This directory is created automatically and some papers may be mislabeled. Only document within the CiteSeer database are listed. The directory is intended to provide entry points for browsing the database and is not intended to be authoritative. Papers may not appear in all relevant categories. For example, papers in a sub-category may not appear in higher level categories.
270 A Hierarchical Internet Object Cache - Chankhunthod, Danzig, Neerdaels.. (1995)(Correct)
This paper discusses the design andperformance of a hierarchical proxy-cache designed to make Internet information systems scale better. The design was motivated by our earlier trace-driven simulati... / including issues related to security transparency to br out of concern for Internet security. Many Internet sites are forced
270 Proof-Carrying Code - Necula, Lee (1996)(Correct)
This report describes Proof-Carrying Code, a software mechanism that allows a host system to determine with certainty that it is safe to execute a program supplied by an untrusted source. For this to ... / ML. Keywords Operating System Security and Protection System
259 Efficient Software-Based Fault Isolation - Wahbe, Lucco, Anderson, Graham (1993)(Correct)
One way to provide fault isolation among cooperating software modules is to place each in its own address space. However, for tightly-coupled modules, this solution incurs prohibitive context switch o... / our techniques to implement full security preventing distrusted code from
179 Orca: A Language For Parallel Programming Of Distributed Systems - Bal, Kaashoek, Tanenbaum (1992)(Correct)
Orca is a language for implementing parallel applications on loosely coupled distributed
systems. Unlike most languages for distributed programming, it allows processes on
different machines to share ... / been omitted to provide security. Also the language lacks global br of memory usually violates type security. A programmer can deallocate
171 A Logic of Authentication - Burrows, Abadi, Needham (1990)(Correct)
Authentication protocols form the basis of security in many distributed systems, making it imperative to ensure the proper functioning of these protocols. A simple logic is presented that allows the a... / be harmful in the study of security properties where we would want br protocol steps are used. z Security breaches do not even require key
168 The Challenges of Mobile Computing - Forman, Zahorjan (1994)(Correct)
Advances in wireless networking technology have engendered a new paradigm of
computing, called mobile computing, in which users carrying portable devices have
access to a shared infrastructure indepen... / disconnection low bandwidth data security mobility location dependence br . Security Risks
163 Authentication in Distributed Systems: Theory and Practice - Lampson, Abadi, Burrows, Wobber (1992)(Correct)
this paper appeared in the Proceedings of the Thirteenth ACM Sympos - ium on Operating Systems Principles. unknown Lampson et al, Authentication in Distributed Systems 1
A preliminary version of / explain many existing and proposed security mechanisms. In particular we br Networks General -Security and Protection Distributed
163 CORBA: Integrating Diverse Applications Within Distributed.. - Vinoski (1997)(Correct)
This paper will appear in the feature topic issue of the IEEE Communications Magazine, Vol. 14, No. 2, February 1997. It is presented in this format to ensure timely dissemination of scholarly and tec... / for lifecycle management security transactions and event br and perhaps share the same security information. Bridge-based
163 Formal Methods: State of the Art and Future Directions - Clarke, Wing (1996)(Correct)
We survey recent progress in the development of mathematical techniques for specifying and verifying complex hardware and software systems. Many of these techniques are capable of handling industrial-... / real-time constraints security policies and architectural br in Canada A ffl Security. The security policy model for
162 A Calculus for Cryptographic Protocols - The Spi Calculus - Abadi, Gordon (1997)(Correct)
We introduce the spi calculus, an extension of the pi calculus designed for the description and analysis of cryptographic protocols. We show how to use the spi calculus, particularly for studying auth... / the spi calculus and state their security properties in terms of br equivalence. Contents Security and the Pi Calculus
161 Breaking and Fixing the Needham-Schroeder Public-Key Protocol using.. - Lowe (1996)(Correct)
In this paper we analyse the well known Needham-Schroeder
Public-Key Protocol using FDR, a refinement checker for CSP. We use
FDR to discover an attack upon the protocol, which allows an intruder to
i... / here how it may be used to analyse security protocols. We model the agents br than a direct proof of the security of an arbitrarily-sized system.
154 Mixin-based Inheritance - Bracha, Cook (1990)(Correct)
The diverse inheritance mechanisms provided by
Smalltalk, Beta, and CLOS are interpreted as different
uses of a single underlying construct. Smalltalk and
Beta differ primarily in the direction of cla... / flexibility of Smalltalk and the security of Beta. It also supports the br in Beta is designed to provide security from replacement of a method by
153 Multicast Extensions to OSPF - Moy (1994)(Correct)
This memo documents enhancements to the OSPF protocol enabling the routing of IP multicast datagrams. In this
proposal, an IP multicast packet is routed based both on the packet's source and its multi... / Security Considerations br OSPF March Moy Page Security Considerations Security issues
145 Decentralized Trust Management - Blaze, Feigenbaum, Lacy (1996)(Correct)
We identify the trust management problem as a distinct and important component of security in network services. Aspects of the trust management problem include formulating security policies and securi... / and important component of security in network services. Aspects of br problem include formulating security policies and security
144 Fbufs: A High-Bandwidth Cross-Domain Transfer Facility - Peter Druschel, Larry L. Peterson (1993)(Correct)
We have designed and implemented a new operating system facility for I/O buffer management
and data transfer across protection domain boundaries on shared memory machines. This
facility, called fast b... / without compromising protection security or modularity. Its goal is to br transfer. However protection and security needs generally require that the
135 Cryptographic Limitations on Learning Boolean Formulae and Finite.. - Kearns, Valiant (1989)(Correct)
In this paper we prove the intractability of learning several classes of Boolean functions in
the distribution-free model (also called the Probably Approximately Correct or PAC model)
of learning from... / such as these and also more subtle security concerns the field of br Known results regarding the security of the Rabin function include
129 Horus: A Flexible Group Communications System - van Renesse, Birman, Maffeis (1996)(Correct)
This paper reports on the Horus system, which provides an unusually flexible group communication model to application-developers. This flexibility extends to system interfaces, the properties provided... / used to support highly available security domains. And group mechanisms br to introduce fault-tolerance or security without requiring substantial
125 Differential Cryptanalysis attacks - Biham, Shamir (1991)(Correct)
The Data Encryption Standard (DES) is the best known and most
widely used cryptosystem for civilian applications. It was developed
at IBM and adopted by the National Buraeu of Standards in the mid
70'... / that is not linear and thus the security of the cryptosystem crucially br resolve the growing need for data security in its products. The round
117 A Caching Relay for the World Wide Web - Glassman (1994)(Correct)
We describe the design and performance of a caching relay for the World Wide Web. We examine how the behavior of users affects the performance of the relay. From an analysis of the data from the relay... / the Web because Digital has a security firewall that restricts direct br servers even through the network security firewall have good bandwidth
109 Specification of the KQML Agent-Communication Language - Finin, Weber, Wiederhold.. (1994)(Correct)
this document send a message to kqml-users@isi.edu) Tim Finin (co-chair) University of Maryland Jay Weber (co-chair) Enterprise Integration Technologies Gio Wiederhold (former co-chair) Stanford Unive... / choice network services and security. Nevertheless this document br bidding reimbursement and security should be defined in this
109 Protocol Service Decomposition for High-Performance Networking - Maeda, Bershad (1993)(Correct)
In this paper we describe a new approach to implementing
network protocols that enables them to have
high performance and high flexibility, while retaining
complete conformity to existing application ... / with existing interfaces. ffl Security. A protocol implementation must br must not degrade the security of the network. Our design
105 Java Security: From HotJava to Netscape and Beyond - Dean, Felten, Wallach (1996)(Correct)
The introduction of Java applets has taken the WorldWide Web by storm. Information servers can customize the presentation of their content with server-supplied code which executes inside the Web brows... / Java Security From HotJava to Netscape and br of flaws which compromise their security. These flaws arise for several
104 The Inductive Approach to Verifying Cryptographic Protocols - Paulson (1998)(Correct)
Informal arguments that cryptographic protocols are secure can be made rigorous using inductive definitions. The approach is based on ordinary predicate calculus and copes with infinite-state systems.... / an insecure network. An obvious security goal is secrecy a spy cannot br methods can be used to analyze security protocols. Two popular
102 Prudent Engineering Practice for Cryptographic Protocols - Abadi, Needham (1995)(Correct)
We present principles for designing cryptographic protocols. The principles are neither necessary nor sufficient for correctness. They are however helpful, in that adherence to them would have prevent... / Society Symposium on Research in Security and Privacy. c flDigital br authentication protocols security. Contents Introduction
98 Agent Tcl: A flexible and secure mobile-agent system - Gray (1996)(Correct)
An information agent manages all or a portion of a user's information space. The electronic resources in this space are often distributed across a network and can contain tremendous quantities of data... / language and a complex security model. Agent Tcl on the other br language and a complex security model in which the programmer
97 Reasoning about Belief in Cryptographic Protocols - Gong, Needham, Yahalom (1990)(Correct)
Abstract. Analysis methods for cryptographic protocols
have often focused on information leakage rather
than on seeing whether a protocol meets its goals. Many
protocols, however, fall far short of me... / Solutions to computer security problems over the last few years br of the IEEE Symposium on Security and Privacy Oakland California
94 A Practical Public Key Cryptosystem Provably Secure against Adaptive.. - Cramer, Shoup (1998)(Correct)
A new public key cryptosystem is proposed and analyzed. The scheme is quite practical, and is provably secure against adaptive chosen ciphertext attack under standard intractability assumptions. There... / a group. Moreover the proof of security relies only on a standard br equivalent to the semantic security of the basic El Gamal encryption
93 Locality-Aware Request Distribution in Cluster-based Network Servers - Pai (1998)(Correct)
We consider cluster-based network servers in which a front-end directs incoming requests to one of a number of back-ends. Specifically, we consider content-based request distribution: the front-end us... / of administration availability security and high-capacity backbone
93 QoS Routing Mechanisms and OSPF Extensions - Guerin, Orda, Williams (1996)(Correct)
This paper presents and discusses path selection algorithms to support QoS routes in IP networks. The work is carried out in the context of extensions to the OSPF protocol, and the initial focus is on... / other criteria than delay e.g.security and in general each existing
92 The Spring nucleus: A microkernel for objects - Hamilton, Kougiouris (1994)(Correct)
The Spring system is a distributed operating system that supports a distributed, object-oriented application framework. Each individual Spring system is based around a microkernel known as the nucleus... / to operate on the object. This security requirement quickly led us to br Following from this desire for security are some secondary requirements.
91 Implementing Network Protocols at User Level - Thekkath (1993)(Correct)
Traditionally, network software has been structured in a monolithic fashion with all protocol stacks
executing either within the kernel or in a single trusted user-level server. This organization is m... / is motivated by performance and security concerns. However considerations br user-level server Security and or performance are the
89 Dealing With Disaster: Surviving Misbehaved Kernel Extensions - Seltzer (1996)(Correct)
Today's extensible operating systems allow applications
to modify kernel behavior by providing mechanisms for
application code to run in the kernel address space. The
advantage of this approach is tha... / system integrity performance or security. In building an extensible br kernel entry points such as the security enforcement modules Rule
87 SDSI - A Simple Distributed Security Infrastructure - Rivest, Lampson (1996)(Correct)
We propose a new distributed security infrastructure, called SDSI (pronounced "Sudsy"). SDSI combines a simple public-key infrastructure design with a means of defining groups and issuing group-member... / SDSI -A Simple Distributed Security Infrastructure Ronald L. br We propose a new distributed security infrastructure called SDSI
86 Serverless Network File Systems - Anderson, Dahlin, Neefe, Patterson.. (1995)(Correct)
In this paper, we propose a new paradigm for network file system design, serverless network file systems. While traditional network file systems rely on a central server machine, a serverless system u... / one another's kernels to enforce security. However we expect such br and physical building security allow machines to trust one
81 Automated Analysis of Cryptographic Protocols Using Murphi - Mitchell, Mitchell, Stern (1997)(Correct)
A methodology is presented for using a generalpurpose state enumeration tool, Murphi, to analyze cryptographic and security-related protocols. We illustrate the feasibility of the approach by analyzin... / to analyze cryptographic and security-related protocols. We illustrate br for analyzing cryptographic or security-related protocols. The main
80 Data Mining: An Overview from a Database Perspective - Chen, Han, Yu (1996)(Correct)
Mining information and knowledge from large databases has been recognized by many researchers as a key research topic in database systems and machine learning, and by many industrial companies as an i... / . Protection of privacy and data security. When data can be viewed from br the goal of protecting data security and guarding against the invasion
79 Scout: A Communications-Oriented Operating System - Montz, Mosberger, O'Malley.. (1994)(Correct)
This white paper describes Scout, a new operating system being designed for systems connected to the National Information Infrastructure (NII). Scout provides a communication-oriented software archite... / varying degrees of reliability security mobility and real-time. To br semantics e.g.its reliability security and real-time behavior and the
78 The Exact Security of Digital Signatures - How to Sign with RSA and.. - Bellare, Rogaway (1996)(Correct)
We describe an RSA-based signing scheme which combines essentially optimal efficiency with
attractive security properties. Signing takes one RSA decryption plus some hashing, verification
takes one RS... / . The Exact Security of Digital Signatures How to br efficiency with attractive security properties. Signing takes one RSA
76 Extensible Security Architectures for Java - Wallach (1997)(Correct)
Mobile code technologies such as Java, JavaScript, and ActiveX generally limit all programs to a single security policy. However, software-based protection can allow for more flexible security models,... / April . Extensible Security Architectures for Java Dan S. br limit all programs to a single security policy. However software-based
74 Encrypted Key Exchange: Password-Based Protocols Secure Against.. - Bellovin, Merritt (1992)(Correct)
Classical cryptographic protocols based on userchosen
keys allow an attacker to mount passwordguessing
attacks. We introduce a novel combination
of asymmetric (public-key) and symmetric (secret-key)
... / that affords a reasonable level of security even if resources are protected br the IEEE Symposium on Research in Security and Privacy Oakland May .
73 Improving IPC by Kernel Design - Liedtke (1993)(Correct)
Inter-process communication (ipc) has to be fast and effective, otherwise programmers will not use remote procedure calls (RPC), multithreading and multitasking adequately. Thus ipc performance is vit... / increase modularity flexibility security and scalability and it is the br has some constraints concerning security message structure message size
73 Itinerant Agents for Mobile Computing - Chess, Grosof, Harrison, Levine.. (1995)(Correct)
This paper describes an abstract framework for itinerant agents that can be used to implement secure, remote applications in large, public networks such as the Internet or the IBM Global Network. Itin... / a method of employing public security services to enable authenticated br at a server. Section discusses security issues always important in
72 Secrecy by Typing in Security Protocols - Abadi (1997)(Correct)
We develop principles and rules for achieving secrecy properties in security protocols. Our approach is based on traditional classification techniques, and extends those techniques to handle concurr... / Secrecy by Typing in Security Protocols Mart'in Abadi br achieving secrecy properties in security protocols. Our approach is based
69 A Case for Caching File Objects Inside Internetworks - Danzig, Hall, Schwartz (1993)(Correct)
This paper presents evidence that several, judiciously placed file caches could reduce the volume of FTP traffic by 42%, and hence the volume of all NSFNET backbone traffic by 21%. In addition, if FTP... / by consistency control locking security or caching FTP's client and br caches and the privacy and security of fetching objects from caches.
67 NetBill Security and Transaction Protocol - Cox, al. (1995)(Correct)
NetBill is a system for micropayments for information
goods on the Internet. This paper presents the NetBill
protocol and describes its security and transactional
features. Among our key innovations a... / allowing unlimited NetBill Security and Transaction Protocol br protocol and describes its security and transactional features.
66 An Overview of the Spring System - Mitchell, Gibbons, Hamilton.. (1994)(Correct)
Spring is a highly modular, distributed, object-oriented
operating system. This paper describes the goals of the
Spring system and provides overviews of the Spring object
model, the security model, an... / of the Spring object model the security model and the naming br window systems a basis for security that is not particularly
66 Typed Closure Conversion - Minamide (1996)(Correct)
Closure conversion is a program transformation used by compilers to separate code from data. Previous accounts of closure conversion use only untyped target languages. Recent studies show that transla... / type-based translations facilitate security and debugging through automatic
65 Charlotte: Metacomputing on the Web - Baratloo (1996)(Correct)
The World Wide Web has the potential of being used as
an inexpensive and convenient metacomputing resource.
This brings forward new challenges and invalidates many
of the assumptions made in offering ... / thus providing the same level of security heterogeneity and portability br looked at individually e.g.security programmability and scheduling
65 Plan 9 from Bell Labs - Pike (1990)(Correct)
Plan 9 is a distributed computing environment. It is assembled from separate machines acting as CPU servers, file servers, and terminals. The pieces are connected by a single file-oriented protocol an... / achieves levels of efficiency security simplicity and reliability br performance reliability and security. We decided to build a
64 Secure Agreement Protocols: Reliable and Atomic Group Multicast in.. - Reiter (1994)(Correct)
Reliable and atomic group multicast have been proposed as fundamental communication paradigms to support secure distributed computing in systems in which processes may behave maliciously. These protoc... / computing especially when global security policies must be met despite the br indicate that meeting global security requirements can involve
63 Untraceable Off-line Cash in Wallets with Observers - Brands (1993)(Correct)
Incorporating the property of untraceability of payments into off-line electronic cash systems has turned out to be no easy matter. Two key concepts have been proposed in order to attain the same le... / order to attain the same level of security against double-spending as can be br or seem to have questionable security if not both. The second
62 Going Beyond the Sandbox: An Overview of the New Security.. - Gong, Mueller, Prafullchandra.. (1997)(Correct)
This paper describes the new security architecture
that has been implemented as part of JDK1.2,
the forthcoming Java
TM
Development Kit. In going
beyond the sandbox security model in the original
re... / Sandbox An Overview of the New Security Architecture in the Java TM br This paper describes the new security architecture that has been
62 PayWord and MicroMint: Two simple micropayment schemes - Rivest, Shamir (1996)(Correct)
this paper. We discuss these related proposals further in Section 5. The user authenticates a complete chain to the vendor with a single public-key signature, and then successively reveals each paywor... / altogether. It has lower security but higher speed. It introduces a br computational requirement and the security it provides makes PayWord usable
61 Why Cryptosystems Fail - Anderson (1994)(Correct)
Designers of cryptographic systems are at a disadvantage to most other engineers, in that information on how their systems fail is hard to get: their major users have traditionally been government age... / shift is overdue in computer security we look at some of the br complex subject and its national security overtones may invest it with a
61 Tamper Resistance - a Cautionary Note - Anderson, Kuhn (1996)(Correct)
An increasing number of systems, from pay-TV to electronic purses, rely on the tamper resistance of smartcards and other security processors. We describe a number of attacks on such systems --- some o... / of smartcards and other security processors. We describe a number br tampering. An example is the VISA security module commonly used in banks
61 Secure Information Flow in a Multi-threaded Imperative Language - Smith, Volpano (1998)(Correct)
Previously, we developed a type system to ensure secure information flow in a sequential, imperative programming language [VSI96]. Program variables are classified as either high or low security; intu... / as either high or low security intuitively we wish to prevent br insufficient to ensure a desirable security property called
60 Limitations of the Kerberos Authentication System+ - Bellovin (1991)(Correct)
The Kerberos authentication system, a part of MIT's Project Athena, has been
adopted by other organizations. Despite Kerberos's many strengths, it has a number of
limitations and some weaknesses. Some... / significantly increase its security our criticisms focus A br Review. on the extent to which security is improved. Further we
60 Performance Issues of Enterprise Level Web Proxies - Maltzahn, Richardson, Grunwald (1997)(Correct)
Enterprise level web proxies relay world-wide web traffic between
private networks and the Internet. They improve security, save
network bandwidth, and reduce network latency. While the performance
of... / and the Internet. They improve security save network bandwidth and br Fingerprinting. In Symposium on Security and Privacy pages -
60 A Sound Type System For Secure Flow Analysis - Volpano, Smith, al. (1996)(Correct)
Ensuring secure information flow within programs in the context of multiple sensitivity
levels has been widely studied. Especially noteworthy is Denning's work in
secure flow analysis and the lattice ... / Journal of Computer Security draft printout Jul br Keywords type systems program security soundness proofs .
59 PLAN: A Packet Language for Active Networks - Hicks (1998)(Correct)
PLAN (Packet Language for Active Networks) is a new language for programs that form the packets of a programmable network. These programs replace the packet headers (which can be viewed as very rudime... / flexibility safety and security performance and usability. br on-the-fly. . Safety and Security The shared nature of a network
59 Face Recognition Under Varying Pose - Beymer (1993)(Correct)
Researchers in computer vision and pattern recognition have worked on automatic techniques for recognizing
human faces for the last 20 years. While some systems, especially template-based ones, have b... / face recognition. In building security a face recognizer could be used br They could be used to enhance the security of user authentication in ATMs
59 Access Control for Collaborative Environments - Shen, Dewan(Correct)
Access control is an indispensable part of any information
sharing system. Collaborative environments introduce
new requirements for access control, which cannot be met
by using existing models develo... / access control protection security user interface. br with the system. To ensure security hhs denies abc the data
58 A Type System for Object Initialization In the Java Bytecode Language - Freund, Mitchell (1998)(Correct)
In the standard Java implementation, a Java language
program is compiled to Java bytecode. This bytecode
may be sent across the network to another site, where it
is then interpreted by the Java Virtua... / are critical for system security. In order to analyze existing br protects the receiver from certain security risks and various forms of
57 A Resource Allocation Model for QoS Management - Rajkumar, Lee, Lehoczky, Siewiorek (1997)(Correct)
Quality of service (QoS) has been receiving wide attention in recent years in many research communities including networking, multimedia systems, real-time systems and distributed systems. In large di... / satisfy timing reliability and security constraints as well as br delivery schemes cryptographic security and data quality. We refer to
56 Robustness principles for public key protocols - Anderson, Needham (1995)(Correct)
We present a number of attacks, some new, on public key protocols. We also advance a number of principles which may help designers avoid many of the pitfalls, and help attackers spot errors which ca... / to the case-by-case reduction of security claims to the intractability of br force us to consider more of the security dependencies and from a number
55 A Sense of Self for Unix Processes - Forrest, Hofmeyr, Somayaji, Longstaff (1996)(Correct)
A method for anomaly detection is introduced in which
"normal" is defined by short-range correlations in a process
' system calls. Initial experiments suggest that the definition
is stable during norm... / program aimed at building computer security systems that incorporate the br interested in developing computer security methods that are based on the
55 What Makes Patterns Interesting in Knowledge Discovery Systems - Silberschatz, Tuzhilin (1996)(Correct)
One of the central problems in the field of knowledge discovery is the development of good
measures of interestingness of discovered patterns. Such measures of interestingness are divided
into objecti... / a pattern discovering some security trading irregularities such as br the USA must have a unique Social Security Number is a hard belief
54 Sumatra: A Language for Resource-aware Mobile Programs - Acharya (1997)(Correct)
Programs that use mobility as a mechanism to adapt to resource changes have three requirements that are not shared with other mobile programs. First, they need to monitor the level and quality of re... / public boolean mkdir f SecurityManager security br mkdir f SecurityManager security System.getSecurityManager
53 Microkernels Meet Recursive Virtual Machines - Ford (1996)(Correct)
This paper describes a novel approach to providingmodular and extensible operating system functionality and encapsulated environments based on a synthesis of microkernel and virtual machine concepts. ... / distributed cross-node or security monitors that allow arbitrary br provides virtual memory and security between multiple concurrent
52 Proving Java Type Soundness - Syme (1997)(Correct)
Syntax of JavaS primitive-type = bool --- char --- short --- int --- long --- float --- double simple-reference-type = class-name --- interface-name component-type = simple-reference-type --- primitiv... / we would like to verify various security properties that are independent
51 Improving Release-Consistent Shared Virtual Memory using Automatic.. - Iftode (1996)(Correct)
Shared virtual memory is a software technique to
provide shared memory on a network of computers
without special hardware support. Although several
relaxed consistency models and implementations are
q... / the destination page. To ensure security mappings must be set up by the
50 Protecting Poorly Chosen Secrets from Guessing Attacks - Gong, Lomas, Needham, Saltzer (1993)(Correct)
In a security system that allows people to choose their own passwords, those people tend to choose passwords that can be easily guessed. This weakness exists in practically all widely used systems. In... / June Abstract. In a security system that allows people to br convenience and a high level of security at the same time. The basic idea
50 Economic Mechanism Design for Computerized Agents - Varian (1995)(Correct)
The field of economic mechanism design has been an active area of research in
economics for at least 20 years. This field uses the tools of economics and game theory to design
"rules of interaction"... / extract all of his surplus. Hence security is a critical problem for br there is no need to worry about security. The Vickrey auction is such a
49 Proxy-Based Authorization and Accounting for Distributed Systems - Neuman (1993)(Correct)
Despite recent widespread interest in the secure authentication
of principals across computer networks
there has been considerably less discussion of distributed
mechanisms to support authorization an... / Figure Relationship of security services a separate encryption br of the Digital Distributed System Security Architecture In the DSSA
49 Beyond Best Effort: Router Architectures for the Differentiated.. - Kumar, Lakshman, Stiliadis (1998)(Correct)
With the transformation of the Internet to a commercial infrastructure, the ability
to provide differentiated services to users with widely varying requirements is rapidly
becoming as important as mee... / in terms of performance security and services. Consequently br been for providing firewall and security functions. However another
48 The RC5 Encryption Algorithm - Rivest (1995)(Correct)
This document describes the RC5 encryption algorithm, a fast symmetric block cipher suitable for hardware or software implementations. A novel feature of RC5 is the heavy use of data-dependent rotat... / between higher speed and higher security. The number of rounds r is a br The user can choose the level of security appropriate for his application
48 A Cryptographic File System for Unix - Blaze (1993)(Correct)
Although cryptographic techniques areplaying an increasingly
important role in modern computing system security,userlevel
tools for encrypting file data arecumbersome and suffer
from a number of inher... / role in modern computing system security userlevel tools for encrypting br . Introduction Data security in modern distributed computing
47 An Orthogonally Persistent Java - Atkinson, Daynès, Jordan, Printezis, .. (1996)(Correct)
The language Java is enjoying a rapid rise in popularity as an application programming language. For many applications an effective provision of database facilities is required. Here we report on a pa... / and validations to improve security precision and productivity are br Java Morrison The type security of Java finally makes it possible
47 Computer Immunology - Forrest, Hofmeyr, Somayaji (1996)(Correct)
this article argues that the similarities are compelling
and could point the way to improved computer security. Improvements can be achieved by
designing computer immune systems that have some of the ... / is analogous to that of computer security systems in computing. Although br point the way to improved computer security. Improvements can be achieved by
46 New Types of Cryptanalytic Attacks using Related Keys - Biham (1994)(Correct)
this paper we described new cryptanalytic attacks which are applicable to the LOKI
family of blockciphers and to Lucifer. These new attacks are based on the structure
of the key scheduling algorithms.... / Xuejia Lai On the Design and Security of Block Ciphers Ph.D. thesis br Feistel Cryptography and Data Security Scientific American Vol.
45 Security Properties of Typed Applets - Leroy, Rouaix(Correct)
This paper formalizes the folklore result that strongly-typed
applets are more secure than untyped ones. We formulate
and prove several security properties that all well-typed applets
possess, and ide... / Security properties of typed applets br We formulate and prove several security properties that all well-typed
45 NetCash: A design for practical electronic currency on the Internet - Medvinsky (1993)(Correct)
NetCash is a framework that supports realtime electronic payments
with provision of anonymity over an unsecure network.
It is designed to enable new types of services on the Internet
which have not be... / on Computer and Communications Security November . Permission to br electronic currency system are security anonymity scalability
44 Mobility Support in IPv6 - Perkins, Johnson (1996)(Correct)
IP version 6 (IPv6) is being designed within the IETF
as a replacement for the current version of the IP protocol
used in the Internet (IPv4). We have designed
protocol enhancements for IPv6, known as... / the operation of a home agent. Security issues are discussed in Section br protection are controlled by a security association that the sender of
44 Specification-based Test Oracles for Reactive Systems - Richardson, Aha, O'Malley (1992)(Correct)
The testing process is typically systematic in test data selection and test execution. For the most part, however, the effective use of test oracles has been neglected, even though they are a critical... / functionality timing safety security and performance. The testing br other property such as safety or security. Our approach combines
43 Trustee-based Tracing Extensions to Anonymous Cash and the Making of.. - Brickell, Gemmell, Kravitz (1995)(Correct)
Electronic cash is a subject of great economic, political,
and research importance. With advances in computer
networks, in processor speed, and in databases and with
advances in note counterfeiting te... / of complexity assumptions. The security and privacy properties of our br system based on B where the security is based on the existence of a
43 An Architecture for Large-Scale Internet Measurement - Paxson, Mahdavi, Adams, Mathis (1998)(Correct)
Historically, the Internet has been woefully under-measured and under-instrumented. The problem is only getting worse with the network's ever-increasing size. We discuss the goals and requirements for... / strong authentication and security mechanisms for both maintaining br raises thorny privacy and security problems. . Scale to 's of
43 How to Personalize the Web - Barrett, Maglio, Kellem(Correct)
Agents can personalize otherwise impersonal computational systems. The World Wide Web presents the
same appearance to every user regardless of that user's past activity. Web Browser Intelligence (WBI,... / a one-way firewall for intranet security. WBI is a proxy that intercepts
43 Crowds: Anonymity for Web Transactions - Reiter, Rubin (1997)(Correct)
In this paper we introduce a system called Crowds for protecting users' anonymity on the world-wide-web. Crowds, named for the notion of "blending into a crowd", operates by grouping users into a larg... / the design implementation security performance and scalability of br and scalability of our system. Our security analysis introduces degrees of
43 Liquid Software: A New Paradigm for Networked Systems - Hartman, Manber, Peterson, Proebsting (1996)(Correct)
This paper introduces the idea of dynamically moving functionality in a network---between clients and servers, and between hosts at the edge of the network and nodes inside the network. At the heart o... / of efficiency interface design security and resource allocation among br the efficiency interface security and resource allocation concerns
43 Mobile Agents for Network Management - Bieszczad, Pagurek, White (1998)(Correct)
In this paper, we discuss the potential uses of mobile agents in Network Management. We
define software agents and a navigation model, which determines agent mobility. We list a
number of potential ad... / model a computational model a security model and a communication br and thread control primitives. The security model describes the ways in which
43 RTP Profile for Audio and Video Conferences with Minimal Control - Schulzrinne (1995)(Correct)
This note describes a profile for the use of the real-time transport protocol (RTP) and
the associated control protocol, RTCP, within audio and video multiparticipant conferences
with minimal control.... / ffl The RTP default security services are also the default br to requiring certain minimum IPv security mechanisms. If there is no
42 The SwitchWare Active Network Architecture - Alexander, al. (1998)(Correct)
Active networks must balance the flexibility of a programmable network infrastructure against the safety and security requirements inherent in sharing that infrastructure. Furthermore, this balance mu... / against the safety and security requirements inherent in sharing br integrity base upon which the security of the other layers depends. In
42 Feature Subset Selection Using A Genetic Algorithm - Yang, Honavar (1998)(Correct)
Practical pattern classification and knowledge discovery problems require selection of a subset of attributes or features (from a much larger set) to represent the patterns to be classified. This pape... / irrelevant features e.g.social security numbers in medical records in a
41 MGS: A Multigrain Shared Memory System - Yeung (1996)(Correct)
Parallel workstations, each comprising 10-100 processors, promise cost-effective general-purpose multiprocessing. This paper explores the coupling of such small- to medium-scale shared memory multipro... / Providing reliability and security on these networks requires
41 WebOS: Operating System Services for Wide Area Applications - Vahdat (1997)(Correct)
In this paper, we demonstrate the power of providing
a common set of Operating System services to wide-area
applications, including mechanisms for naming, persistent
storage, remote process execution,... / management authentication and security. On a single machine application br management authentication and security We use WebOS to demonstrate
41 Anonymous Connections and Onion Routing - Syverson, Goldschlag, Reed (1997)(Correct)
Onion Routing provides anonymous connections
that are strongly resistant to both eavesdropping and
traffic analysis. Unmodified Internet applications can
use these anonymous connections by means of pr... / to appear IEEE Symposium on Security and Privacy Anonymous br detail to properly evaluate the security of onion routing. The original
41 Kerberos Authentication and Authorization System - Miller, Neuman, Schiller, Saltzer (1988)(Correct)
This document describes the assumptions, short and long term goals, and system model
for a network authentication system, named Kerberos, for the Athena environment. An
appendix specifies the detailed... / Assumed Physical and Operational Security Environment From a security br Security Environment From a security perspective the environment will
41 Certificate Revocation and Certificate Update - Naor, Nissim (1998)(Correct)
A new solution is suggested for the problem of certificate
revocation. This solution represents Certificate
Revocation Lists by an authenticated search
data structure. The process of verifying whether... / tree node i.e. the hash function security parameter hash in the br the CA's computer the system security is based on the ability to
40 MIST: PVM with Transparent Migration and Checkpointing - Casas, Clark, Galbiati, Konuru.. (1995)(Correct)
We are currently involved in research to enable PVM
to take advantage of shared networks of workstations
(NOWs) more effectively. In such a computing environment,
it is important to utilize workstatio... / has good qualities such as security and isolation a bug in one br works well it does raise some security and administrative concerns.
39 Java is Type Safe - Probably - Drossopoulou, Eisenbach (1997)(Correct)
Amidst rocketing numbers of enthusiastic Java programmers
and internet applet users, there is growing concern about the security
of executing Java code produced by external, unknown sources. Rather
... / there is growing concern about the security of executing Java code produced br won't compromise computer security. We consider a type safe subset
39 Category Translation: Learning to understand information on the.. - Perkowitz (1995)(Correct)
This paper investigates the problem of automatically
learning declarative models of information
sources available on the Internet. We
report on ILA, a domain-independent program
that learns the meanin... / date of a second and the social security number for a third. As with St. br last name full name social security number etc. . What are
38 The Desk Area Network - Hayter (1991)(Correct)
A novel architecture for use within an end computing system is described.
This attempts to extend the concepts used in modern high speed networks
into computer system design. A multimedia workstation ... / router while from a control and security point of view it is the point br the DataMesh represents a single security domain so that nodes within the
38 A New Location Technique for the Active Office - Ward, Jones, Hopper (1997)(Correct)
this paper, we first present an overview of research into location-aware computing and evaluate currently available location sensor technologies. We then describe a new location sensor, tailored to pr... / include telephone call routing security and environmental control
38 Optimal-Resilience Proactive Public-Key Cryptosystems - Frankel, Gemmell, MacKenzie, Yung (1997)(Correct)
We introduce new efficient techniques for sharing
cryptographic functions in a distributed dynamic fashion.
These techniques dynamically and securely transform
a distributed function (or secret sharin... / sharing scheme with proactive security for general functions with a br assuring high availability security and efficiency. Proactive
37 SuperWeb: Research Issues in Java-Based Global Computing - Alexandrov, Ibel, Schauser, Scheiman (1996)(Correct)
The Internet, in particular the World-Wide-Web, continues to expand at an amazing pace.
We propose a new infrastructure, SuperWeb, to harness global resources, such as CPU cycles or
disk storage, and ... / at a fraction of the cost. Security and correctness. The fact that br trust one another raises many security concerns. For example a host
37 The ADAPTIVE Communication Environment: An Object-Oriented Network.. - Schmidt (1993)(Correct)
The ADAPTIVE Communication Environment (ACE) implements a set of fundamental design patterns that simplify the development of concurrent event-driven communication software. ACE provides a rich set of... / from the additional degree of type-security and abstraction provided by the br ftp and telnet that base their security mechanisms on process ownership.
37 Password Security: A Case History - Morris (1979)(Correct)
This paper describes the history of the design of the password security scheme on a remotely accessed time-sharing system. The present design was the result of countering observed attempts to penetrat... / Password Security A Case History Robert Morris br of the design of the password security scheme on a remotely accessed
37 Model Checking for Security Protocols - Marrero, Clarke, Jha (1997)(Correct)
As more resources are added to computer networks, and as more vendors look to the World Wide Web as
a viable marketplace, the importance of being able to restrict access and to insure some kind of acc... / Model Checking for Security Protocols Will Marrero Edmund br itself is only a tool. The security of a system depends not only on
37 A Security Architecture for Computational Grids - Foster, Kesselman, Tsudik, Tuecke (1998)(Correct)
State-of-the-art and emerging scientific applications require fast access to large quantities of data and commensurately fast computational resources. Both resources and data are often distributed in ... / A Security Architecture for Computational br This paper analyzes the unique security requirements of large-scale
37 PLAN: A Programming Language for Active Networks - Hicks, Kakkar, Moore, Gunter, Nettles (1998)(Correct)
PLAN (Programming Language for Active Networks) is a new language for programs that are carried in the packets of a programmable network. PLAN programs replace the packet headers (which can be viewed ... / flexibility safety and security performance and br on-the-fly. . Safety and Security The shared nature of a network
37 Fast Implementations of RSA Cryptography - Shand, Vuillemin (1993)(Correct)
We detail and analyse the critical techniques which may be combined in the design of fast hardware for RSA cryptography: chinese remainders, star chains, Hensel's odd division (a.k.a. Montgomery modul... / modular exponentials. The security of RSA cryptography ultimately
36 On the Importance of Checking Cryptographic Protocols for Faults - Boneh, DeMillo, Lipton (1997)(Correct)
We present a theoretical model for breaking various cryptographic schemes by taking advantage
of random hardware faults. We show how to attack certain implementations of RSA and Rabin
signatures. An i... / lipton bellcore.com Security and Cryptography Research Group br correctness of a computation for security reasons. For instance a
36 Typed Memory Management in a Calculus of Capabilities - Crary, Walker, Morrisett (1999)(Correct)
An increasing number of systems rely on programming language
technology to ensure safety and security of low-level
code. Unfortunately, these systems typically rely on a complex,
trusted garbage colle... / technology to ensure safety and security of low-level code. br technologies that provide the security advantages of high-level
35 Optimistic Fair Exchange of Digital Signatures - Asokan, Shoup, Waidner (1998)(Correct)
We present a new protocol that allows two players to exchange digital signatures over the
Internet in a fair way, so that either each player gets the other's signature, or neither player
does. The obv... / In x we present a formal security model for the problem of br for contract signing. A Formal Security Model for Fair Signature Exchange
35 The Internet Worm Program: An Analysis - Spafford (1988)(Correct)
On the evening of 2 November 1988, someone infected the Internet with a
worm program. That program exploited flaws in utility programs in systems
based on BSD-derived versions of UNIX. The flaws allo... / The paper contains a review of the security flaws exploited by the worm br has long been known to have some security weaknesses cf. Ritc
35 How to Protect DES Against Exhaustive Key Search - Kilian, Rogaway (1996)(Correct)
The block cipher DESX is defined by DESX k:k1:k2 (x) = k2 \Phi DES k (k1 \Phi x), where \Phi denotes
bitwise exclusive-or. This construction was first suggested by Rivest as a computationallycheap
way... / usually under the control of the security architect not the adversary. br control of the adversary not the security architect.Then the adversary's
34 A Quantitative Analysis of Cache Policies for Scalable Network File.. - Michael Dahlin (1994)(Correct)
Current network file system protocols rely heavily on a central
server to coordinate file activity among client workstations.
This central server can become a bottleneck that limits scalability
for en... / presence of client failures and security when clients supply data to each br of backup availability and security that arise when clients are given
34 Policy Driven Management For Distributed Systems - Sloman (1994)(Correct)
Separating management policy from the automated managers which interpret the policy
facilitates the dynamic change of behaviour of a distributed management system. This
permits it to adapt to evolutio... / management management policy security policy policy conflicts access br a service part for configuration security and monitoring. The management
34 Strong Password-Only Authenticated Key Exchange - Jablon (1996)(Correct)
this paper we outline the problem, and describe a new simple password exponential key exchange, SPEKE, which performs strong authentication, over an insecure channel, using only a small password. That... / tradeoffs between efficiency and security are discussed. These methods are br memory and it weakens the security model by adding another point of
34 Mobile Agents: Are they a good idea? - Harrison, Chess, Kershenbaum (1995)(Correct)
Mobile agents are programs, typically written in a script language, which may be dispatched from a client computer and transported to a remote server computer for execution. Several authors have sug... / introduce severe concerns for security. We consider the advantages br the extensions lie in the area of security since an important goal of this
34 On the Construction of Pseudo-Random Permutations: Luby-Rackoff.. - Naor, Reingold (1997)(Correct)
Luby and Rackoff [27] showed a method for constructing a pseudo-random permutation from
a pseudo-random function. The method is based on composing four (or three for weakened security)
so called Feist... / four or three for weakened security so called Feistel permutations br and simplify its proof of security by showing that two Feistel
34 Security Models - McLean (1994)(Correct)
this article we focus on the primary
use of security models, which has been to describe general confidentiality requirements. We
then give pointers to security model work in other areas.
2 Models of C... / Security Models John McLean br Introduction The term security model has been used to describe
33 A Secure Identity-Based Capability System - Gong (1989)(Correct)
We present the design of an Identity-based CAPability protection system ICAP,
which is aimed at a distributed system in a network environment. The semantics of
traditional capabilities are modified to... / propagations to enforce security policies including the br is to represent and interpret security policy. Compared with existing
33 How to Sign Digital Streams - Gennaro, Rohatgi (1997)(Correct)
We present a new efficient paradigm for signing digital streams. The problem of signing digital streams to prove their authenticity is substantially different from the problem of signing regular messa... / broadcast We present proofs of security of our constructions. Our br following we denote with n the security parameter. We say that a function
33 Classification And Detection Of Computer Intrusions - Kumar (1995)(Correct)
Some computer security breaches cannot be prevented using access and information flow control techniques. These breaches may be a consequence of system software bugs, hardware or software failures, in... / . Computer Security and its Role br Eugene H. Spafford. Some computer security breaches cannot be prevented
33 Atomicity in Electronic Commerce - Tygar (1996)(Correct)
There is tremendous demand for the ability to be able to
electronically buy and sell goods over networks. This
field is called electronic commerce, and it has inspired a
large variety of work. Unfortu... / in the context of computer security and electronic commerce see br of the true customer. . . Security Can we trust anyone in
33 On the Size of Shares for Secret Sharing Schemes - Capocelli, De Santis, Gargano..(Correct)
A secret sharing scheme permits a secret to be shared among participants in
such a way that only qualified subsets of participants can recover the secret, but
any non-qualified subset has absolutely n... / Sharing is an important tool in Security and Cryptography. In many cases br system becomes more vulnerable to security breaches or betrayal
33 Efficient DES Key Search - Wiener (1993)(Correct)
Despite recent improvements in analytic techniques for attacking the Data Encryption Standard (DES), exhaustive key search remains the most practical and efficient attack. Key search is becoming ala... / One method of improving the security of DES greatly is to use br is even stronger. In cases where security must be improved for a large
33 Publicly Verifiable Secret Sharing - Stadler (1996)(Correct)
A secret sharing scheme allows to share a secret among several participants such that only certain groups of them can recover it. Verifiable secret sharing has been proposed to achieve security agai... / has been proposed to achieve security against cheating participants. br proposed in to achieve security against cheating participants. A
32 The Secure Remote Password Protocol - Wu (1997)(Correct)
This paper presents a new password authentication and key-exchange protocol suitable for authenticating users and exchanging keys over an untrusted network. The new protocol resists dictionary attacks... / use it directly to compromise security and gain immediate access to the br on Network and Distributed System Security computer access. Most
32 Enforceable Security Policies - Schneider (1998)(Correct)
A precise characterization is given for the class of security policies that can be enforced using mechanisms that work by monitoring system execution, and a class of automata is introduced for specify... / Enforceable Security Policies Fred B. Schneider br is given for the class of security policies that can be enforced
32 Jada: coordination and communication for Java agents - Ciancarini, Rossi (1997)(Correct)
In this paper we are going to analyze mobile code issues in
the perspective of Object Oriented systems in which thread migration
is not supported. This means that both objects' code and data can be
... / any further network traffic. . Security issues The use of mobile code br The use of mobile code introduces security issues mechanism like
32 Open Key Exchange: How to Defeat Dictionary Attacks Without.. - Lucks (1997)(Correct)
Classical cryptographic protocols based on shared secret keys
often are vulnerable to key-guessing attacks. For security, the keys must
be strong, difficult to memorize for humans. Bellovin and Merr... / to key-guessing attacks. For security the keys must be strong br to give a reasonable degree of security even if rather weak keys are
31 Studies in Secure Multiparty Computation and Applications - Canetti (1995)(Correct)
Consider a set of parties who do not trust each other, nor the channels by which they
communicate. Still, the parties wish to correctly compute some common function of their
local inputs, while keepin... / with them. The chapter on adaptive security in the computational setting br Rabin. The chapter on Proactive Security Chapter describes joint work
31 A Sanctuary for Mobile Agents - Yee (1997)(Correct)
ly, this is a circuit of the (complete) graph connecting the airline servers, and the originator may chose this circuit at the time of agent dispatch. At any honest server, the agent code and its read... / and examining the fundamental security limits of such an infrastructure. br is only one aspect of the security picture the integrity of
31 Using State Space Exploration and a Natural Deduction Style Message.. - Clarke, Jha, Marrero (1998)(Correct)
As more resources are added to computer networks, and as more vendors look to the World Wide Web as a viable marketplace, the importance of being able to restrict access and to insure some kind of acc... / Derivation Engine to Verify Security Protocols E. M. Clarke S. br have proposed the use of security protocols to provide these
31 From Coloured Petri Nets to Object Petri Nets - Lakos (1995)(Correct)
ion
Abstract: This paper seeks to establish within a formal framework how Coloured Petri Nets can be
enhanced to produce Object Petri Nets. It does so by defining a number of intermediate Petri Net f... / may be visible depending on the security clearance of the viewer or the
31 Augmented Encrypted Key Exchange: a Password-Based Protocol Secure.. - Bellovin, Merritt (1993)(Correct)
The encrypted key exchange (EKE) protocol is augmented
so that hosts do not store cleartext passwords. Consequently,
adversaries who obtain the one-way encrypted password file
may (i) successfully mim... / the host. Moreover the important security properties of EKE are br functions. Section analyzes the security of the new protocol. .
31 Defending Against Denial of Service Attacks in Scout - Spatscheck, Peterson (1999)(Correct)
We describe a two-dimensional architecture for defending
against denial of service attacks. In one dimension, the architecture
accounts for all resources consumed by each I/O
path in the system; this ... / This section defines Scout's security architecture. It begins with an br the enforcement of different security policies. . Configurability
31 A probabilistic poly-time framework for protocol analysis - Lincoln, Mitchell, Mitchell, Scedrov (1998)(Correct)
We develop a framework for analyzing security protocols in which protocol adversaries may be arbitrary probabilistic polynomial-time processes. In this framework, protocols are written in a form of pr... / develop a framework for analyzing security protocols in which protocol br a form of process calculus where security may be expressed in terms of
31 Bro: A System for Detecting Network Intruders in Real-Time - Paxson (1998)(Correct)
We describe Bro, a stand-alone system for detecting network
intruders in real-time by passively monitoring a network
link over which the intruder's traffic transits. We give
an overview of the system'... / language used to express a site's security policy. Event handlers can br a relatively new area of security research MHL We can divide
31 A Fair Non-repudiation Protocol - Zhou, Gollmann(Correct)
A fair non-repudiation protocol should not give the sender of a message an advantage over the receiver, or vice versa. We will present a fair non-repudiation protocol that requires a Trusted Third Par... / important aspect of information security. In a distributed communication br with support from other security and system services. It is
30 On the Security of ElGamal based Encryption - Tsiounis, Yung (1998)(Correct)
The ElGamal encryption scheme has been proposed several
years ago and is one of the few probabilistic encryption schemes. However,
its security has never been concretely proven based on clearly unde... / On the Security of ElGamal based Encryption br encryption schemes. However its security has never been concretely proven
30 Towards a unified agent architecture that combines rationality with.. - Kowalski, Sadri (1996)(Correct)
In this paper we analyse the differences between rational and reactive agent architectures, and propose a uniform agent architecture that aims to capture both as special cases. For this purpose we emp... / internal goal maintain security by means of a rule maintain br by means of a rule maintain security if whenever there is an
30 Problem Areas for the IP Security Protocols - Bellovin (1996)(Correct)
The Internet Engineering Task Force (IETF) is in
the process of adopting standards for IP-layer encryption
and authentication (IPSEC). We describe
a number of attacks against various versions of these... / Problem Areas for the IP Security Protocols Steven M. Bellovin br a marked increase in Internet security they themselves have had a
30 Requirements for Network Payment: The NetCheque Perspective - Neuman, Medvinsky (1995)(Correct)
Secure methods of payment are needed before we will
see widespread commercial use of the Internet. Recently
proposed and implemented payment methods follow
one of three models: electronic currency, cr... / respect to the requirements of of security reliability scalability br Internet payment system include security reliability scalability
30 TCP Extensions for Space Communications - Durst, Miller, Travis (1996)(Correct)
The space communication environment and mobile and wireless
communication environments show many similarities when observed
from the perspective of a transport protocol. Both types of
environments exh... / protocol a transport protocol a security protocol and a network protocol.
30 ICP and the Squid Web Cache - Wessels (1997)(Correct)
We describe the structure and functionality of the Internet Cache Protocol (ICP) and its
implementation in the Squid Web Caching software. ICP is a lightweight message format used
for communication am... / in ICP deployment efficiency security and interaction with other br back to their source. . . Security As with all networking
29 Practical Threshold Signatures - Shoup (1999)(Correct)
We present an RSA threshold signature scheme. The scheme enjoys
the following properties:
1. it is unforgeable and robust in the random oracle model, assuming
the RSA problem is hard;
2. signature sha... / . the scheme has no rigorous security proof even in the random oracle br already mentioned our proofs of security are valid in the so-called
29 Identity Escrow - Kilian, Petrank (1997)(Correct)
We introduce the notion of escrowed identity, an application of key-escrow ideas to the
problem of identification. In escrowed identity, one party A does not give his identity to
another party B, but ... / agents is almost . Enhanced security Even the escrow agency after br though perhaps with more heuristic security assumptions. We also note that
29 Number-Theoretic Constructions of Efficient Pseudo-Random Functions - Naor, Reingold (1997)(Correct)
We describe efficient constructions for various cryptographic primitives (both in privatekey
and in public-key cryptography). We show these constructions to be at least as secure as
the decisional ver... / primitives and reduces their security to the decisional version of br and the current knowledge on its security. A more detailed description
29 Scenario-Based Analysis of Software Architecture - Kazman (1996)(Correct)
Software architecture is one of the most important tools for designing and understanding
a system, whether that system is in preliminary design, active deployment, or
maintenance. Scenarios are impo... / system such as modifiability or security. However it is too difficult to
29 Random Sampling from Databases - Olken (1993)(Correct)
Random Sampling from Databases
by
Frank Olken
Doctor of Philosophy in Computer Science
University of California at Berkeley
Professor Michael Stonebraker, Chair
In this thesis I describe efficient me... / . . Statistical Database Security and Privacy br S e.g.match on name or social security number. ffl An attribute of a
29 Bucket Hashing and its Application to Fast Message Authentication - Rogaway (1997)(Correct)
We introduce a new technique for constructing a family of universal hash functions.
At its center is a simple metaphor: to hash a string x, cast each of its words into a small
number of buckets; xor... / oe . To describe the security of a message authentication br assurance advantages of provable security. Moreover this provable security
29 Person identification using multiple cues - Brunelli, Falavigna (1995)(Correct)
This paper presents a person identification system based on acoustic and visual features. The system is organized as a set of nonhomogeneous classifiers whose outputs are integrated after a normalizat... / banking control of access to security areas buildings and so on. The br time it is well known that the security of such systems is too often
29 Some New Attacks upon Security Protocols - Lowe (1996)(Correct)
Many security protocols have appeared in the literature, with aims such as agreeing upon a cryptographic key, or achieving authentication. However, many of these have been shown to be flawed. In this ... / Some New Attacks upon Security Protocols Gavin Lowe Oxford br October Abstract Many security protocols have appeared in the
29 Message Authentication with One-Way Hash Functions - Tsudik (1992)(Correct)
Fast message integrity and authentication services are
very important in today's high-speed network protocols.
Current message authentication techniques are mostly
encryption-based which is undesirabl... / their strength is analyzed. The security of the proposed methods is based br network protocols communication security. Introduction Message
29 Metadata Update Performance in File Systems - Ganger, Patt (1994)(Correct)
Structural changes, such as file creation and block allocation,
have consistently been identified as file system
performance problems in many user environments. We
compare several implementations that... / providing stronger integrity and security guarantees than most UNIX file br both an integrity weakness and a security hole. However allocation
28 Trust and Partial Typing in Open Systems of Mobile Agents - Riely, Hennessy (1998)(Correct)
We present a partially-typed semantics for Dp, a distributed p-calculus. The semantics
is designed for mobile agents in open distributed systems in which some sites may harbor
malicious intentions. ... / must assume some underlying security mechanisms for communication br One approach would be to add security features directly in the
28 Probabilistic Noninterference in a Concurrent Language - Volpano, Smith (1998)(Correct)
In [15], we give a type system that guarantees that well-typed multi-threaded programs are possibilistically noninterfering. If thread scheduling is probabilistic, however, then well-typed programs ma... / of the th IEEE Computer Security Foundations Workshop Rockport br For simplicity we limit the security classes here to just L and H