By Topic

IEEE Security & Privacy

Issue 5 • Date Sept.-Oct. 2012

Filter Results

Displaying Results 1 - 23 of 23
  • Front Cover

    Publication Year: 2012, Page(s): c1
    Request permission for commercial reuse | PDF file iconPDF (1514 KB)
    Freely Available from IEEE
  • Table of Contents

    Publication Year: 2012, Page(s):1 - 2
    Request permission for commercial reuse | PDF file iconPDF (1040 KB)
    Freely Available from IEEE
  • Are Things Getting Worse?

    Publication Year: 2012, Page(s): 3
    Request permission for commercial reuse | PDF file iconPDF (202 KB) | HTML iconHTML
    Freely Available from IEEE
  • Masthead

    Publication Year: 2012, Page(s): 4
    Request permission for commercial reuse | PDF file iconPDF (230 KB)
    Freely Available from IEEE
  • Silver Bullet Talks with Kay Connelly

    Publication Year: 2012, Page(s):5 - 7
    Request permission for commercial reuse | PDF file iconPDF (321 KB) | HTML iconHTML
    Freely Available from IEEE
  • Security, Privacy, and Policy Roundup

    Publication Year: 2012, Page(s):8 - 9
    Request permission for commercial reuse | PDF file iconPDF (507 KB) | HTML iconHTML
    Freely Available from IEEE
  • Privacy: Front and Center

    Publication Year: 2012, Page(s):10 - 15
    Cited by:  Papers (1)
    Request permission for commercial reuse | PDF file iconPDF (352 KB)
    Freely Available from IEEE
  • Realities of E-voting Security

    Publication Year: 2012, Page(s):16 - 17
    Cited by:  Papers (4)
    Request permission for commercial reuse | PDF file iconPDF (520 KB) | HTML iconHTML
    Freely Available from IEEE
  • Hover: Trustworthy Elections with Hash-Only Verification

    Publication Year: 2012, Page(s):18 - 24
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (722 KB) | HTML iconHTML

    Hover (Hash-Only Verification), an end-to-end (E2E) verifiable voting system with distributed trust, uses only a collision-resistant hash function for verification. Such verification could make E2E elections more accessible to people without a strong cryptography background. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The Future of E-voting in Australia

    Publication Year: 2012, Page(s):25 - 32
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (617 KB) | HTML iconHTML

    Australia has a long history of transparent, high-integrity secret ballot elections. As elections are increasingly dependent on electronic systems, the traditions of transparency and privacy must extend to new technologies and ways of scrutinizing them. The Victorian Electoral Commission (VEC) is undertaking a project that aims to set the bar for how Australian e-voting systems should be commissio... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Evidence-Based Elections

    Publication Year: 2012, Page(s):33 - 41
    Cited by:  Papers (3)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (853 KB) | HTML iconHTML

    The authors propose an alternative to current requirements for certifying voting equipment and conducting elections. They argue that elections should be structured to provide convincing affirmative evidence that the reported outcomes actually reflect how people voted. This can be accomplished with a combination of software-independent voting systems, compliance audits, and risk-limiting audits. To... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Gentle Introduction to Risk-Limiting Audits

    Publication Year: 2012, Page(s):42 - 49
    Cited by:  Papers (5)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (496 KB) | HTML iconHTML

    Risk-limiting audits provide statistical assurance that election outcomes are correct by manually examining portions of the audit trail-paper ballots or voter-verifiable paper records. This article sketches two types of risk-limiting audits, ballot-polling audits and comparison audits, and gives example computations. These audits do not require in-house statistical expertise. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Electronic Voting Security 10 Years after the Help America Vote Act

    Publication Year: 2012, Page(s):50 - 52
    Request permission for commercial reuse | PDF file iconPDF (705 KB)
    Freely Available from IEEE
  • Usable, Secure, Private Search

    Publication Year: 2012, Page(s):53 - 60
    Cited by:  Papers (6)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (434 KB) | HTML iconHTML

    Real-world applications commonly require untrusting parties to share sensitive information securely. This article describes a secure anonymous database search (SADS) system that provides exact keyword match capability. Using a new reroutable encryption and the ideas of Bloom filters and deterministic encryption, SADS lets multiple parties efficiently execute exact-match queries over distributed en... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Security and Interoperable-Medical-Device Systems, Part 1

    Publication Year: 2012, Page(s):61 - 63
    Cited by:  Papers (3)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (744 KB) | HTML iconHTML

    Interoperable medical devices (IMDs) face threats due to the increased attack surface presented by interoperability and the corresponding infrastructure. Introducing networking and coordination functionalities fundamentally alters medical systems' security properties. Understanding the threats is an important first step in eventually designing security solutions for such systems. Part 1 of this tw... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Security and Elections

    Publication Year: 2012, Page(s):64 - 67
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (573 KB) | HTML iconHTML

    Elections are common to almost all societies. Periodically, groups of people determine their representatives, leaders, neighborhood spokespersons, corporate executives, or union representatives by casting ballots and counting votes using a variety of schemes. Those who don't participate see others around them doing so. And stories abound about rigged elections or results considered compromised by ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The State of Embedded-Device Security (Spoiler Alert: It's Bad)

    Publication Year: 2012, Page(s):68 - 70
    Cited by:  Papers (5)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (691 KB) | HTML iconHTML

    Embedded-systems security is a mess, and the embedded-software industry needs to start focusing on it. This will involve moving beyond just the technology to rethink our assumptions of how people will actually use and maintain embedded devices. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Filling Your Cyber Operations Training Toolbox

    Publication Year: 2012, Page(s):71 - 74
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (362 KB) | HTML iconHTML

    This training article introduces readers to the specific tools and skills needed to best provide cyber operations education and training to university students at the undergraduate and graduate level. It isn't a curriculum-mapping exercise but rather a detailed listing of tools and techniques that can be included in existing and new courses to best align with the NSA's new Center of Academic Excel... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Security and Cognitive Bias: Exploring the Role of the Mind

    Publication Year: 2012, Page(s):75 - 78
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (214 KB) | HTML iconHTML

    It's hard to create and configure security technology and hard to use it after deployment. However, the human mind is a component in both security creation and use. While we technologists have spent the last 40 years building fancier machines, psychologists have spent those decades documenting ways in which human minds systematically (and predictably) misperceive things. To what extent might cogni... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The Price of Privacy

    Publication Year: 2012, Page(s):79 - 81
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (386 KB) | HTML iconHTML

    Simply declaring privacy to be a legal right doesn't provide any resources to enforce it. If privacy was an economic transaction, meaning that people pay for it, then their payments would provide resources to protect it. Would we have better privacy if people were paying for it directly rather than trying to get it via political campaigns? View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Integrating User Customization and Authentication: The Identity Crisis

    Publication Year: 2012, Page(s):82 - 85
    Cited by:  Papers (2)  |  Patents (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (420 KB) | HTML iconHTML

    The integration of user customization with authentication follows four patterns. The local-user pattern tightly couples user authentication and customization. The external-user pattern loosely couples customization and authentication so that the customization module relies on the external authentication provider to authenticate users and return their unique identifiers. The local- + external-user ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Risk Aversion

    Publication Year: 2012, Page(s):86 - 87
    Request permission for commercial reuse | PDF file iconPDF (472 KB) | HTML iconHTML
    Freely Available from IEEE
  • The Importance of Security Engineering

    Publication Year: 2012, Page(s): 88
    Request permission for commercial reuse | PDF file iconPDF (310 KB) | HTML iconHTML
    Freely Available from IEEE

Aims & Scope

The primary objective of IEEE Security & Privacy is to stimulate and track advances in information assurance and security and present these advances in a form that can be useful to a broad cross-section of the professional community-ranging from academic researchers to industry practitioners. It is intended to serve a broad readership.

Full Aims & Scope

Meet Our Editors

Editor-in-Chief
Shari Lawrence Pfleeger
shari.l.pfleeger@dartmouth.edu