1980 IEEE Symposium on Security and Privacy

14-16 April 1980

Filter Results

Displaying Results 1 - 21 of 21
  • Program Committee

    Publication Year: 1980, Page(s): iii
    Request permission for reuse | PDF file iconPDF (22 KB)
    Freely Available from IEEE
  • Message from the Chair

    Publication Year: 1980, Page(s): v
    Request permission for reuse | PDF file iconPDF (15 KB)
    Freely Available from IEEE
  • An Overview of Transborder Data Flow Issues

    Publication Year: 1980, Page(s): 3
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (579 KB)

    Included in the scope of the term "transborder data flows is the transmission over computer-communicational systems of automated data to be processed and stored in foreign data processing systems. A number of issues, including privacy protection and data security, arise in various transborder data flow (TDF) situations and are discussed in this paper, especially the potential effects on TDF of nat... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Model to Describe Protection Problems

    Publication Year: 1980, Page(s): 9
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (682 KB)

    A protection model based on access control which gives formal definitions for the terms protection problem and safety is introduced. The model provides features for describing the manipulation of the contents of objects and extends the possibilities of the access matrix model. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Towards a Fail-Safe Approach to Secure Databases

    Publication Year: 1980, Page(s): 18
    Cited by:  Papers (2)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (359 KB)

    In this paper we consider some problems related to database security. We first generalize the definition of compromise to the discovery of the value of some (generally complex) property about a class of individuals. For a given query we define implied queries and impose tests for safe response on both the query and implied queries. It is shown how this approach relates to the "tracker" concept. It... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • On Security Flow Analysis in Computer Systems (Preliminary Report)

    Publication Year: 1980, Page(s): 22
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (796 KB)

    A formal model of multilevel security systems is presented. We examine weaknesses of current security flow analysis mechanisms. A concept of expression flows is introduced, which allows us to use various techniques to certify systems that cannot be certified using current flow analysis techniques. We provide a method for generating static authorization requirements for systems in which authorizati... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The Secure Relational Database Management System Kernel: Three Years After

    Publication Year: 1980, Page(s): 34
    Cited by:  Papers (1)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (362 KB)

    A brief look back at the project undertaken by I.P. Sharp Associates for the U.S. Air Force and the Canadian Government on Relational DBMS Kernel design. Since the completion of the project, 3 years ago, several changes have occurred which alter our perception of the project and its results. A quick look at the future in this area is included. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Practical Data-Swapping: The First Steps

    Publication Year: 1980, Page(s): 38
    Cited by:  Papers (15)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (669 KB)

    The problem of statistical database confidentiality in releasing microdata is addressed through the use of approximate data-swapping. Here a portion of the microdata is replaced with a database that has been selected with approximately the same statistics. The result guarantees the confidentialityof the original data, while providing microdata with accurate statistics. Methods for achieving such t... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Aspects of Data Security in General-Purpose Data Base Management Systems

    Publication Year: 1980, Page(s): 46
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (1364 KB)

    With the ever-increasing use of computers for storing large volumes of vital data, the problems involved in providing data security have been receiving very great attention from researchers. In this paper we try to investigate the various aspects of data security in a general-purpose Data Base Management System (DBMS). Data security concerns data manipulation which encompasses two phases : retriev... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Module Definition Facility for Access Control in Distributed Data Base Systems

    Publication Year: 1980, Page(s): 59
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (867 KB)

    Future information systems will involve the interconnection of databases through public networks, requiring the development of adequate security facilities within the local nodes in order to prevent unauthorized access and use of data. A key component of any security scheme is a set of lanuage primitives that define access rights; these language primitives must be combined with other language faci... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The Trusted Function in Secure Decenralized Processing

    Publication Year: 1980, Page(s): 67
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (1082 KB)

    The information processors in a decentralized computing system must trust each other enough to be mutually supportive, yet they must also protect themselves to maintain autonomy. In a decentralized system, data security is especially important because the effects of compromise or sabotage can be so wide-ranging. The trusted function is an ad hoc solution to a problem with present data security mod... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • On the Difficulty of Computing Logarithms Over GF (q^m)

    Publication Year: 1980, Page(s): 83
    Request permission for reuse | PDF file iconPDF (94 KB)
    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Secure Communications in the Presence of Pervasive Deceit

    Publication Year: 1980, Page(s): 84
    Cited by:  Papers (1)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (1184 KB)

    The functions of secrecy, identification of the transmitter and of authentication of messages, and combinations of these, are in principle all achievable using either symmetric or asymmetric cryptosystems. Since secure communications depend on authenticated data exchanges between and/or authenticated actions by some of the parties to the communication, the fundamentals of authentication using symm... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The Cryptographic Security of Compact Knapsacks (Preliminary Report)

    Publication Year: 1980, Page(s): 94
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (476 KB)

    In 1978, Merkle and Hellman introduced a knapsack-based public-key cryptosystem, which received widespread attention. The two major open problems concerning this cryptosystem are: (i) Security: How difficult are the Merkle-Hellman knapsacks? (ii) Efficiency: Can the huge key size be reduced? In this paper we analyze the cryptographic security of knapsack problems with small keys, develop a new (no... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Protecting Shared Cryptographic Keys

    Publication Year: 1980, Page(s): 100
    Cited by:  Papers (2)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (165 KB)

    In this paper, we present a scheme for distributing a key to n users in such a way as to require at least k of them (k < n) to be present to construct the original key. The scheme has the property that up to k - 1 defections can be tolerated. It can be implemented simply and efficiently. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The Master Key Problem

    Publication Year: 1980, Page(s): 103
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (399 KB)

    Four methods for generating and distributing shared group encryption keys in a cryptographic system are described. All four methods can be used to implement secure broadcasts among groups of users in computer networks. Two methods use n secret keys to construct a master key for 2n -1 keys. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • One time Pads are Key Safegaurding Schemes, not Cryptosystems. Fast Key Safeguarding Schemes (Threshold Schemes) Exist.

    Publication Year: 1980, Page(s): 108
    Cited by:  Papers (4)  |  Patents (1)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (564 KB)

    Common sense, David Kahn [KA67] and Gilles Brassard [BR79] all argue that there are no unbreakable cryptosystems. What, then, is to be made of the -- provably [D179a, pp. 399-400] unbreakable -- Vernam one-time pad? The somewhat surprising answer is that it is not a cryptosystem at all, but rather a key safeguarding scheme [BL79] used, as all such schemes can be, in the courier mode. This suggests... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Multi-Tiered Approach to System Security

    Publication Year: 1980, Page(s): 114
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (708 KB)

    When a system is designed to process several levels of classified information, a multi-tiered approach to system security is needed. The total security system should be divided into eight areas which cover: Separation of Authority Personnel Security Physical Security Emanation Security Terminal Security Operating System Security File Security Audit Trail The purpose of the security system is to en... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Protocols for Public Key Cryptosystems

    Publication Year: 1980, Page(s): 122
    Cited by:  Papers (219)  |  Patents (65)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (632 KB)

    New Cryptographic protocols which take full advantage of the unique properties of public key cryptosystems are now evolving. Several protocols for public key distribution and for digital signatures are briefly compared with each other and with the conventional alternative. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A System Architecture to Support a Verifiably Secure Multilevel Security System

    Publication Year: 1980, Page(s): 137
    Cited by:  Papers (4)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (569 KB)

    Technology that allows significant sharing of computer resources carries with it an increased responsibility to protect these resources from un-authorized, malicioua, irresponsible, or unintended use or disclosure. The years have seen a progression of increasingly sensitive information made available in increasingly less supervised modes to a variety of users. Commercial users routinely store valu... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Demonstrating Security for Trusted Applications on a Security Kernal Base

    Publication Year: 1980, Page(s): 145
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (1130 KB)

    A methodology for demonstrating the security of trusted applications on a security kernel base is presented. The methodology consists of selecting and authenticating security criteria, and demonstrating through verification techniques that the implementation obeys the selected criteria. Difficulties encountered in the placement of a trusted application on top of a security kernel base motivated th... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.