1983 IEEE Symposium on Security and Privacy

25-27 April 1983

Filter Results

Displaying Results 1 - 23 of 23
  • General Chairman's Message

    Publication Year: 1983, Page(s): iii
    Request permission for reuse | PDF file iconPDF (68 KB)
    Freely Available from IEEE
  • Program Chairman's Message

    Publication Year: 1983, Page(s): v
    Request permission for reuse | PDF file iconPDF (20 KB)
    Freely Available from IEEE
  • Using Views in a Multilevel Secure Database Management System

    Publication Year: 1983, Page(s): 4
    Cited by:  Papers (5)  |  Patents (3)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (1064 KB)

    The use of database views in database management systems that enforce user level discretionary and nondiscretionary access control policies is discussed. This discussion involves several issues such as how should views be classified?, what types of mechanisms should be used to define views?, etc. Mapping between views, view updating, and aggregation and inference problems are also discussed. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Fingerprinting

    Publication Year: 1983, Page(s): 18
    Cited by:  Papers (25)  |  Patents (39)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (446 KB)

    This paper presents a general discussion of the use of fingerprints, especially fingerprinted data, Fingerprinting is classified in four orthogonal ways, and some illustrative examples are given. The basis for a statistical analysis of altered fingerprints is presented, along with an example simulation. The possibility of more subtle fingerprints is discussed. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The Many-Time Pad: Theme and Variations

    Publication Year: 1983, Page(s): 23
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (802 KB)

    The man-time pad is a method of subverting the security controls of a system to obtain data that is not directly accessible(e.g., because the data is confidential, classified, or otherwise deemed sensitive). It is the antithesis of the one-time pad, the only theoretically unbreakable cipher, in two respects: 1) whereas the one-time pad is a method of protection,the many-time pad is a method of att... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Message Authentication with Manipulation Detection Code

    Publication Year: 1983, Page(s): 33
    Cited by:  Papers (2)  |  Patents (14)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (2286 KB)

    In many applications of cryptography, assuring the authenticity of communications is as important as protecting their secrecy. A well known and secure method of providing message authentication is to compute a Message Authentication Code (MAC) by encrypting the message. If only one key is used to both encrypt and authenticate a message, however, the system is subject to several forms of cryptograp... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Joint Encryption and Error-Correction Coding

    Publication Year: 1983, Page(s): 55
    Cited by:  Papers (4)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (436 KB)

    This paper considers the problem of joint encryption and error-correction coding and proposes a solution using D-sequences, which are œdecimal' expansions of fractions. The encryption operation considered is equivalent to exponentiation which forms the basis of several public-key schemes. Several new results on D-sequences are also presented which make the applications to encryption and error codi... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Verification of Treaty Compliance -- Revisited

    Publication Year: 1983, Page(s): 61
    Cited by:  Papers (2)  |  Patents (10)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (667 KB)

    In a series of papers, the author has documented the evolution at the Sandia National Laboratories of a solution to the problem of how two mutually deceitful and distrusting parties -- the host and the monitor -- can both trust a data acquisition system whose function is to inform the monitor, and perhaps third parties, whether the host has or has not violated the terms of a treaty. The national i... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Recent Advances in the design and implementation of Large Integer Factorization Algorithms

    Publication Year: 1983, Page(s): 67
    Cited by:  Papers (1)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (412 KB)

    The latest and possibly fastest of the general factoring methods for large composite numbers is the quadratic sieve of Carl Pomerance. A variation of the algorithm is described and an implementation is suggested which combines the forces of a fast pipeline computer such as the Cray I, and a high speed highly parallel array processor such as the Goodyear MPP. A running time analysis, which is based... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • New Key Generation Algorithms for Multilevel Security

    Publication Year: 1983, Page(s): 72
    Cited by:  Papers (2)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (442 KB)

    This paper addresses one aspect of the problem of access control in a hierarchy. A general scheme is described which allows a user to generate from his own key the keys of users below him in the hierarchy. Two implementations of this scheme are then proposed and compared in terms of security and efficiency to an existing one. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Modified Architecture for the Sub-Keys Model

    Publication Year: 1983, Page(s): 79
    Cited by:  Papers (1)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (442 KB)

    A secure implementation for subkey database encryption is presented. Both Vertical and Horizontal access to the control encrypted date are defined and described. Communication protocols between user and system are also provided. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Evaluating Security Properties of Computer Systems

    Publication Year: 1983, Page(s): 89
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (659 KB)

    The Department of Defense has recently published Trusted Computer System Evaluation Criteria that provide the basis for evaluating the effectiveness of security controls built into computer systems. This paper summarizes basic security requirements and the technical criteria that are used to classify systems into eight hierarchical classes of enhanced security protection. These criteria are used i... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Security Enhancement through Product Evaluation

    Publication Year: 1983, Page(s): 96
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (561 KB)

    This paper describes a major goal of the DOD Computer Security Center, which is to encouraqe the easy availability of computer products with enhanced security features. The mechanisms by which this is to be accomplished are described. There are detailed explanations of the Preliminary and Final Product Evaluation processes. The paper then takes a pragmatic view, from three perspectives, of how the... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • An Approach to Identification of Minimum TCB Requirements for Various Threat/Risk Environments

    Publication Year: 1983, Page(s): 102
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (190 KB)

    A gross identification of threats and risks based on a data classification environment and the minimum clearance level of individuals using a system is related to the levels identified in the DODCSC Trusted Computer Evaluation Criteria. A proposed set of minimum TCB levels for given threat risk environments is identified. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The Channel Assignment Problem

    Publication Year: 1983, Page(s): 107
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (472 KB)

    An optimization problem exists in the context of local area network security. The network provides a number of physical or logical "channels", each carrying a set of levels or compartments of information. A channel is accessible to users cleared for all the levels it carries. The problem is to assign the set of levels to be carried by each channel so as to minimize the total number of channels, un... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • SDC Secure Release Terminal Project

    Publication Year: 1983, Page(s): 113
    Cited by:  Papers (2)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (605 KB)

    The SDC Secure Release Terminal SRT) project provides a useful view of the process involved in constructing software whose code is intended to be formally verified to satisfy desired security properties. The purpose of the SRT is to move appropriately classified data from a processing environment at one security level to a processing environment at another level in machine readable form. This pape... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Processor-per-Domain Guard Architecture

    Publication Year: 1983, Page(s): 120
    Cited by:  Papers (1)
    Request permission for reuse | PDF file iconPDF (27 KB)
    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Packet Switched Networks

    Publication Year: 1983, Page(s): 121
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (533 KB)

    The trend towards common user packet switched networks has increased the need for the provision of adequate end-to-end security techniques in order to protect the data of individual groups of network users. The techniques which can be employed in order to provide adequate end-to-end security measures are considered in this paper frc,mamilitary perspective, where the security requirements are parti... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Distributed Secure System

    Publication Year: 1983, Page(s): 127
    Cited by:  Papers (4)  |  Patents (14)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (929 KB)

    We describe the design of a distributed general-purpose computing system that enforces a multilevel security policy. The system is composed of standard UNIX systems and small trustworthy security mechanisms linked together in such a way as to provide a total system which, is not only demonstrably secure, but also highly efficient and cost effective. Despite the heterogeneity of its components, the... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Securing Networks: End-to-End Encrpytion vs. Link Encryption and Trusted Systems

    Publication Year: 1983, Page(s): 136
    Request permission for reuse | PDF file iconPDF (77 KB)
    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Note on the Denial-of-Service Problem

    Publication Year: 1983, Page(s): 139
    Cited by:  Papers (2)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (1106 KB)

    A simple and general definition of denial of service in operating systems is presented herein. It is argued that no current protection mechanism nor model resolves this problem in any demonstrable way. A set of examples from known systems is presented in order to delimit the scope of the problem. The notion of interuser dependency is introduced and identified as the common cause for all problem in... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The VERUS™ Design Verification System

    Publication Year: 1983, Page(s): 150
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (613 KB)

    VERUS is a design specification and verification system developed by Compion Corporation. Design verification is the analysis of the interaction of a computer system's primitives to show that the system meets certain correctness requirements. The system to be verified is described in a formal specification, which includes statements of the correctness requirements. VERUS is a general-purpose eyste... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Secure Computer Systems: A Retrospective

    Publication Year: 1983, Page(s): 161
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (114 KB)

    Eight years after the completion of the "Secure Computer Systems" series, basic questions about that work are being raised. Is the model useful? Is it overly restrictive? Are further modeling efforts necessary to address current problems? This paper addresses those questions in a personal view of the development and the utility of the "Secure Computer Systems" security model. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.