IEEE Symposium on Security and Privacy
List of Sessions and Papers
Session: Authorization and Authentication
Toward Acceptable Metrics of Authentication
Michael K. Reiter and
Stuart G. Stubblebine (AT&T Labs--Research)
An Authorization Scheme for Distributed Object Systems
V. Nicomette and Y. Deswarte
(LAAS-CNRS & INRIA, France)
A Logical Language for Expressing Authorizations
Sushil Jajodia (George Mason
University), Pierangela Samarati (Universita' di Milano) and
V. S. Subrahmanian (University of Maryland)
Session: Applications
Anonymous Connections and Onion Routing
Paul F. Syverson, David
M. Goldschlag and Michael G. Reed (Naval Research Labs)
The Design and Implementation of a Multilevel Secure Log Manager
Vikram R. Pesati, Thomas
F. Keefe and Shankar Pal (Penn State University)
A Secure and Reliable Bootstrap Architecture
A. Arbaugh and David
J. Farber and Jonathan M. Smith (University of
Pennsylvania)
An MBone Proxy for a Firewall Toolkit
Kelly Djahandari and Dan
Sterne (Trusted Information Systems)
Session: Security Theory
Secure Software Architectures
Mark Moriconi, Xiaolei Qian,
R. A. Riemenschneider (SRI) and Li Gong (JavaSoft)
A General Theory of Security Properties and Secure
Composition
A. Zakinthinos and
E.S. Lee (Cambridge University, U.K.)
Analyzing Consistency of Security Policies
Laurence Cholvy and Frederic
Cuppens (ONERA CERT, France)
Session: Architectures
Packet Filtering: Local Enforcement for Global Policies
Joshua D. Guttman
(MITRE)
Providing Flexibility in Information Flow Control for
Object-Oriented Systems
Elena Ferrari, Pierangela
Samarati and Elisa Bertino (Universita' di Milano) and Sushil
Jajodia (George Mason University)
Automated Analysis of Cryptographic Protocols
J. Mitchell, M. Mitchell,
and U. Stern (Stanford University)
Session: Intrusion Detection and Beyond
How to Systematically Classify Computer Security
Intrusions
Ulf
Lindqvist and Erland Jonsson (Chalmers University of
Technology, Sweden)
Surviving Information Warfare Attacks on Databases
Paul Ammann and Sushil Jajodia
(George Mason Univeristy), Catherine D. McCollum and Barbara
T. Blaustein (MITRE)
Execution Monitoring of Security-Critical Programs in a
Distributed System: A Specification-based Approach
Calvin Ko (Trusted Information
Systems), Manfred Ruschitzka and Karl Levitt (University of
California Davis)
Catalytic Inference Analysis: Detecting Inference Threats due
to Knowledge Discovery
John Hale and Sujeet Shenoi
(University of Tulsa)
Session: System Vulnerabilities
Analysis of a Denial of Service Attack on TCP
Christoph L. Schuba, Ivan
V. Krsuland, Markus G. Kuhn, Eugene H. Spafford, Aurobindo
Sundaram and Diego Zambon (Purdue University)
Deniable Password Snatching: On the Possibility of Evasive
Electronic Espionage
A. Young and M. Yung (Columbia
University)
Number Theoretic Attacks On Secure Password Schemes
Sarvar Patel (Bellcore)