year: 2010, Page(s):10 - 11
    Request permission for commercial reuse | PDF file iconPDF (172 KB) | HTML iconHTML
    Freely Available from IEEE
  • Guest Editors' Introduction: Reliability of Embedded and Cyber-Physical Systems

    Publication Year: 2010, Page(s):12 - 13
    Request permission for commercial reuse | PDF file iconPDF (708 KB) | HTML iconHTML
    Freely Available from IEEE
  • Embedded Systems Reliability 
  • Kernel Service Protection for Client Security

    Publication Year: 2010, Page(s):14 - 19
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (14538 KB) | HTML iconHTML

    Authentication within the X86 CPU system management mode has significant benefits for system security. The author's mechanism lets system firmware access cipher information from a software application image to check code integrity for security-sensitive code. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Embedded Software Assurance for Configuring Secure Hardware

    Publication Year: 2010, Page(s):20 - 26
    Cited by:  Patents (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1048 KB) | HTML iconHTML

    The authors define embedded end markets affected by software assurance issues, then examine ways in which security and assurance capabilities are partitioned in hardware and software. They then look at the problems inherent to configuring secure hardware. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Roundtable: Reliability of Embedded and Cyber-Physical Systems

    Publication Year: 2010, Page(s):27 - 32
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1108 KB) | HTML iconHTML

    As part of this special issue, the guest editors put together a roundtable discussion to delve into topics the chosen articles didn't touch upon. Sean Barnum (MITRE); Shankar Sastry (UC Berkeley); and John A. Stankovic (University of Virginia) spoke on many topics. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • IEEE Computer Society Press [advertisement]

    Publication Year: 2010, Page(s): 33
    Request permission for commercial reuse | PDF file iconPDF (619 KB)
    Freely Available from IEEE
  • New Security Architectures Based on Emerging Disk Functionality

    Publication Year: 2010, Page(s):34 - 41
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (3612 KB) | HTML iconHTML

    Advances in hard disk technologies can help manage the complexity of operating system security and enforce security policies. The SwitchBlade architecture provides isolation for multiple OSs running on a machine by confining them into segments that users can only access using a physical token. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Proliferation and Detection of Blog Spam

    Publication Year: 2010, Page(s):42 - 47
    Cited by:  Papers (9)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1138 KB) | HTML iconHTML

    The ease of posting comments and links in blogs has attracted spammers as an alternative venue to conventional email. An experimental study investigates the nature and prevalence of blog spam. Using Defensio logs, the authors collected and analyzed more than one million blog comments during the last two weeks of June 2009. They used a support vector machine (SVM) classifier combined with heuristic... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Session management vulnerabilities in today's web

    Publication Year: 2010, Page(s):48 - 56
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1595 KB) | HTML iconHTML

    Many cyberattacks exploit session management vulnerabilities that allow attackers to be recognized as valid website users. This article describes Web application design flaws that could be exploited for session management attacks and discusses these flaws' current prevalence. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Necessary but Not Sufficient

    Publication Year: 2010, Page(s):57 - 58
    Cited by:  Papers (1)
    Request permission for commercial reuse | PDF file iconPDF (114 KB) | HTML iconHTML
    Freely Available from IEEE
  • The CyberPatriot National High School Cyber Defense Competition

    Publication Year: 2010, Page(s):59 - 61
    Cited by:  Papers (2)
    Request permission for commercial reuse | PDF file iconPDF (194 KB) | HTML iconHTML
    Freely Available from IEEE
  • Automated Control System Security

    Publication Year: 2010, Page(s):62 - 63
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (171 KB) | HTML iconHTML

    Automated control systems (ACSs) lie at the heart of industrial and infrastructure systems and, as such, are one of the most critical parts of critical infrastructures. Yet the information security world has largely ignored these systems, and most information security folks seem to think that the protective processes, measures, and mechanisms that apply to general-purpose enterprise computers also... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Data Tagging for New Information Governance Models

    Publication Year: 2010, Page(s):64 - 68
    Cited by:  Papers (3)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (258 KB) | HTML iconHTML

    The ubiquitous collection, use, and flow of data challenge existing frameworks for data protection and management. Organizations collect and derive data from myriad sources and use it for various purposes, so that the rules that apply to their data holdings vary. The authors describe data governance in this complex and dynamic environment, where the rules and obligations that govern how organizati... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Tracing Pirated Content on the Internet: Unwinding Ariadne's Thread

    Publication Year: 2010, Page(s):69 - 71
    Cited by:  Papers (5)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1491 KB) | HTML iconHTML

    Digital rights management (DRM) technologies have recently received many blows that might hamper their future. Copyright holders, by imposing tight restrictions on their assets' usability, have managed to infuriate consumers to the point at which the music industry has partly dropped DRM. Is multimedia content protection dead? Well, not quite yet. Discreet protection technologies, such as content ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Technology, Training, and Transformation

    Publication Year: 2010, Page(s):72 - 75
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1337 KB) | HTML iconHTML

    As advances in technology transform society, so must it transform how people interact with that technology. However, technology advances much faster than do society and people. Most people don't care how the technology works-they care only that it does work. Current models are unsatisfactory because people must understand more of the underlying technology than is needed to perform their jobs. The ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Not So Great Expectations: Why Application Markets Haven't Failed Security

    Publication Year: 2010, Page(s):76 - 78
    Cited by:  Papers (7)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (225 KB) | HTML iconHTML

    Application markets have rapidly become a widely popular mechanism for expanding the features and utility of mobile devices such as cell phones. The cottage industries that sprung up around these markets serve millions of Patrick McDaniel and William Enck Pennsylvania State University applications daily to a ready user audience. Markets entice developers by placing low economic and technical barri... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Do the Luddites Ever Win?

    Publication Year: 2010, Page(s):79 - 82
    Request permission for commercial reuse | PDF file iconPDF (2509 KB) | HTML iconHTML
    Freely Available from IEEE
  • Don't Trust. And Verify: A Security Architecture Stack for the Cloud

    Publication Year: 2010, Page(s):83 - 86
    Cited by:  Papers (13)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (526 KB) | HTML iconHTML

    This article is for security architects whose companies are moving critical systems to the cloud. Whenever technology architecture changes, it's worth revisiting the assumptions that went into security architecture and design. This is particularly relevant for security and cloud computing; although many organizations rate security as a critical issue in moving to the cloud, few know what to do abo... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Perceptions and Reality

    Publication Year: 2010
    Request permission for commercial reuse | PDF file iconPDF (689 KB) | HTML iconHTML
    Freely Available from IEEE

Aims & Scope

IEEE Security & Privacy’s primary objective is to stimulate and track advances in security, privacy, and dependability and present these advances in a form that can be useful to a broad cross-section of the professional community—ranging from academic researchers to industry practitioners. It provides articles with both a practical and research bent by the top thinkers in the field of security and privacy, along with case studies, surveys, tutorials, columns, and in-depth interviews and podcasts for the information security industry.
 

Full Aims & Scope

Meet Our Editors

Editor-in-Chief
Ahmad-Reza Sadeghi
Technische Universität Darmstadt
ahmad.sadeghi@trust.tu-darmstadt.de