By Topic

IEEE Security & Privacy

Issue 6 • Date Nov.-Dec. 2010

Filter Results

Displaying Results 1 - 25 of 29
  • [Front cover]

    Publication Year: 2010, Page(s): c1
    Request permission for commercial reuse | PDF file iconPDF (4210 KB)
    Freely Available from IEEE
  • Usenix 2011 Conference

    Publication Year: 2010, Page(s): c2
    Request permission for commercial reuse | PDF file iconPDF (1256 KB)
    Freely Available from IEEE
  • Table of contents

    Publication Year: 2010, Page(s):1 - 2
    Request permission for commercial reuse | PDF file iconPDF (2026 KB)
    Freely Available from IEEE
  • Sailing Away!

    Publication Year: 2010, Page(s):3 - 4
    Request permission for commercial reuse | PDF file iconPDF (509 KB) | HTML iconHTML
    Freely Available from IEEE
  • In Memoriam: Paul Karger

    Publication Year: 2010, Page(s): 5
    Request permission for commercial reuse | PDF file iconPDF (94 KB) | HTML iconHTML
    Freely Available from IEEE
  • [Masthead]

    Publication Year: 2010, Page(s): 6
    Request permission for commercial reuse | PDF file iconPDF (155 KB)
    Freely Available from IEEE
  • News Briefs

    Publication Year: 2010, Page(s):7 - 8
    Request permission for commercial reuse | PDF file iconPDF (180 KB) | HTML iconHTML
    Freely Available from IEEE
  • Silver Bullet Talks with Iván Arce

    Publication Year: 2010, Page(s):9 - 13
    Request permission for commercial reuse | PDF file iconPDF (736 KB) | HTML iconHTML
    Freely Available from IEEE
  • Guest Editors' Introduction: In Cloud Computing We Trust - But Should We?

    Publication Year: 2010, Page(s):14 - 16
    Cited by:  Papers (5)
    Request permission for commercial reuse | PDF file iconPDF (746 KB) | HTML iconHTML
    Freely Available from IEEE
  • Cloud Computing Roundtable

    Publication Year: 2010, Page(s):17 - 23
    Cited by:  Papers (9)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1785 KB) | HTML iconHTML

    As part of this special issue on cloud computing, guest editors Iván Arce and Anup Ghosh put together a roundtable discussion so readers can hear about cloud computing security from those who are on the front lines, providing services and looking at the real-world threats and requirements from the market. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Security and Privacy Challenges in Cloud Computing Environments

    Publication Year: 2010, Page(s):24 - 31
    Cited by:  Papers (271)  |  Patents (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1140 KB) | HTML iconHTML

    Cloud computing is an evolving paradigm with tremendous momentum, but its unique aspects exacerbate security and privacy challenges. This article explores the roadblocks and solutions to providing a trustworthy cloud computing environment. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Cloud Provider Transparency: An Empirical Evaluation

    Publication Year: 2010, Page(s):32 - 39
    Cited by:  Papers (17)  |  Patents (4)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1132 KB) | HTML iconHTML

    Cloud computing is quickly becoming the next wave of technological evolution as a new approach to providing IT capabilities needed by business. Driving interest and investment in cloud computing is the revolutionary change to the economic model. Cloud computing also promises to allow IT to respond more quickly to the needs of the business. Key tenets of cloud computing include being on-demand and ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Side Channels in Cloud Services: Deduplication in Cloud Storage

    Publication Year: 2010, Page(s):40 - 47
    Cited by:  Papers (54)  |  Patents (3)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (2662 KB) | HTML iconHTML

    As the volume of data increases, so does the demand for online storage services, from simple backup services to cloud storage infrastructures. Although deduplication is most effective when applied across multiple users, cross-user deduplication has serious privacy implications. Some simple mechanisms can enable cross-user deduplication while greatly reducing the risk of data leakage. Cloud storage... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Toward a Multi-Tenancy Authorization System for Cloud Services

    Publication Year: 2010, Page(s):48 - 55
    Cited by:  Papers (44)  |  Patents (3)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1188 KB) | HTML iconHTML

    This article describes an authorization model suitable for cloud computing that supports hierarchical rolebased access control, path-based object hierarchies, and federation. The authors also present an authorization system architecture for implementing the model. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • An In-VM Measuring Framework for Increasing Virtual Machine Security in Clouds

    Publication Year: 2010, Page(s):56 - 62
    Cited by:  Papers (18)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1043 KB) | HTML iconHTML

    Cloud computing relies heavily on virtualization. Virtualization technology has developed rapidly because of the rapid decrease in hardware cost and concurrent increase in hardware computing power. A virtual machine monitor (VMM, also called a hγpervisor) between the hardware and the OS enables multiple virtual machines (VMs) to run on top of a single physical machine. The VMM manages sched... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Social networking [advertisement]

    Publication Year: 2010, Page(s): 63
    Request permission for commercial reuse | PDF file iconPDF (2928 KB)
    Freely Available from IEEE
  • New Pathways in Identity Management

    Publication Year: 2010, Page(s):64 - 67
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (191 KB) | HTML iconHTML

    In this paper, identity management is discussed. Identification and authentication of individuals accessing computer systems have always been components of cybersecurity. This paper reviews the technical details of biometric identification and verification. It covers the major approaches (for example, fingerprints and irises) with respect to acquisition of biometric data, matching techniques, anti... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Government Access to Private-Sector Data

    Publication Year: 2010, Page(s):68 - 71
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1676 KB) | HTML iconHTML

    The paper is discussing government's access to private enterprise data to administer social service schemes, tax calculations, law enforcement and national security purposes. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The First 10 Years of Advanced Encryption

    Publication Year: 2010, Page(s):72 - 74
    Cited by:  Papers (4)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (229 KB) | HTML iconHTML

    On 2 October 2000, after a three-year study period in which 15 block ciphers competed, the US National Institute of Standards and Technology (NIST) announced that the block cipher Rijndael would become the Advanced Encryption. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • George Mason University [advertisement]

    Publication Year: 2010, Page(s): 75
    Request permission for commercial reuse | PDF file iconPDF (861 KB)
    Freely Available from IEEE
  • Secure Multimedia Communications

    Publication Year: 2010, Page(s):76 - 79
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (2084 KB) | HTML iconHTML

    Because multimedia files can be shared with increasing ease and efficiency, the need to ensure their secure transmission and consumption has become acute, particularly in light of multimedia-specific exploits. This article explores a variety of strategies and technologies that address the requirements and implementation elements of secure multimedia communications. To maintain acceptable performan... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Splitting the HTTPS Stream to Attack Secure Web Connections

    Publication Year: 2010, Page(s):80 - 84
    Cited by:  Papers (3)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (2197 KB) | HTML iconHTML

    Secure transactions over the World Wide Web are required for implementing services of economic value or dealing with sensitive data. The HTTPS protocol lets a browser verify a Web server's authenticity and establish an encrypted channel for protecting exchanged data. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Call for Papers

    Publication Year: 2010, Page(s): 85
    Request permission for commercial reuse | PDF file iconPDF (659 KB)
    Freely Available from IEEE
  • Logical Methods in Security and Privacy

    Publication Year: 2010, Page(s):86 - 89
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (231 KB) | HTML iconHTML

    Computer security and privacy is concerned with the design, implementation, and analysis of mechanisms intended to guarantee that desired policies (or properties) hold in the presence of malicious adversaries. In this article some logical methods for reasoning about system security and for enforcing security and privacy policies are discussed. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Identity Management's Misaligned Incentives

    Publication Year: 2010, Page(s):90 - 94
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (2902 KB) | HTML iconHTML

    With the publication of the National Strategy for Trusted Identities in Cyberspace (NSTIC), the US federal government attempts to solve what it asserts is the identity problem on the Internet. This article discusses about the perverse incentives in digital risk management. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.

Aims & Scope

The primary objective of IEEE Security & Privacy is to stimulate and track advances in information assurance and security and present these advances in a form that can be useful to a broad cross-section of the professional community-ranging from academic researchers to industry practitioners. It is intended to serve a broad readership.

Full Aims & Scope

Meet Our Editors

Editor-in-Chief
Shari Lawrence Pfleeger
shari.l.pfleeger@dartmouth.edu