Proceedings December 2001 New Orleans, Louisiana. Sponsored by. Applied Computer Security Associates. Los Alamitos, California
|
|
- Joleen Phillips
- 5 years ago
- Views:
Transcription
1 Proceedings 17th Annual Computer Security Applications Conference December 2001 New Orleans, Louisiana Sponsored by Applied Computer Security Associates Los Alamitos, California Washington Brussels Tokyo iii
2 Copyright 2001 by The Institute of Electrical and Electronics Engineers, Inc. All rights reserved Copyright and Reprint Permissions: Abstracting is permitted with credit to the source. Libraries may photocopy beyond the limits of US copyright law, for private use of patrons, those articles in this volume that carry a code at the bottom of the first page, provided that the per-copy fee indicated in the code is paid through the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA Other copying, reprint, or republication requests should be addressed to: IEEE Copyrights Manager, IEEE Service Center, 445 Hoes Lane, P.O. Box 133, Piscataway, NJ The papers in this book comprise the proceedings of the meeting mentioned on the cover and title page. They reflect the authors opinions and, in the interests of timely dissemination, are published as presented and without change. Their inclusion in this publication does not necessarily constitute endorsement by the editors, the IEEE Computer Society, or the Institute of Electrical and Electronics Engineers, Inc. IEEE Computer Society Order Number PR01405 ISBN ISSN: Additional copies may be ordered from: IEEE Computer Society IEEE Service Center IEEE Computer Society Customer Service Center 445 Hoes Lane Asia/Pacific Office Los Vaqueros Circle P.O. Box 1331 Watanabe Bldg., P.O. Box 3014 Piscataway, NJ Minami-Aoyama Los Alamitos, CA Tel: Minato-ku, Tokyo Tel: Fax: JAPAN Fax: Tel: customer-service@ieee.org Fax: csbooks@computer.org tokyo.ofc@computer.org Editorial production by A. Denise Williams Cover art production by Joseph Daigle/Studio Productions Printed in the United States of America by The Printing House iv
3 Table of Contents 17th Annual Computer Security Applications Conference Message from the Conference Chair...xii Conference Committee... xiii Program Committee...xv Tutorial Committee...xvi Reviewers...xvii Speaker Biographies...xx WEDNESDAY 8:30 a.m., December 12 Distinguished Practitioner Castles in the Sand B. Blakley, Tivoli Systems, Inc., USA WEDNESDAY 10:30 a.m., December 12 TRACK A: Intrusion Detection I Chair: D. Faigin, The Aerospace Corporation, USA IntruDetector: A Software Platform for Testing Network Intrusion Detection Algorithms...3 T. Wan and X. Yang Mining Alarm Clusters to Improve Alarm Handling Efficiency...12 K. Julisch Managing Alerts in a Multi-Intrusion Detection Environment...22 F. Cuppens Implementing the Intrusion Detection Exchange Protocol...32 T. Buchheim, M. Erlinger, B. Feinstein, G. Matthews, R. Pollock, J. Betser, and A. Walther TRACK B: Security Architecture Chair: C. Schuba, Sun Microsystems, Germany Information Flow Analysis of Component-Structured Applications...45 P. Herrmann Security Policy Enforcement at the File System Level in the Windows NT Operating System Family...55 S. Wolthusen Java Security Extensions for a Java Server in a Hostile Environment...64 D. Wheeler, A. Conyers, J. Luo, and A. Xiong Genoa TIE, Advanced Boundary Controller Experiment...74 E. Monteith v
4 WEDNESDAY 1:30 p.m., December 12 TRACK A: Cryptography Chair: A. dos Santos, Georgia Tech, USA A JCA-Based Implementation Framework for Threshold Cryptography...85 Y. Huang, D. Rine, and X. Wang The Performance Measurement of Cryptographic Primitives on Palm Devices...92 D. Wong, H. Fuentes, and A. Chan Privacy-Preserving Cooperative Statistical Analysis W. Du and M. Atallah TRACK B Forum Chair: M. Erlinger, Harvey Mudd College, USA Experiences Implementing a Common Format for IDS Alerts B. Feinstein, Guardent, USA G. Matthews, NASA, USA S. Staniford, Silicon Defense, USA A. Walther, The Aerospace Corporation, USA WEDNESDAY 3:30 p.m., December 12 TRACK A: Access Control I Chair: M. Clifford, The Aerospace Corporation, USA Detecting Conflicts in a Role-Based Delegation Model A. Schaad Engineering of Role/Permission Assignments P. Epstein and R. Sandhu A Framework for Multiple Authorization Types in a Healthcare Application System R. Chandramouli Determining Privileges of Mobile Agents W. Jansen TRACK B: Classic Papers Chair: D. Thomsen, Secure Computing, USA Introduction to Classic Papers D. Thomsen Building Reliable Secure Computing Systems out of Unreliable Insecure Components J. Dobson and B. Randell A Security Model for Military Message Systems: Retrospective C. Landwehr, C. Heitmeyer, and J. McLean vi
5 An Information Flow Tool for Gypsy J. M c Hugh THURSDAY 8:30 a.m., December 13 Invited Essayist Plenary Information Security: Science, Pseudoscience, and Flying Pigs R. Schell, Aesec, USA THURSDAY 10:30 a.m., December 12 TRACK A: Intrusion Detection II Chair: J. Heaney, The MITRE Corporation, USA DAIS: A Real-Time Data Attack Isolation System for Commercial Database Applications P. Liu Watcher: The Missing Piece of the Security Puzzle J. Munson and S. Wimer expert-bsm: A Host-Based Intrusion Detection Solution for Sun Solaris U. Lindqvist and P. Porras Temporal Signatures for Intrusion Detection A. Jones and S. Li TRACK B: Secure Electronic Commerce Chair: T. Ehrsam, Oracle, USA Securing Web Servers against Insider Attack S. Jiang, S. Smith, and K. Minami Enabling Hierarchical and Bulk-Distribution for Watermarked Content G. Caronni and C. Schuba CONSEPP: CONvenient and Secure Electronic Payment Protocol Based on X A. Levi and Ç. Koç Wired versus Wireless Security: The Internet, WAP and imode for E-Commerce P. Ashley, H. Hinton, and M. Vandenwauver THURSDAY 1:30 p.m., December 13 TRACK A: Access Control II Chair: R. Sandhu, George Mason University, USA A Component-Based Architecture for Secure Data Publication P. Bonatti, E. Damiani, S. De Capitani, and P. Samarati The Authorization Service of Tivoli Policy Director G. Karjoth vii
6 Architecture and Applications for a Distributed Embedded Firewall C. Payne and T. Markham TRACK B Panel Chair: J. Reynolds, Teknowledge, USA How Useful is Software Fault Injection for Evaluating the Security of COTS Products? M. Bishop, University of California at Davis, USA A. Ghosh, Cigital, USA J. Whittaker, Florida Institute of Technology, USA THURSDAY 3:30 p.m., December 13 TRACK A Forum Chair: J. Patilla, METASeS, USA Security Vendor CTOs: Perspectives, Opinions, and Lessons Learned R. Gula, Enterasys, USA G. Kim, Tripwire, USA C. Klaus, Internet Security Systems, USA P. Proctor, Cybersafe, USA TRACK B: Reality vs. Security Chair: D. Johnson, The MITRE Corporation, USA Practical Automated Filter Generation to Explicitly Enforce Implicit Input Assumptions V. Razmov and D. Simon Why Information Security is Hard An Economic Perspective R. Anderson Abuse-Case-Based Assurance Arguments J. McDermott FRIDAY 8:30 a.m., December 14 TRACK A: PKI Chair: M. Abrams, The MITRE Corporation, USA A Regulated Approach to Certificate Management V. Ungureanu Restricting Access with Certificate Attributes in Multiple Root Environments A Recipe for Certificate Masquerading J. Hayes Secure Blue: An Architecture for a Scalable, Reliable, High Volume SSL Internet Server R. Mraz viii
7 TRACK B: Internet Security Chair: A. Friedman, NSA, USA Secure Anonymous Group Infrastructure for Common and Future Internet Applications N. Weiler Mitigating Distributed Denial of Service Attacks with Dynamic Resource Pricing D. Mankins, R. Krishnan, C. Boyd, J. Zao, and M. Frentz Requirements for a General Framework for Response to Distributed Denial-of-Service D. Gresty, Q. Shi, and M. Merabti FRIDAY 10:30 a.m., December 14 TRACK A: Applications Security Chair: J. Kahn, The MITRE Corporation, USA Trustworthiness in Distributed Electronic Healthcare Records Basis for Shared Care B. Blobel Application Intrusion Detection using Language Library Calls A. Jones and Y. Lin Verifiable Identifiers in Middleware Security U. Lang, D. Gollmann, and R. Schreiner TRACK B Panel Chair: T. Havighurst, NSA, USA Computing Without Wires (Or Even a Net): The Pitfalls, Potentials, and Practicality of Wireless Networking A. Entrichel, NSA, USA J. Bergman, Harris, USA J. Willis, NSA, USA H. Little, Research in Motion, Canada Author Index ix
Proceedings. Second IEEE International Workshop on Source Code Analysis and Manipulation
Proceedings Second IEEE International Workshop on Source Code Analysis and Manipulation Proceedings Second IEEE International Workshop on Source Code Analysis and Manipulation 1 October 2002 Montreal,
More informationIEEE International Workshop on Analysis and Modeling of Faces and Gestures AMFG 2003
IEEE International Workshop on Analysis and Modeling of Faces and Gestures AMFG 2003 17 October 2003 Nice, France Los Alamitos, California Washington Brussels Tokyo Copyright 2003 by The Institute of Electrical
More informationSixth IEEE International Symposium on High Assurance Systems Engineering
Sixth IEEE International Symposium on High Assurance Systems Engineering Special Topic: Impact of Networking 22-24 October 2001 Boca Raton, Florida, USA Sponsored by the IEEE Computer Society Technical
More informationProceedings Fourth IEEE International Workshop on Advanced Issues of E-Commerce and Web-Based Information Systems (WECWIS 2002)
Proceedings Fourth IEEE International Workshop on Advanced Issues of E-Commerce and Web-Based Information Systems (WECWIS 2002) Proceedings Fourth IEEE International Workshop on Advanced Issues of E-Commerce
More informationFuture Trends of Distributed Computing Systems
Proceedings The Eighth IEEE Workshop on Future Trends of Distributed Computing Systems FTDCS 2001 31 October 2 November 2001 Bologna, Italy Sponsored by IEEE Computer Society Los Alamitos, California Washington
More informationCOMPUTER PROCEEDINGS OF SOCIETY. THE 2nd INTERNATIONAL CONFERENCE ON WEB INFORMATION SYSTEMS ENGINEERING Volume 1 (Main Program)
PROCEEDINGS OF THE 2nd INTERNATIONAL CONFERENCE ON WEB INFORMATION SYSTEMS ENGINEERING Volume 1 (Main Program) 3-6 December 2001, Kyoto, Japan Organized by WISE Society Kyoto University, Japan EDITORS
More informationProceedings. 14 th IEEE International Workshop on. Rapid Systems Prototyping RSP 2003
Proceedings 14 th IEEE International Workshop on Rapid Systems Prototyping RSP 2003 Proceedings 14 th IEEE International Workshop on Rapid Systems Prototyping San Diego, California, USA June 9 11, 2003
More informationSoftware Reliability Engineering
Proceedings lzth International Symposium on Software Reliability Engineering ISSRE 2001 Proceedings lzfh International Symposium on Software Reliability Engineering ISSRE 2001 27-30 November Hong Kong,
More informationProceedings. Ninth International Conference on. Network Protocols ICNP 2001
Proceedings Ninth International Conference on Network Protocols ICNP 2001 Proceedings Ninth International Conference on Network Protocols ICNP 2001 11-14 November 2001 Riverside, California, USA Sponsored
More informationProceedings Pacific Rim International Symposium on Dependable Computing PRDC 2002
Proceedings 2002 Pacific Rim International Symposium on Dependable Computing PRDC 2002 i [blank page] ii Proceedings 2002 Pacific Rim International Symposium on Dependable Computing PRDC 2002 16-18 December
More informationFuture Trends of Distributed Computing Systems
Proceedings The Ninth IEEE Workshop on Future Trends of Distributed Computing Systems FTDCS 2003 28-30 May 2003 San Juan, Puerto Rico Sponsored by IEEE Computer Society Los Alamitos, California Washington
More informationImplementing Security and Tokens: Current Standards, Tools, and Practices
Implementing Email Security and Tokens: Current Standards, Tools, and Practices Sean Turner Russ Housley Wiley Publishing, Inc. Implementing Email Security and Tokens: Current Standards, Tools, and Practices
More informationCreating the IETF IDWG Intrusion Detection Protocols IDMEF & IDXP
Creating the IETF IDWG Intrusion Detection Protocols IDMEF & IDXP Ground System Architectures Workshop GSAW 2002 March 12-15, 2002 Joe Betser Andy Walther The Aerospace Corp Mike Erlinger, Tim Buchheim
More informationth International Conference on Telecommunications (ICT 2017)
2017 24th International Conference on Telecommunications (ICT 2017) Limassol, Cyprus 3-5 May 2017 IEEE Catalog Number: ISBN: CFP17530-POD 978-1-5386-0644-5 Copyright 2017 by the Institute of Electrical
More informationProceedings. Sixth IEEE International Symposium on Object-Oriented Real-Time Distributed Computing
Proceedings Sixth IEEE International Symposium on Object-Oriented Real-Time Distributed Computing ISORC 2003 Proceedings Sixth IEEE International Symposium on Object-Oriented Real-Time Distributed Computing
More informationControlled Document Page 1 of 6. Effective Date: 6/19/13. Approved by: CAB/F. Approved on: 6/19/13. Version Supersedes:
Page 1 of 6 I. Common Principles and Approaches to Privacy A. A Modern History of Privacy a. Descriptions, definitions and classes b. Historical and social origins B. Types of Information a. Personal information
More informationINTRUSION DETECTION AND CORRELATION. Challenges and Solutions
INTRUSION DETECTION AND CORRELATION Challenges and Solutions Advances in Information Security Sushil Jajodia Consulting editor Center for Secure Information Systems George Mason University Fairfax, VA
More informationProceedings of The Second International Conference on Web Information Systems Engineering
Proceedings of The Second International Conference on Web Information Systems Engineering Volume 1 (Main Program) 3-6 December 2001 Kyoto, Japan Editors Tamer Ozsu Hans-Jorg Schek Katsumi Tanaka Yanchun
More information2017 International Conference on Communication Technologies (ComTech 2017)
2017 International Conference on Communication Technologies (ComTech 2017) Rawalpindi, Pakistan 19 21 April 2017 IEEE Catalog Number: ISBN: CFP17CMR-POD 978-1-5090-5985-0 Copyright 2017 by the Institute
More informationWIRELESS SENSOR NETWORKS A Networking Perspective Edited by Jun Zheng Abbas Jamalipour A JOHN WILEY & SONS, INC., PUBLICATION WIRELESS SENSOR NETWORKS IEEE Press 445 Hoes Lane Piscataway, NJ 08854 IEEE
More informationThreat Modeling. Bart De Win Secure Application Development Course, Credits to
Threat Modeling Bart De Win bart.dewin@ascure.com Secure Application Development Course, 2009 Credits to Frank Piessens (KUL) for the slides 2 1 Overview Introduction Key Concepts Threats, Vulnerabilities,
More informationLEGITIMATE APPLICATIONS OF PEER-TO-PEER NETWORKS DINESH C. VERMA IBM T. J. Watson Research Center A JOHN WILEY & SONS, INC., PUBLICATION
LEGITIMATE APPLICATIONS OF PEER-TO-PEER NETWORKS DINESH C. VERMA IBM T. J. Watson Research Center A JOHN WILEY & SONS, INC., PUBLICATION LEGITIMATE APPLICATIONS OF PEER-TO-PEER NETWORKS LEGITIMATE APPLICATIONS
More informationINTRUSION DETECTION IN DISTRIBUTED SYSTEMS An Abstraction-Based Approach
INTRUSION DETECTION IN DISTRIBUTED SYSTEMS An Abstraction-Based Approach Library of Congress Cataloging-in-Publication ISBN 978-1-4613-5091-0 ISBN 978-1-4615-0467-2 (ebook) DOI 10.1007/978-1-4615-0467-2
More informationPractical Database Programming with Visual Basic.NET
Practical Database Programming with Visual Basic.NET IEEE Press 445 Hoes Lane Piscataway, NJ 08854 IEEE Press Editorial Board Lajos Hanzo, Editor in Chief R. Abari M. El-Hawary S. Nahavandi J. Anderson
More informationLEGITIMATE APPLICATIONS OF PEER-TO-PEER NETWORKS
LEGITIMATE APPLICATIONS OF PEER-TO-PEER NETWORKS DINESH C. VERMA IBM T. J. Watson Research Center A JOHN WILEY & SONS, INC., PUBLICATION LEGITIMATE APPLICATIONS OF PEER-TO-PEER NETWORKS LEGITIMATE APPLICATIONS
More information2015 Twelfth International Conference on Wireless and Optical Communications Networks (WOCN 2015)
2015 Twelfth International Conference on Wireless and Optical Communications Networks (WOCN 2015) Bangalore, India 9-11 September 2015 IEEE Catalog Number: ISBN: CFP15604-POD 978-1-4673-9278-5 Copyright
More informationDesigning Security Architecture Solutions Jay Ramachandran Wiley Computer Publishing John Wiley & Sons, Inc. Designing Security Architecture Solutions Designing Security Architecture Solutions Jay Ramachandran
More informationCOMPONENT-ORIENTED PROGRAMMING
COMPONENT-ORIENTED PROGRAMMING COMPONENT-ORIENTED PROGRAMMING ANDY JU AN WANG KAI QIAN Southern Polytechnic State University Marietta, Georgia A JOHN WILEY & SONS, INC., PUBLICATION Copyright 2005 by John
More informationCertified Revenue Management Executive Certification Application
Certified Revenue Management Executive Certification Application About the Certified Revenue Management Executive (CRME) The CRME is a prestigious certification in revenue management from the Hospitality
More informationCSci530 Final Exam. Fall 2014
CSci530 Final Exam Fall 2014 Instructions: Show all work. No electronic devices are allowed. This exam is open book, open notes. You have 120 minutes to complete the exam. Please prepare your answers on
More informationIEEE P Letter Ballot
IEEE P802.11 Letter Ballot Date submitted: April 5, 1995 hirty day letter ballot, 50 % returns required to make ballot valid. Ballot closes May 5, 1995. If less than 50 % ballots have been recieved, the
More informationOperations & Technology Seminar. Tuesday, November 8, 2016 Crowne Plaza Monroe, Monroe Township, NJ
Operations & Technology Seminar Tuesday, November 8, 2016 Crowne Plaza Monroe, Monroe Township, NJ Operations & Technology Roundtable Crowne Plaza Monroe, Monroe Township, NJ Tuesday, November 8, 2016
More informationNational Information Assurance Partnership
National Information Assurance Partnership TM Common Criteria Evaluation and Validation Scheme Validation Report Sun Java System Identity Manager v5.0 Report Number: CCEVS-VR-05-0117 Dated: 6 September
More informationPayment Technologies for E-Commerce
Payment Technologies for E-Commerce Bearbeitet von Weidong Kou 1. Auflage 2003. Buch. IX, 334 S. Hardcover ISBN 978 3 540 44007 9 Format (B x L): 15,5 x 23,5 cm Gewicht: 1470 g Wirtschaft > Spezielle Betriebswirtschaft
More informationSECURITY ON AWS 8/3/17. AWS Security Standards MORE. By Max Ellsberry
SECURITY ON AWS By Max Ellsberry AWS Security Standards The IT infrastructure that AWS provides has been designed and managed in alignment with the best practices and meets a variety of standards. Below
More informationIntroduction and Statement of the Problem
Chapter 1 Introduction and Statement of the Problem 1.1 Introduction Unlike conventional cellular wireless mobile networks that rely on centralized infrastructure to support mobility. An Adhoc network
More informationTHE ARCHITECTURE OF COMPUTER HARDWARE, SYSTEM SOFTWARE, AND NETWORKING
FOURTH EDITION THE ARCHITECTURE OF COMPUTER HARDWARE, SYSTEM SOFTWARE, AND NETWORKING AN INFORMATION TECHNOLOGY APPROACH Irv Englander Bentley University John Wiley & Sons, Inc. Vice President & Executive
More informationFine-grained and Scalable Approaches for Message Integrity
Fine-grained and Scalable Approaches for Message Integrity Joon S. Park and Ganesh Devarajan The Laboratory for Applied Information Security Technology (LAIST) School of Information Studies Syracuse University
More informationCSci 530 Final Exam. Fall 2007
CSci 530 Final Exam Fall 2007 Instructions: Show all work. No electronic devices are allowed. This exam is open book, open notes. You have 120 minutes to complete the exam. Please prepare your answers
More informationData Warehousing and Data Mining Techniques for Cyber Security
Data Warehousing and Data Mining Techniques for Cyber Security Advances in Information Security Sushil Jajodia Consulting Editor Center for Secure Information Systems George Mason University Fairfax, VA
More informationRelational Database Index Design and the Optimizers
Relational Database Index Design and the Optimizers DB2, Oracle, SQL Server, et al. Tapio Lahdenmäki Michael Leach A JOHN WILEY & SONS, INC., PUBLICATION Relational Database Index Design and the Optimizers
More informationMastering UNIX Shell Scripting
Mastering UNIX Shell Scripting Bash, Bourne, and Korn Shell Scripting for Programmers, System Administrators, and UNIX Gurus Second Edition Randal K. Michael Wiley Publishing, Inc. Mastering UNIX Shell
More informationDISSEMINATING SECURITY UPDATES AT INTERNET SCALE
DISSEMINATING SECURITY UPDATES AT INTERNET SCALE Advances in Information Security Sushil Jajodia Consulting editor Center for Secure Information Systems George Mason University Fairfax, VA 22030-4444 email:
More informationInternational Policy Division, Global ICT Strategy Bureau
MIC International Policy Division, Global ICT Strategy Bureau Communications News Newsletter of the Ministry of Internal Affairs and Communications(MIC), Japan Please Feel free to use articles in this
More informationEnabling Technologies for Wireless E-Business
Enabling Technologies for Wireless E-Business Weidong Kou Yelena Yesha (Eds.) Enabling Technologies for Wireless E-Business With 141 Figures and 15 Tables ABC Editors Weidong Kou Chinese State Key Laboratory
More informationHistorical Reliability Data for IEEE 3006 Standards: Power Systems Reliability
IEEE 3006 STANDARDS: POWER SYSTEMS RELIABILITY http://www.booksfiles.org/33780-ieee-3006-5-2014.html Historical Reliability Data for IEEE 3006 Standards: Power Systems Reliability IEEE 3000 Standards
More informationSecuring SCADA Systems. Ronald L. Krutz
Securing SCADA Systems Ronald L. Krutz Securing SCADA Systems Securing SCADA Systems Ronald L. Krutz Securing SCADA Systems Published by Wiley Publishing, Inc. 10475 Crosspoint Boulevard Indianapolis,
More informationRelease Notes. IBM Tivoli Identity Manager Universal Provisioning Adapter. Version First Edition (June 14, 2010)
IBM Tivoli Identity Manager Version 5.1.2 First Edition (June 14, 2010) This edition applies to version 5.1 of Tivoli Identity Manager and to all subsequent releases and modifications until otherwise indicated
More informationUnlocking the Power of the Cloud
TRANSFORM YOUR BUSINESS With Smarter IT Unlocking the Power of the Cloud Hybrid Networking Managed Security Cloud Communications Software-defined solutions that adapt to the shape of your business The
More informationArnold N. Alderman Founder & President of Anagenesis, Inc. a technical marketing company
Arnold N. Alderman Founder & President of Anagenesis, Inc. a technical marketing company Mr. Alderman is a well known industry expert in the marketing of high technology products and is author of many
More informationraining Meeting your training needs and CPE requirements opportunities July-September Group-Live Course Group Internet- Based Course
Meeting your training needs and CPE requirements T raining opportunities July-September 2018 Group-Live Course Group Internet- Based Course To learn more or register for any of these events, visit www.gfoa.org
More informationAgile Database Techniques Effective Strategies for the Agile Software Developer. Scott W. Ambler
Agile Database Techniques Effective Strategies for the Agile Software Developer Scott W. Ambler Agile Database Techniques Effective Strategies for the Agile Software Developer Agile Database Techniques
More informationSecuring Web Applications. Architecture Alternatives. Web Application Security Roadmap. Defense in Depth. Defense in Depth
V User Terminal Key Secure Storage Personal Computers AntiVirus Certificate Mgmt Authority :::::: Multiplexor Securing Web Applications Jennifer L. Bayuk jennifer@bayuk.com www.bayuk.com 1 Mainframe Wireless
More informatione2e let the ends do it (or control it) let the user decide
The Myth of Network Neutrality Scott Bradner Harvard University 15 February 2006 net neutrality - 1 Internet Architectural Principle e2e let the ends do it (or control it) let the user decide (a.k.a.,
More information7 Windows Tweaks. A Comprehensive Guide to Customizing, Increasing Performance, and Securing Microsoft Windows 7. Steve Sinchak
Take control of Windows 7 Unlock hidden settings Rev up your network Disable features you hate, for good Fine-tune User Account control Turbocharge online speed Master the taskbar and start button Customize
More informationRID IETF Draft Update
RID IETF Draft Update Kathleen M. Moriarty INCH Working Group 5 August 2004 This work was sponsored by the Air Force under Air Force Contract Number F19628-00-C-0002. "Opinions, interpretations, conclusions,
More informationIssues in Assessing Commercial Certification Service Trust
The Open Group Security Program Group Building Trust on the Net ---- San Diego -- April 30, 1998 Issues in Assessing Commercial Certification Service Trust Michael S. Baum, J.D., M.B.A. VP, Practices &
More informationBCS Higher Education Qualifications. Level 6 Web Engineering Syllabus
BCS Higher Education Qualifications Level 6 Web Engineering Syllabus Version 3.0 December 2016 This is a United Kingdom government regulated qualification which is administered and approved by one or more
More informationIntroduction and Charge
GENI and Security Deborah Frincke, PNNL, co-chair Matt Bishop, UCD, co-chair Chen-Nee Chuah, UCD, community collaborator Karl Levitt, NSF, NSF co-ordinator Mike Reiter, CMU, GENI security leader and provider
More informationCybersecurity & Privacy Enhancements
Business, Industry and Government Cybersecurity & Privacy Enhancements John Lainhart, Director, Grant Thornton The National Institute of Standards and Technology (NIST) is in the process of updating their
More informationReal-Time Optimization by Extremum-Seeking Control
Real-Time Optimization by Extremum-Seeking Control Real-Time Optimization by Extremum-Seeking Control KARTIK B. ARIYUR MIROSLAV KRSTIĆ A JOHN WILEY & SONS, INC., PUBLICATION Copyright 2003 by John Wiley
More informationBeginning Transact-SQL with SQL Server 2000 and Paul Turley with Dan Wood
Beginning Transact-SQL with SQL Server 2000 and 2005 Paul Turley with Dan Wood Beginning Transact-SQL with SQL Server 2000 and 2005 Beginning Transact-SQL with SQL Server 2000 and 2005 Paul Turley with
More informationVice President and Chief Information Security Officer FINRA Technology, Cyber & Information Security
Plenary Session: Cybersecurity the Current Regulatory Environment: Insight from Regulators and Industry Experts Thursday, February 22 3:45 p.m. 4:45 p.m. With recent high-profile data breaches, cybersecurity
More informationCOSO Enterprise Risk Management
COSO Enterprise Risk Management COSO Enterprise Risk Management Establishing Effective Governance, Risk, and Compliance Processes Second Edition ROBERT R. MOELLER John Wiley & Sons, Inc. Copyright # 2007,
More informationMapping PCI DSS v2.0 With COBIT 4.1 By Pritam Bankar, CISA, CISM, and Sharad Verma
Volume 2, April 2011 Come join the discussion! Pritam Bankar and Sharad Verma will be responding to questions and comments in the discussion area of the COBIT Use It Effectively topic beginning 21 April
More informationHASHING IN COMPUTER SCIENCE FIFTY YEARS OF SLICING AND DICING
HASHING IN COMPUTER SCIENCE FIFTY YEARS OF SLICING AND DICING Alan G. Konheim JOHN WILEY & SONS, INC., PUBLICATION HASHING IN COMPUTER SCIENCE HASHING IN COMPUTER SCIENCE FIFTY YEARS OF SLICING AND DICING
More informationSecure Role-Based Workflow Models
Secure Role-Based Workflow Models Savith Kandala and Ravi Sandhu Savith Kandala Ravi Sandhu CygnaCom Solutions. SingleSignOn.Net and George Mason University (An Entrust Technologies Company) Dept. of Information
More informationThe Future of Access Control: Attributes, Automation and Adaptation
Institute for Cyber Security The Future of Access Control: Attributes, Automation and Adaptation Prof. Ravi Sandhu Executive Director and Endowed Chair IRI San Francisco August 15, 2013 ravi.sandhu@utsa.edu
More informationCCA CEU Application and Reviewer Information
CCA CEU Application and Reviewer Information The following information has been compiled from the CCA Policies and Procedures Manual to provide additional details on submitting CEU applications and the
More informationLayer Security White Paper
Layer Security White Paper Content PEOPLE SECURITY PRODUCT SECURITY CLOUD & NETWORK INFRASTRUCTURE SECURITY RISK MANAGEMENT PHYSICAL SECURITY BUSINESS CONTINUITY & DISASTER RECOVERY VENDOR SECURITY SECURITY
More informationJoin the p2p.wrox.com. Wrox Programmer to Programmer. Beginning PHP 5.3. Matt Doyle
Join the discussion @ p2p.wrox.com Wrox Programmer to Programmer Beginning PHP 5.3 Matt Doyle Programmer to Programmer Get more out of WROX.com Interact Take an active role online by participating in our
More informationA Composite Trust based Public Key Management in MANETs
USMA 6 th Network Science Workshop April 23, 2012 West Point, NY U.S. Army Research, Development and Engineering Command A Composite Trust based Public Key Management in MANETs Jin-Hee Cho and Kevin Chan
More informationEntrust Technical Integration Guide for Entrust Security Manager 7.1 SP3 and SafeNet Luna CA4
Entrust Technical Integration Guide for Entrust Security Manager 7.1 SP3 and SafeNet Luna CA4 July 2008 Entrust is a registered trademark of Entrust, Inc. in the United States and certain other countries.
More informationInstallation and User s Guide
Tivoli Data Protection for Informix Installation and User s Guide Version3Release7 SH26-4095-00 Tivoli Data Protection for Informix Installation and User s Guide Version3Release7 SH26-4095-00 Note Before
More informationMulti-Core Programming
Multi-Core Programming Increasing Performance through Software Multi-threading Shameem Akhter Jason Roberts Intel PRESS Copyright 2006 Intel Corporation. All rights reserved. ISBN 0-9764832-4-6 No part
More informationIEEE 2013 JAVA PROJECTS Contact No: KNOWLEDGE AND DATA ENGINEERING
IEEE 2013 JAVA PROJECTS www.chennaisunday.com Contact No: 9566137117 KNOWLEDGE AND DATA ENGINEERING (DATA MINING) 1. A Fast Clustering-Based Feature Subset Selection Algorithm for High Dimensional Data
More informationModern Experimental Design
Modern Experimental Design THOMAS P. RYAN Acworth, GA Modern Experimental Design Modern Experimental Design THOMAS P. RYAN Acworth, GA Copyright C 2007 by John Wiley & Sons, Inc. All rights reserved.
More informationJava Card Technology-based Corporate Card Solutions
Java Card Technology-based Corporate Card Solutions Jack C. Pan, Leader and Sr. Architect Hervé Garcia, Tech. Project Manager econsumer Emerging Technologies, Citibank Overall Presentation Goal The objectives
More informationBill Wear. VirtualVault Product Manager. Internet Banking Case Study
Bill Wear VirtualVault Product Manager Internet Banking Case Study Business Problem? A Swedish bank wants an Internet Branch. Make the security barrier high enough...... but not TOO high. And by the way,
More informationDraft Resolution for Committee Consideration and Recommendation
Draft Resolution for Committee Consideration and Recommendation Committee A: Security and Transparency in a Digital Environment The General Assembly; Draft Resolution Submitted for revision by the delegations
More informationHPE Intelligent Management Center
HPE Intelligent Management Center EAD Security Policy Administrator Guide Abstract This guide contains comprehensive information for network administrators, engineers, and operators working with the TAM
More informationISO/IEC INTERNATIONAL STANDARD. Information technology Trusted Platform Module Part 1: Overview
INTERNATIONAL STANDARD ISO/IEC 11889-1 First edition 2009-05-15 Information technology Trusted Platform Module Part 1: Overview Technologies de l'information Module de plate-forme de confiance Partie 1:
More informationRESUME WEI LI EDUCATION EMPLOYMENT RESEARCH INTERESTS HONORS AND AWARDS
RESUME WEI LI Graduate School of Computer and Information Sciences Nova Southeastern University 3301 College Avenue, Fort Lauderdale-Davie, FL 33314 Office: (954) 262-2068 Fax: (954) 262-3915 Email: lwei@nova.edu
More informationE-guide Getting your CISSP Certification
Getting your CISSP Certification Intro to the 10 CISSP domains of the Common Body of Knowledge : The Security Professional (CISSP) is an information security certification that was developed by the International
More informationSOT ABSTRACT SUBMISSION GUIDE Updated 8/7/18 Abstract Site Open Wednesday, August 15 to Friday, October 19, 2018 (11:59 PM US ET)
SOT ABSTRACT SUBMISSION GUIDE Updated 8/7/18 Abstract Site Open Wednesday, August 15 to Friday, October 19, 2018 (11:59 PM US ET) Note: All accepted poster abstracts will be placed into all-day poster
More informationMIMOSA. PMA-209 Industry Day and FACE Exhibition/TIM Event. October 17, Mr. Matthew Baxter
MIMOSA PMA-209 Industry Day and FACE Exhibition/TIM Event October 17, 2017 Mr. Matthew Baxter Research Engineer I Georgia Tech Research Institute ELSYS ESID OSSB WARNING - This document contains technical
More informationIt s still very important that you take some steps to help keep up security when you re online:
PRIVACY & SECURITY The protection and privacy of your personal information is a priority to us. Privacy & Security The protection and privacy of your personal information is a priority to us. This means
More informationLecture 5: Foundation of Network Management
Lecture 5: Foundation of Network Management Prof. Shervin Shirmohammadi SITE, University of Ottawa Prof. Shervin Shirmohammadi CEG 4395 5-1 Network Management Standards OSI: Common Management Information
More informationI-95 Corridor Coalition. Multi-State VMT-Based Road-User Fee Initiative. Mark F. Muriello
I-95 Corridor Coalition Multi-State VMT-Based Road-User Fee Initiative Mark F. Muriello Assistant Director Tunnels, Bridges and Terminals The Port Authority of NY & NJ Co-Chair Policy & Strategic Planning
More informationASH Group Information and FAQ's
TABLE OF CONTENTS 1. WHAT DO THE BADGES LOOK LIKE?... 2 2. REGISTRATION TYPE DEFINITION... 2 3. WHAT IS A GROUP ADMINISTRATOR?... 2 4. HOW DO I SUBMIT MY GROUP S REGISTRATIONS?... 3 5. WHAT ARE THE REGISTRATION
More informationProceedings Pacific Rim International Symposium on Dependable Computing PRDC 2001
Proceedings 2001 Pacific Rim International Symposium on Dependable Computing PRDC 2001 ~~ ~~~~~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Proceedings 2001 Pacific Rim International Symposium on Dependable Computing 17-1 9 December
More informationUsability, Security and Privacy
Usability, Security and Privacy Computer Science and Telecommunications Board Butler Lampson Microsoft Research July 21, 2009 1 Usable Security: Things Are Really Bad Users don t know how to think about
More informationThreat analysis. Tuomas Aura CS-C3130 Information security. Aalto University, autumn 2017
Threat analysis Tuomas Aura CS-C3130 Information security Aalto University, autumn 2017 Outline What is security Threat analysis Threat modeling example Systematic threat modeling 2 WHAT IS SECURITY 3
More informationLinux Command Line and Shell Scripting Bible. Third Edtion
Linux Command Line and Shell Scripting Bible Third Edtion Linux Command Line and Shell Scripting BIBLE Third Edition Richard Blum Christine Bresnahan Linux Command Line and Shell Scripting Bible, Third
More informationTrusted Platform for Mobile Devices: Challenges and Solutions
Trusted Platform for Mobile Devices: Challenges and Solutions Lily Chen Motorola Inc. May 13, 2005 Outline Introduction Challenges for a trusted platform Current solutions Standard activities Summary New
More informationCPET 581 E-Commerce & Business Technologies. References
CPET 581 E-Commerce & Business Technologies The E-Commerce Security Part 2 of 2 Paul I-Hai Lin, Professor http://www.etcs.ipfw.edu/~lin A Specialty Course for M.S. in Technology IT/Advanced Computer Applications
More informationTASK SCHEDULING FOR PARALLEL SYSTEMS
TASK SCHEDULING FOR PARALLEL SYSTEMS Oliver Sinnen Department of Electrical and Computer Engineering The University of Aukland New Zealand TASK SCHEDULING FOR PARALLEL SYSTEMS TASK SCHEDULING FOR PARALLEL
More informationMCITP Windows Server 2008 Server Administrator Study Guide
MCITP Windows Server 2008 Server Administrator Study Guide Darril Gibson MCITP Windows Server 2008 Server Administrator Study Guide MCITP Windows Server 2008 Server Administrator Study Guide Darril Gibson
More informationElectronic Signature Policy
Electronic Signature Policy Definitions The following terms are used in this policy. Term Definition Electronic Signature An electronic signature is a paperless method used to authorize or approve documents
More informationInformation Security CS 526
Information Security CS 526 Topic 23: Role Based Access Control CS526 Topic 23: RBAC 1 Readings for This Lecture RBAC96 Family R.S. Sandhu, E.J. Coyne, H.L. Feinstein, and C.E. Youman. Role-Based Access
More information