By Topic

IEEE Security & Privacy

Issue 5 • Date Sept.-Oct. 2013

Filter Results

Displaying Results 1 - 22 of 22
  • Front Cover

    Publication Year: 2013, Page(s): c1
    Request permission for commercial reuse | PDF file iconPDF (859 KB)
    Freely Available from IEEE
  • Table of Contents

    Publication Year: 2013, Page(s):1 - 2
    Request permission for commercial reuse | PDF file iconPDF (787 KB)
    Freely Available from IEEE
  • Open Assurance

    Publication Year: 2013, Page(s):3 - 4
    Request permission for commercial reuse | PDF file iconPDF (181 KB) | HTML iconHTML
    Freely Available from IEEE
  • Masthead

    Publication Year: 2013, Page(s): 5
    Request permission for commercial reuse | PDF file iconPDF (132 KB)
    Freely Available from IEEE
  • Security, Privacy, Policy, and Dependability Roundup

    Publication Year: 2013, Page(s):6 - 7
    Request permission for commercial reuse | PDF file iconPDF (241 KB) | HTML iconHTML
    Freely Available from IEEE
  • Silver Bullet Talks with Wenyuan Xu

    Publication Year: 2013, Page(s):8 - 10
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (925 KB) | HTML iconHTML

    Wenyuan Xu, as associate professor at the University of South Carolina, talks about the differences between American and Chinese technical culture, her work on automatic meter reading systems, whether electrical engineering is more advanced in terms of design than computer science, and why there are so few women in engineering and computer science. Hear the full podcast at www.computer.org/silverb... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The Personal Data Store Approach to Personal Data Security

    Publication Year: 2013, Page(s):12 - 19
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (607 KB) | HTML iconHTML

    A growing number of actors believe personal data stores (PDSs) are the solution to the issue of online privacy. With PDSs, people can choose to share specific personal information or restrict access to certain interested parties. A small-scale test involving job applicants and employers attempted to ascertain the extent to which users are willing to adopt PDSs. This article describes the EU Framew... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Anonymous and Distributed Community Cyberincident Detection

    Publication Year: 2013, Page(s):20 - 27
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (259 KB) | HTML iconHTML

    Communities are under attack from a variety of threat agents. The repercussions from these attacks will grow more severe as communities become increasingly reliant on cyberspace. Communities must be prepared to prevent, detect, respond to, and recover from a wide variety of cyberincidents. The timely and useful detection of cyberattacks is a first step toward fast and effective response and recove... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Teaching an Old TPM New Tricks: Repurposing for Identity-Based Signatures

    Publication Year: 2013, Page(s):28 - 35
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (299 KB) | HTML iconHTML

    A trusted platform module (TPM) is an industry-standard module bound to a system; it provides secure, cryptoprocessor functions such as asymmetric key generation and storage, asymmetric encryption/decryption, cryptographic hashing operations, and much more. Although it may seem useful, this module, ubiquitous in many OEM systems, is often underutilized or not utilized at all. This article presents... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Federated Identity Management Systems: A Privacy-Based Characterization

    Publication Year: 2013, Page(s):36 - 48
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (975 KB) | HTML iconHTML

    Identity management systems store attributes associated with users and employ these attributes to facilitate authorization. The authors analyze existing systems and describe a privacy-driven taxonomy of design choices, which can help technical experts consulting on public policy relating to identity management. The US National Strategy for Trusted Identities in Cyberspace initiative is discussed t... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • iOS Data Recovery Using Low-Level NAND Images

    Publication Year: 2013, Page(s):49 - 55
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (537 KB) | HTML iconHTML

    To recover erased data from iOS devices, specialists use a brute-force method to decrypt the passwords, then extract data images directly from low-level NAND storage and analyze the redundancy caused by its file translation layer (FTL) behavior. iOS devices' garbage collection strategy significantly affects data recovery. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The Public as Partner? Technology Can Make Us Auxiliaries as Well as Vigilantes

    Publication Year: 2013, Page(s):56 - 61
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (574 KB) | HTML iconHTML

    Starting from police requests for help from citizens in the Boston Marathon bombing, this article examines some of the new opportunities and risks that computers and related communication tools bring to social control efforts. Issues of justice, liberty, privacy, community, and effectiveness are involved. Yet whatever is new here for national security, police and criminal justice grows out of and ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The Dependable Systems-of-Systems Design Challenge

    Publication Year: 2013, Page(s):62 - 65
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (399 KB) | HTML iconHTML

    Systems of systems are becoming more prevalent and more critical to industry and society. Designing these systems is difficult; designing them to be dependable is an even greater challenge. However, there are ways to ease this process. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Cyberoperations Program

    Publication Year: 2013, Page(s):66 - 69
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (733 KB) | HTML iconHTML

    To conduct cyberoperations, not only must you understand computers, networks, and protocols, you must also determine what circumstances actions may be taken in and who can take them. In addition, you must consider strategies and policies as well as those actions' possible side effects, in both cyberspace and the natural world. At the US Naval Postgraduate School and elsewhere, educators are prepar... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Tiny Salespeople: Mediated Transactions and the Internet of Things

    Publication Year: 2013, Page(s):70 - 72
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (589 KB) | HTML iconHTML

    If the Internet of Things becomes reality, everyday objects might try to sell you products and services. This presents both benefits and perils, the latter in the form of an increased "attack surface" for companies interested in jogging sales. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Conflicts between Intrusion Detection and Privacy Mechanisms for Wireless Sensor Networks

    Publication Year: 2013, Page(s):73 - 76
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1057 KB) | HTML iconHTML

    Both active and passive attackers pose a threat for wireless sensor networks. So, intrusion detection systems and privacy mechanisms must be deployed, usually at the same time. Yet this coexistence might result in the malfunction or inefficiency of one of these components. Several techniques and principles can help minimize such problems. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The Known Unknowns

    Publication Year: 2013, Page(s):77 - 79
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (109 KB) | HTML iconHTML

    Securing computer systems is an ongoing task that requires involvement of users, system administrators, and developers. There has been a lot of discussion of embedded computer security in the computer science curriculum, but that is insufficient. It's necessary to provide training to keep workers up to date, and to educate them. In this article, the authors discuss the workforce, and the fact that... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Circumvention of Security: Good Users Do Bad Things

    Publication Year: 2013, Page(s):80 - 83
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (112 KB) | HTML iconHTML

    Conventional wisdom is that the textbook view describes reality, and only bad people (not good people trying to get their jobs done) break the rules. And yet it doesn't, and good people circumvent. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Profile as Promise: Honest and Deceptive Signals in Online Dating

    Publication Year: 2013, Page(s):84 - 88
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (450 KB) | HTML iconHTML

    Online dating is a popular way to meet new romantic partners, but many people fear that others are lying in their profiles. Research suggests that "fudging" (or small deceptions) are common but that big lies are relatively rare. Drawing from their Profile as Promise framework and signaling theory, the authors discuss why this happens and how it fits into broader patterns of human behavior, both on... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Building Security In: A Road to Competency

    Publication Year: 2013, Page(s):89 - 92
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (158 KB) | HTML iconHTML

    The Software Assurance (SwA) Competency Model provides a foundation for assessing and advancing software security professionals' capability. A span of competency levels and their decomposition into competencies, based on the knowledge and skills in the SwA Core Body of Knowledge, enable organizations or individuals to determine SwA competency. Organizations can also adapt the model's features to t... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Crime Science and the Internet Battlefield: Securing the Analog World from Digital Crime

    Publication Year: 2013, Page(s):93 - 95
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (113 KB) | HTML iconHTML

    The study of crime science could contribute to understanding the fundamental issues of security in cyberspace. The author confronts the traditional understanding of cybercrime with the newly emerging phenomena, in which the Internet is simply a tool to commit criminal and terrorist acts in real-life circumstances. The idea of a "new criminal battlefield" presents a future-oriented and predictive a... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Trust in Man/Machine Security Systems

    Publication Year: 2013, Page(s): 96
    Request permission for commercial reuse | PDF file iconPDF (218 KB) | HTML iconHTML
    Freely Available from IEEE

Aims & Scope

The primary objective of IEEE Security & Privacy is to stimulate and track advances in information assurance and security and present these advances in a form that can be useful to a broad cross-section of the professional community-ranging from academic researchers to industry practitioners. It is intended to serve a broad readership.

Full Aims & Scope

Meet Our Editors

Editor-in-Chief
Shari Lawrence Pfleeger
shari.l.pfleeger@dartmouth.edu