Results 1 -
9 of
9
Challenges in Computer Security Education
- IEEE Software
, 1997
"... Public reporting burden for the collection of information is estimated to average 1 hour per response, including the time for reviewing instructions, searching existing data sources, gathering and maintaining the data needed, and completing and reviewing the collection of information. Send comments ..."
Abstract
-
Cited by 8 (4 self)
- Add to MetaCart
(Show Context)
Public reporting burden for the collection of information is estimated to average 1 hour per response, including the time for reviewing instructions, searching existing data sources, gathering and maintaining the data needed, and completing and reviewing the collection of information. Send comments regarding this burden estimate or any other aspect of this collection of information,
A DNS Filter and Switch for Packet-filtering Gateways
- In Proc. Usenix
, 1996
"... IP-transparent firewalls require access to the external Domain Name System (DNS) from protected in-ternal hosts. Misconfigurations and misuse of this system can create internal administrative and security problems. Dnsproxy provides access to and protection from untrusted DNS services. It runs on a ..."
Abstract
-
Cited by 6 (1 self)
- Add to MetaCart
(Show Context)
IP-transparent firewalls require access to the external Domain Name System (DNS) from protected in-ternal hosts. Misconfigurations and misuse of this system can create internal administrative and security problems. Dnsproxy provides access to and protection from untrusted DNS services. It runs on a firewall, or on a trusted host just inside the firewall. The program receives (or intercepts) DNS queries and forwards them to an appropriate internal or external “realm ” for processing. The responses can be checked, filtered, and modified before they are returned to the requester. The logging and consistency checks can provide infor-mation about possible DNS attacks and irregularities that are not available from most DNS implementa-tions.
An Experience Teaching a Graduate Course in Cryptography
- Journal of Information Systems Education
, 1997
"... We describe an experience of teaching "Cryptography and Computer Security" in the fall of 1995 at New York University. The class was intended as an introduction for graduate students interested in exploring the historical, theoretical and practical aspects of computer security. Topics cove ..."
Abstract
-
Cited by 3 (0 self)
- Add to MetaCart
We describe an experience of teaching "Cryptography and Computer Security" in the fall of 1995 at New York University. The class was intended as an introduction for graduate students interested in exploring the historical, theoretical and practical aspects of computer security. Topics covered include classical cryptography, elementary number theory, several security systems, and protocols. The focus on breadth was intentional as the goal of the course was to give students with widely devergent backgrounds exposure to different areas that might interest them. The course content as well as lessons learned and plans for the future are discussed. 1 Introduction This paper describes a course titled "Cryptography and Computer Security" that was taught at New York University in the Fall of 1995. The department head at NYU requested a course for practitioners, with an emphasis on applications and real-world problems. Thus, there were four phases to the course, classical cryptography, conventi...
An Analysis of Some Software Vulnerabilities
- IN PROCEESINGS OF THE 21ST NIST-NCSC NATIONAL INFORMATION SYSTEMS SYMPOSIUM
, 1998
"... Many engineering fields have recognized the need to analyze past mistakes and failures in the hope of learning from them. In computer science this realization has resulted in the development of software testing techniques that attempt to detect known problems from software systems and in improved co ..."
Abstract
-
Cited by 3 (0 self)
- Add to MetaCart
Many engineering fields have recognized the need to analyze past mistakes and failures in the hope of learning from them. In computer science this realization has resulted in the development of software testing techniques that attempt to detect known problems from software systems and in improved compilers and development tools. However, there exists a series of software failures where detailed analysis is rarely published, mainly for fear that the information could be used against active systems. These software failures, commonly referred to as computer vulnerabilities, have special properties that set them apart from traditional software failures. Detailed analysis of the factors that contribute to the existence of these vulnerabilities is mostly limited to cryptic articles posted to hacker newsgroups or web sites. There are a few notable exceptions, and this report attempts to add to these with a detailed analysis of four common computer vulnerabilities. The analysis of each vulnera...
Unifying Internet Services Using Distributed Shared Objects
- Fac. of Math. & C.Sc., Vrije Universiteit, Internal report IR-409
, 1996
"... Developing wide area applications such as those for sharing data across the Internet is unnecessarily difficult. The main problem is the widespread use of a communication paradigm that is too low level. We will show how wide area application development can be made easier when using distributed shar ..."
Abstract
-
Cited by 2 (1 self)
- Add to MetaCart
(Show Context)
Developing wide area applications such as those for sharing data across the Internet is unnecessarily difficult. The main problem is the widespread use of a communication paradigm that is too low level. We will show how wide area application development can be made easier when using distributed shared objects instead of a communication-oriented model. An object in our model is physically distributed, with multiple copies of its state on different machines. All implementation aspects such as replication, distribution, and migration of state, are hidden from users through an object's interface. In this paper, we concentrate on the application of distributed shared objects, by providing an outline of a middleware solution that permits integration of the Internet services for e-mail, News, file transfer, and Web documents. vrije Universiteit Faculty of Mathematics and Computer Science 1 Introduction Constructing wide area applications, such as those for sharing data across the Internet,...
Abstract Incentives and Disincentives for DNSSEC Deployment
"... Like many of the Internet’s foundational infrastructures, ..."
(Show Context)
SwitchWare: Towards a 21st Century Network Infrastructure
"... SwitchWare is a set of software technologies which will enable rapid develop-ment and deployment of new network services. By making the basic network service selectable on a per user (or even per packet) basis, the need for formal standardization is eliminated. Additionally, by making the basic netw ..."
Abstract
- Add to MetaCart
(Show Context)
SwitchWare is a set of software technologies which will enable rapid develop-ment and deployment of new network services. By making the basic network service selectable on a per user (or even per packet) basis, the need for formal standardization is eliminated. Additionally, by making the basic network service programmable, the deployment times, today constrained by capital funding limi-tations, are tremendously reduced (to the order of software distribution times). Finally, by constructing an advanced, robust programming environment, even the service development time can be reduced. A SwitchWare switch consists of input and output ports controlled by a soft-ware-programmable element; programs are contained in sequences of messages sent to the SwitchWare switch’s input ports, which interpret the messages as pro-grams called ‘‘Switchlets’’. This accelerates the pace of network evolution, as ev olving user needs can be immediately reflected in the network infrastructure. Immediate reconfigurability also enhances the adaptability of the network infras-tructure to unexpected situations. A network built from SwitchWare switches is an active network. 1.
