By Topic

Security & Privacy, IEEE

Issue 1 • Date Jan.-Feb. 2012

Filter Results

Displaying Results 1 - 25 of 27
  • [Front cover]

    Publication Year: 2012 , Page(s): c1
    Request Permissions | PDF file iconPDF (7238 KB)  
    Freely Available from IEEE
  • "Oakland" 2012 in San Francisco! [IEEE Symposium on Security and Privacy Symposium and Workshops]

    Publication Year: 2012 , Page(s): c2
    Request Permissions | PDF file iconPDF (479 KB)  
    Freely Available from IEEE
  • Table of contents

    Publication Year: 2012 , Page(s): 1 - 2
    Request Permissions | PDF file iconPDF (4749 KB)  
    Freely Available from IEEE
  • Happy Anniversary!

    Publication Year: 2012 , Page(s): 3 - 4
    Request Permissions | PDF file iconPDF (2064 KB) |  | HTML iconHTML  
    Freely Available from IEEE
  • [Masthead]

    Publication Year: 2012 , Page(s): 5
    Request Permissions | PDF file iconPDF (131 KB)  
    Freely Available from IEEE
  • Lost Decade or Golden Era: Computer Security since 9/11

    Publication Year: 2012 , Page(s): 6 - 10
    Cited by:  Papers (1)
    Request Permissions | Click to expandAbstract | PDF file iconPDF (329 KB) |  | HTML iconHTML  

    In the 10 years since 9/11, the cybersecurity threat has evolved significantly, and every sector of the US economy has become more dependent than ever on the Internet. Today, major security breaches dominate headlines on a weekly basis. Intrusion campaigns such as "Operation Shady Rat" (disclosed by McAfee in August) and "Nitro" (disclosed by Symantec in October) show a systematic compromise of ev... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Silver Bullet talks with Deborah Frincke

    Publication Year: 2012 , Page(s): 11 - 14
    Request Permissions | PDF file iconPDF (1213 KB) |  | HTML iconHTML  
    Freely Available from IEEE
  • Security, Privacy, and Policy Roundup

    Publication Year: 2012 , Page(s): 15 - 17
    Request Permissions | PDF file iconPDF (571 KB) |  | HTML iconHTML  
    Freely Available from IEEE
  • Advertisement - Digital Computer

    Publication Year: 2012 , Page(s): 18
    Request Permissions | PDF file iconPDF (2697 KB)  
    Freely Available from IEEE
  • Authentication - Are We Doing Well Enough? [Guest Editors' Introduction]

    Publication Year: 2012 , Page(s): 19 - 21
    Request Permissions | PDF file iconPDF (3892 KB) |  | HTML iconHTML  
    Freely Available from IEEE
  • The Future of Authentication

    Publication Year: 2012 , Page(s): 22 - 27
    Request Permissions | Click to expandAbstract | PDF file iconPDF (2218 KB) |  | HTML iconHTML  

    As part of this special issue on authentication, guest editors Richard Chow, Markus Jakobsson, and Jesus Molina put together a roundtable discussion with leaders in the field, who discuss here their views on the biggest problems in authentication, potential solutions, and the direction in which the field is moving. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Research Agenda Acknowledging the Persistence of Passwords

    Publication Year: 2012 , Page(s): 28 - 36
    Cited by:  Papers (7)
    Request Permissions | Click to expandAbstract | PDF file iconPDF (2443 KB) |  | HTML iconHTML  

    Despite countless attempts and near-universal desire to replace them, passwords are more widely used and firmly entrenched than ever. The authors' exploration leads them to argue that no silver bullet will meet all requirements-not only will passwords be with us for some time, but in many instances, they're the solution that best fits the scenario of use. Among broad authentication research direct... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Training Johnny to Authenticate (Safely)

    Publication Year: 2012 , Page(s): 37 - 45
    Request Permissions | Click to expandAbstract | PDF file iconPDF (2830 KB) |  | HTML iconHTML  

    The authors present the results of a long-term user study of site-based login mechanisms that train users to log in safely. Interactive site-identifying images received 70 percent detection rates, which is significantly better than the 20 percent received by the typical login ceremony. They also found that combining login bookmarks with interactive images and nonworking buttons or links (called ne... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Electronic Identity Cards for User Authentication—Promise and Practice

    Publication Year: 2012 , Page(s): 46 - 54
    Request Permissions | Click to expandAbstract | PDF file iconPDF (3328 KB) |  | HTML iconHTML  

    Electronic identity (elD) cards promise to supply a nationwide user authentication mechanism. The core technology seems ready for mass deployment, but application issues might hamper elD adoption. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Improving the Automation of Security Information Management: A Collaborative Approach

    Publication Year: 2012 , Page(s): 55 - 59
    Request Permissions | Click to expandAbstract | PDF file iconPDF (1580 KB) |  | HTML iconHTML  

    Many preventive security measures purport to protect networks from cyber intrusions. These adopted measures can generate a large amount of information that should be stored and analyzed to enable responses to detected attacks. Security information and event managers (SIEMs) are indispensable for collecting all of a system's security-related information in a central repository. This can then provid... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Making Successful Security Decisions: A Qualitative Evaluation

    Publication Year: 2012 , Page(s): 60 - 68
    Request Permissions | Click to expandAbstract | PDF file iconPDF (524 KB) |  | HTML iconHTML  

    How do IT security managers make decisions in the absence of empirical data, and how do they know these decisions are successful? Some security managers seem more successful at making decisions than others. Are they guessing, or are they using some tacit knowledge? To address these questions, a study employed open-ended interviews with highly regarded, experienced security practitioners. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Nanocomputing: Small Devices, Large Dependability Challenges

    Publication Year: 2012 , Page(s): 69 - 72
    Request Permissions | Click to expandAbstract | PDF file iconPDF (1351 KB) |  | HTML iconHTML  

    Nanoscale digitization will be an essential lever to foster the emerging cyberphysical systems. Thanks to the widespread presence of IT and communication capabilities far beyond today's Internet and wireless networking capabilities, future highly pervasive embedded systems will feature smart objects (sensors and actuators) fully merged with the environment in which they're deployed. This will resu... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Teaching Cybersecurity with DeterLab

    Publication Year: 2012 , Page(s): 73 - 76
    Cited by:  Papers (3)
    Request Permissions | Click to expandAbstract | PDF file iconPDF (529 KB) |  | HTML iconHTML  

    The DETER project aims to advance cybersecurity research and education. Over the past seven years, the project has focused on improving and redefining the methods, technology, and infrastructure for developing cyberdefense technology. The project's research results are put into practice by DeterLab, a public, free-for-use experimental facility available to researchers and educators worldwide. Educ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • This Time, It's Personal: Recent Discussions on Concepts of Personal Information

    Publication Year: 2012 , Page(s): 77 - 79
    Request Permissions | Click to expandAbstract | PDF file iconPDF (200 KB) |  | HTML iconHTML  

    Under privacy regulation, what exactly is personal information? This is an important concept in a changing landscape of technology and information disclosure, in which it's becoming increasingly easier to identify and reidentify individuals. Legal scholars have provided some insights into the evolving nature of personal information and how we might incorporate notions of identifiability risk into ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Electronic Identities Need Private Credentials

    Publication Year: 2012 , Page(s): 80 - 83
    Cited by:  Papers (1)
    Request Permissions | Click to expandAbstract | PDF file iconPDF (1917 KB) |  | HTML iconHTML  

    For transactions on the Internet, user authentication typically involves usernames and passwords. When creating an account, users often must provide additional personal information. Usually, this is a list of self-claimed attributes such as name, address, or birth date. Only a few attributes such as email address and credit card information have some mechanism to authenticate them. Solutions such ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Moving 2 Mishap: M2M's Impact on Privacy and Safety

    Publication Year: 2012 , Page(s): 84 - 87
    Cited by:  Papers (2)
    Request Permissions | Click to expandAbstract | PDF file iconPDF (278 KB) |  | HTML iconHTML  

    The rapidly evolving technology of embedded cellular devices has led to weaknesses that attackers could exploit to compromise our privacy and safety. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Your Memory Is Now a Vendor Service

    Publication Year: 2012 , Page(s): 88 - 90
    Request Permissions | Click to expandAbstract | PDF file iconPDF (2192 KB) |  | HTML iconHTML  

    We no longer provide the context for anything we do, so the systems we deal with provide it for us. This implies that they know more about us and we have less privacy. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Optimizing Product Improvement Spending with Third-Party Security Consultants

    Publication Year: 2012 , Page(s): 91 - 93
    Request Permissions | Click to expandAbstract | PDF file iconPDF (578 KB) |  | HTML iconHTML  

    Companies should try to match security consultancies or even individual consultants to specific projects. To do this, get to know the consultants-in particular, their skills, experience, and interests. Attend security conferences to be aware of their latest research. Beyond this, look for softer skills, such as good communication skills, and an understanding of the challenges that product teams fa... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Power. Law.

    Publication Year: 2012 , Page(s): 94 - 95
    Request Permissions | Click to expandAbstract | PDF file iconPDF (286 KB) |  | HTML iconHTML  

    Research on networks is an area that we should watch more closely than any other. Perhaps more important than the borrowing of techniques, however, is paying close attention to the ferment over whether new network designs with security in mind are worth the societal price and effort to actually implement in a world that already has a considerable sunk investment in structure. How networks build th... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • More or Less

    Publication Year: 2012 , Page(s): 96
    Request Permissions | PDF file iconPDF (633 KB) |  | HTML iconHTML  
    Freely Available from IEEE

Aims & Scope

The primary objective of IEEE Security & Privacy is to stimulate and track advances in information assurance and security and present these advances in a form that can be useful to a broad cross-section of the professional community-ranging from academic researchers to industry practitioners. It is intended to serve a broad readership.

Full Aims & Scope

Meet Our Editors

Editor-in-Chief
Shari Lawrence Pfleeger
shari.l.pfleeger@dartmouth.edu