Articles entered in previous issues of Cipher
- Computer Communications, Vol. 22, No. 10 (June 1999):
-
B. Harris and R. Hunt. TCP/IP security threats and attack methods. pp.
885-897.
- Computer Communications, Vol. 22, No. 12 (July 1999):
-
T. Klobucar and B. Jerman-Blazic. A formalisation and evaluation of
certificate policies. pp. 1104-1110.
- C.-C. Chang, P.-C. Huang and W.-B. Lee. Conference key distribution
schemes for portable communication systems. pp. 1160-1164.
- R. Oppliger. Security issues related to mobile code and agent-based
systems. pp. 1165-1170.
- Journal of Cluster Computing, Vol. 2, No. 1 (1999):
- A. Ganz, S. Park and Z. Ganz. Experimental measurements and design
guidelines for real-time software encryption in multimedia wireless
LANs.
pp. 35-43.
- Information Processing Letters, Vol. 71, No. 1 (July 1999):
-
Y.-M. Tseng and J.-K. Jan. Attacks on threshold signature schemes
with traceable signers. pp. 1-4.
- Computer Communication Review, Vol. 29, No. 3 (July 1999):
-
C. Mitchell and K. Rantos. A Fair Certification Protocol. pp. 47-49.
- Computer Communications, Vol. 22, No. 13 (August 1999):
-
M. Peyravian, S. Matyas and N. Zunic. Decentralized group key management
for secure multicast communications. pp. 1183-1187.
- IEEE Journal on Selected Areas in Communications, Vol. 17, No. 9
(September 1999):
-
M. Waldvogel, G. Caronni, D. Sun, N. Weiler and B. Plattner.
The VersaKey Framework: Versatile Group Key Management. pp. 1614-1631.
- Software Practice and Experience, Vol. 29, No. 12 (October 1999):
-
I. Brown and C. Snow. A Proxy Approach to E-mail Security.
pp. 1049-1060.
- Operating Systems Review, Vol. 33, No. 4 (October 1999):
-
D. Patiyoot and S. Shepherd. Security Issues in ATM
Networks. pp. 22-35.
- D. Patiyoot and S. Shepherd. WASS: A Security Service for Wireless ATM
Networks. pp. 36-41.
- J. Bull and D. Otway. A Nested Mutual Authentication Protocol. pp.
42-47.
- Y. Zhang, Z. Li and G. Xiao. An Approach to the Formal
Verification of the Two-Party Cryptographic Protocols. pp. 48-51.
- Communications of the ACM, Vol. 42, No. 10 (October 1999):
-
T. Lau, O. Etzioni and D. Weld. Privacy Interfaces for Information
Management. pp. 88-94.
- Computer Communication Review, Vol. 29, No. 4 (October 1999):
-
C. Shields and J. Garcia-Luna-Aceves. KHIP - A Scalable Protocol for
Secure Multicast Routing. pp. 53-64.
- Journal of Cluster Computing, Vol. 2, No. 2 (1999):
-
T. Ryutov, G. Gheorghiu and B. Neuman. An authorization framework
for metacomputing applications. pp. 165-175.
- IEEE Computer, Vol. 32, No. 8 (August 1999):
-
T. Ritter. Cryptography: Is Staying with the Herd Really Best?
pp. 94-95.
- IEEE Transactions on Information Theory, Vol. 45, No. 6 (September
1999):
-
N. Merhav and E. Arikan. The Shannon Cipher Systems with a Guessing
Wiretapper. pp. 1860-1866.
- IEEE Communications Magazine, Vol. 37, No. 9 (September 1999):
-
P. Wing and B. O'Higgins. Using Public-Key Infrastructures for Security
and Risk Management. pp. 71-73.
- S. Wakid, J. Barkley and M. Stall. Object Retrieval and Access
Management
in Electronic Commerce. pp. 74-77.
- E. Maxwell, S. Wakid and J. Moline. A Policy Perspective on Electronic
Commerce. pp. 87-91.
- IEEE Communications Magazine, Vol. 36, No. 7 (July 1998):
-
M. Greenberg, J. Byington and D. Harper. Mobile Agents and Security.
pp. 76-85.
- ACM Transactions on Programming Languages and Systems, Vol. 21, No. 1
(January 1999):
- R. Stata and M. Abadi. A Type System for Java Bytecode Subroutines.
pp. 90-137.
- ACM Computer Communication Review, Vol. 29, No. 2 (April 1999):
- M. de Vivo, E. Carrasco, G. Isern and G. de Vivo. A Review of Port
Scanning Techniques. pp. 41-48.
- ACM Transactions on Information Systems, Vol. 17, No. 2 (April 1999):
- E. Bertino, S. Jajodia and P. Samarati. A Flexible Authorization
Mechanism
for Relational Data Management Systems. pp. 101-140.
- Computer Communications, Vol. 22, No. 7 (May 1999):
- F. Hatefi and F. Golshani. A new framework for secure network
management.
pp. 629-636.
- J. Stach, E. Park and K. Makki. Performance of an enhanced GSM protocol
supporting non-repudiation service. pp. 675-680.
- Computer Communications, Vol. 22, No. 8 (May 1999):
- S. Gritzalis, D. Spinellis and P. Georgiadis. Security protocols over
open
networks and distributed systems: formal methods for their analysis,
design, and verification. pp. 697-709.
- J. Zhou and K. Lam. Securing digital signatures for non-repudiation.
pp. 710-716.
- H.-M. Sun. An efficient nonrepudiable threshold signature scheme with
known signers. pp. 717-722.
- W.-H. He and T.-C. Wu. Cryptanalysis of Lee and Chang's ID-based
information security functions. pp. 723-726.
- J.-J. Tsai, T. Hwang and C.-H. Wang. New generalized group-oriented
cryptosystem based on Diffie-Hellman scheme. pp. 727-729.
- N.-Y. Lee and T. Hwang. Group-oriented undeniable signature schemes
with a trusted center. pp. 730-734.
- K. Tan and H. Zhu. A conference key distribution scheme based on the
theory of quadratic residues. pp. 735-738.
- B. Zhan, Z. Li, Y. Yang and Z. Hu. On the security of HY-key
authentication
scheme. pp. 739-741.
- M.-S. Hwang. Cryptanalysis of a remote login authentication scheme.
pp. 742-744.
- H.-M. Sun. On-line multiple secret sharing based on a one-way function.
pp. 745-748.
- Y.-M. Tseng and J.-K. Jan. Anonymous conference key distribution systems
based on the discrete logarithm problem. pp. 749-754.
- K. Tan and H. Zhu. General secret sharing scheme. pp. 755-757.
- V. da Rocha and D. Macedo. A secret-key cipher based on a non-linear
structured code. pp. 758-761.
- K.-J. Tan, H.-W. Zhu and S.-J. Gu. Cheater identification in (t,n)
threshold scheme. pp. 762-765.
- IEEE Journal on Selected Areas in Communications, Vol. 17, No. 6 (June
1999):
- J. Xu and M. Singhal. Design and Evaluation of a High-Performance ATM
Firewall
Switch and Its Applications. pp. 1190-1200.
- IEICE Trans on Fundamentals of Electronics, Communications and Computer
Sciences, Vol. E82-A, No. 6 (June 1999):
- C.-S. Laih, F.-K. Tu and Y.-C. Lee. On the Implementation of
Public Key Cryptosystems against Fault-Based Attacks. pp. 1082-1089.
- Operating Systems Review, Vol. 33, No. 3 (July 1999):
- S.-L. Ng. Comments on Xu, Zhang and Zhu's paper on "On the Security of
Three-Party Cryptographic Protocols". pp. 5-6.
- J.-H. Lee. The Big Brother Ballot. pp. 19-25.
- D. Patiyoot and S. Shepherd. Modelling and Evaluation of security
induced delay in Wireless ATM Networks. pp. 26-31.
- Proceedings of the IEEE, Vol. 87, No. 7 (July 1999):
[Special issue on Identification and Protection of Multimedia
Information]
- B. Macq. Scanning the Special Issue on Identification and Protection of
Multimedia Information. pp. 1059-1061.
- F. Petitcolas, R. Anderson and M. Kuhn. Information Hiding - A Survey.
pp. 1062-1078.
- F. Hartung and M. Kutter. Multimedia Watermarking Techniques (Invited
Paper).
pp. 1079-1107.
- R. Wolfgang, C. Podilchuk and E. Delp. Perceptual Watermarks for Digital
Images and Video (Invited Paper). pp. 1108-1126.
- I. Cox, M. Miller and A. McKellips. Watermarking as Communications with
Side
Information (Invited Paper). pp. 1127-1141.
- J. Hernandez and F. Perez-Gonzalez. Statistical Analysis of
Watermarking Schemes for Copyright Protection of
Images. pp. 1142-1166.
- D. Kundur and D. Hatzinakos. Digital Watermarking for Telltale Tamper
Proofing and Authentication (Invited Paper). pp. 1167-1180.
- J. Brassil, S. Low and N. Maxemchuk. Copyright Protection for the
Electronic Distribution of Text Documents (Invited
Paper). pp. 1181-1196.
- G. Voyatzis and I. Pitas. The Use of Watermarks in the Protection
of Digital Multimedia Products. pp. 1197-1207.
- N. Paskin. Toward Unique Identifiers (Invited Paper). pp. 1208-1227.
- K. Hill. A Perspective: The Role of Identifiers in Managing and
Protecting Intellectual Property in the Digital Age (Invited
Paper). pp. 1228-1238.
- P. Schneck. Persistent Access Control to Prevent Piracy of Digital
Information. pp. 1239-1250.
- D. Augot, J.-M. Boucqueau, J.-F. Delaigle, C. Fontaine and
E. Goray. Secure Delivery of Images over Open Networks (Invited
Paper). pp. 1251-1266.
- J. Bloom, I. Cox, T. Kalker, J.-P. Linnartz, M. Miller and
C. Traw. Copy Protection of DVD Video. pp. 1267-1276.
- IEEE Software, Vol. 16, No. 4 (July/August 1999):
- T. Shimeall and J. McDermott. Software Security in an Internet
World: An Executive Summary. pp. 58-61.
- J. Michener. System Insecurity in the Internet Age. pp. 62-69.
- R. Ellison, R. Linger, T. Longstaff and N. Mead. Survivable
Network System Analysis: A Case Study. pp. 70-77.
- Communications of the ACM, Vol. 42, No. 7 (July 1999):
[Special section on Defensive Information Warfare]
- B. Panda and J. Giordano. Introduction. pp. 30-32.
- S.-K. Chin. High-Confidence Design for Security. pp. 33-37.
- A. Ghosh and J. Voas. Inoculating Software for Survivability. pp. 38-44.
- T. Goan. A Cop on the Beat: Collecting and Appraising Intrusion
Evidence. pp. 46-52.
- R. Durst, T. Champion, B. Witten, E. Miller and L. Spagnuolo.
Testing and Evaluating Computer Intrusion Detection Systems. pp. 53-61.
- M. Stillerman, C. Marceau and M. Stillman. Intrusion Detection for
Distributed Applications. pp. 62-69.
- S. Jajodia, C. McCollum and P. Ammann. Trusted Recovery. pp. 71-75.
- Computer Networks, Vol. 31, No. 8 (April 1999):
[Special issue on Computer Network Security]
- P. Janson and H. Rudin. (Guest Editorial) Computer Network Security.
pp. 785-786.
- R. Molva. Internet security architecture. pp. 787-804.
- H. Debar, M. Dacier and A. Wespi. Towards a taxonomy of
intrusion-detection systems. pp. 805-822.
- C. Ellison. The nature of a useable PKI. pp. 823-830.
- S. Smith and S. Weingart. Building a high-performance, programmable
secure coprocessor. pp. 831-860.
- N. Asokan, H. Debar, M. Steiner and M. Waidner.
Authenticating public terminals. pp. 861-870.
- G. Ateniese, A. Herzberg, H. Krawczyk and G. Tsudik.
Untraceable mobility or how to travel incognito.
pp. 871-884.
- R. Hauser, T. Przygienda and G. Tsudik. Lowering security
overhead in link state routing. pp. 885-894.
- IEEE Computer, Vol. 32, No. 4 (April 1999):
- S. Jajodia, P. Ammann and C. McCollum. Surviving Information Warfare
Attacks.
pp. 57-63.
- IEICE Transactions on Information and Systems, Vol. E82-D, No. 4 (April
1999):
- H. Kikuchi, M. Hakavy and D. Tygar. Muti-Round Anonymous Auction
Protocols.
pp. 769-777.
- M. Iguchi and S. Goto. Detecting Malicious Activities through Port
Profiling.
pp. 784-792.
- Operating Systems Review, Vol. 33, No. 2 (April 1999):
- D. Patiyoot and S. Shepherd. WASS: Wireless ATM Security System. pp.
29-35.
- D. Patiyoot and S. Shepherd. Cryptographic Security Techniques for
Wireless
Networks. pp. 36-50.
- U. Halfmann and W. Kuhnhauser. Embedding Security Policies into a
Distributed
Computing Environment. pp. 51-64.
- ACM SIGMOBILE Mobile Computing and Communications Review, Vol. 3, No. 2
(April 1999):
- K. Martin and C. Mitchell.
Comments on an "Optimized Protocol for Mobile Network Authentication and
Security".
page 37.
- Authors' Reply. page 38.
- Computer Communications, Vol. 22, No. 4 (March 1999):
- K. Tan and H. Zhu. Remote password authentication scheme based on
cross-product.
pp. 390-393.
- Information Processing Letters, Vol. 69, No. 6 (March 1999):
- W.-G. Tzeng and C.-M. Hu. Inter-protocol interleaving attacks on some
authentication and key distribution protocols. pp. 297-302.
- Computer Communications, Vol. 22, No. 3 (February 1999):
- W.-C. Ku and S.-D. Wang. A secure and practical electronic voting
scheme.
pp. 279-286.
- N.-Y. Lee and T. Hwang. On the security of fair blind signature scheme
using
oblivious transfer. pp. 287-290.
- ACM SIGCOMM Computer Communication Review, Vol. 29, No. 1 (January
1999):
- L. Pierson, E. Witzke, M. Bean and G. Trombley.
Context-Agile Encryption for High Speed Communication Networks. pp.
35-49.
- M. de Vivo, G. de Vivo, R. Koeneke and G. Isem.
Internet Vulnerabilities Related to TCP/IP and T/TCP. pp. 81-85.
- Computer Communications, Vol. 22, No. 2 (January 1999):
- H.-M. Sun, S.-P. Shieh and H.-M. Sun. A note on breaking and repairing a
secure
broadcasting in large networks. pp. 193-194.
- Computer Communications, Vol. 22, No. 1 (January 1999):
- S.-P. Shieh, C.-T. Lin and S. Wu.
Optimal assignment of mobile agents for software authorization and
protection.
pp. 46-55.
- W.-S. Juang and C.-L. Lei. Partially blind threshold signatures based on
discrete logarithm. pp. 73-86.
- N.-Y. Lee and T. Hwang. Comments on 'dynamic key management schemes
for access control in a hierarchy'. pp. 87-89.
- ACM Transactions on Database Systems, Vol. 32, No. 4 (September 1998):
- E. Bertino, C. Bettini, E. Ferrari and P. Samarati.
An Access Control Model Supporting Periodicity Constraints and Temporal
Reasoning. pp. 231-285.
- Communications of the ACM, Vol. 42, No. 2 (February 1999):
[Special section on Internet Privacy]
- L. Cranor. Introduction. pp. 29-31.
- M. Reiter and A. Rubin.
Anonymous Web Transactions with Crowds. pp. 32-38.
- D. Goldschlag, M. Reed and P. Syverson.
Onion Routing for Anonymous and Private Internet Connections. pp. 39-41.
- E. Gabber, P. Gibbons, D. Kristol, Y. Matias and A. Mayer.
Consistent, Yet Anonymous, Web Access with LPWA. pp. 42-47.
- J. Reagle and L. Cranor.
The Platform for Privacy Preferences. pp. 48-55.
- P. Benassi.
TRUSTe: An Online Privacy Seal Program. pp. 56-59.
- R. Clarke. Internet Privacy Concern Confirm the Case for Intervention.
pp. 60-67.
- Notices of the American Mathematical Society, Vol. 46, No. 2 (February
1999):
- D. Boneh. Twenty years of attacks on the RSA cryptosystem. pp. 203-213.
- Information and Computation, Vol. 148, No. 1 (January 1999):
- M. Abadi and A. Gordon. A Calculus for Cryptographic Protocols: The Spi
Calculus.
pp. 1-70.
- ACM Operating Systems Review, Vol. 33, No. 1 (January 1999):
- T. Kwon and J. Song. Clarifying Straight Replays and Forced Delays. pp.
47-52.
- Information Processing Letters, Vol. 69, No. 2 (January 1999):
- C.-H. Wang, T. Hwang and N.-Y. Lee.
Comments on two group signatures. pp. 95-97.
[Thanks to Carl Landwehr for the next two entries -A.M.]
- Information Processing Letters, Vol. 68, No. 5 (December 1998):
- Y. Zheng and H. Imai.
How to construct efficient signcryption schemes on elliptic curves. pp.
227-233.
- IEEE Transactions on Computers, Vol. 47, No. 12 (December 1998):
- M. Reiter and S. Stubblebine. Resilient Authentication Using Path
Independence.
pp. 1531-1362.
- SIGMOD Record, Vol. 27, No. 4 (December 1998):
- J. Domingo-Ferrer and J. Herrera-Joancomarti.
An Anonymous Electronic Commerce Scheme with an Off-Line Authority and
Untrusted Agents. pp. 62-67.
- Mobile Networks and Applications, Vol. 3, No. 4 (1998):
V. Gupta and G. Montenegro. Secure and mobile networking. pp. 381-390.
- IEEE Internet Computing, Vol. 2, No. 6 (November/December 1998):
- G. McGraw and E. Felten.
Guest Editors' Introduction Mobile Code and Security.
- A. Rubin and D. Geer.
Mobile Code Security.
- B. Hashii, M. Lal, R. Pandey and S. Samorodin.
Securing Systems Against External Programs.
- V. Anupam and A. Mayer.
Secure Web Scripting.
- L. Gong.
Secure Java Class Loading.
- Information Processing Letters, Vol. 68, No. 4 (November 1998):
- H. Gilbert, D. Gupta, A. Odlyzko and J.-J. Quisquater.
Attacks on Shamir's 'RSA for paranoids'. pp. 197-199.
- Journal of Systems and Software, Vol. 43, No. 3 (November 1998):
Q. Shi and N. Zhang. An effective model for composition of secure
systems.
pp. 233-244.
-
The Computer Journal, Vol. 41, No. 7 (1998):
- R. Benjamin, B. Gladman and B. Randell.
Protecting IT systems from cyber crime. pp. 429-443.
- H. Thimbleby, S. Anderson and P. Cairns.
A framework for modelling Trojans and computer virus infection.
pp. 444-458.
- ACM Computer Communication Review, Vol. 28, No. 5 (October 1998):
- C.-H. You, J. Zhou and K.-Y. Lam.
On the Efficient Implementation of Fair Non-Repudiation. pp. 50-60.
- A. Mathuria. Comparing Lower Bounds on Messages and Rounds for Two
Classes of Key Establishment Protocols. pp. 91-98.
- ACM Computer Communication Review, Vol. 28, No. 4 (October 1998):
-
C. Wong, M. Gouda and S. Lam.
Secure Group Communication Using Key Graphs. pp. 68-79.
- ACM SIGACT News, Vol. 29, No. 3 (September 1998):
- D. Volpano and G. Smith.
Confinement Properties for Programming Languages. pp. 33-42.
-
IEEE Network, Vol. 12, No. 3 (May/June 1998):
- D. Scott Alexander, W. Arbaugh, M. Hicks, P. Kakkar, A. Kermoytis,
J. Moore, C. Gunther, S. Nettles and J. Smith.
The SwitchWare Active Network Architecture. pp. 29-36.
- D. Scott Alexander, W. Arbaugh, A. Keromytis and J. Smith.
A Secure Active Network Environment Architecture: Realization in
SwitchWare. pp. 37-45.
-
Information Processing Letters, Vol. 66, No. 6 (June 1998):
- T.-M. Hsieh, Y.-S. Yeh, Y.-C. Hsieh and C.-C. Wang.
A homophonic DES. pp. 317-320.
-
Computer Communications, Vol. 21, No. 7 (June 1998):
- B. Soh and S. Young.
Distributed computing: an experimental investigation of
a malicious denial-of-service applet. pp. 670-674.
-
Computer Communications, Vol. 21, No. 13 (September 1998):
- R. Hunt.
Internet/Intranet firewall security - policy, architecture
and transaction services. pp. 1107-1123.
- R.-J. Hwang and C.-C. Chang.
An on-line secret sharing scheme for multi-secrets.
pp. 1170-1176.
-
IEEE Transactions on Parallel and Distributed Systems, Vol. 9, No. 9
(September 1998):
- M. Naor and A. Wool. Access Control and Signatures via
Quorum Secret Sharing. pp. 909-922.
-
IEEE Transactions on Software Engineering, Vol. 24, No. 9
(September 1998):
- S. Schneider.
Verifying Authentication Protocols in CSP. pp. 741-758.
-
IEEE Transactions on Information Theory, Vol. 44, No. 5 (September 1998):
- D. Boneh and J. Shaw.
Collusion-Secure Fingerprinting for Digital Data. pp. 1897-1905.
-
Information and Computation, Vol. 146, No. 1 (October 1998):
- C. Blundo, A. De Santis, A. Herzberg, S. Kutten, U. Vaccaro and M. Yung.
Perfectly Secure Key Distribution for Dynamic Conferences. pp. 1-23.
-
Theory and Practice of Object Systems, Vol. 4, No. 3 (1998):
- E. Bertino, E. Ferrari and P. Samarati.
Mandatory Security and Object-Oriented Systems: A Multilevel Entity
Model and Its Mapping onto a Single-Level Object Model. pp. 183-204.
-
IEEE Communications Magazine, Vol. 36, No. 10 (October 1998):
- D. Alexander, W. Arbaugh, A. Keromytis and J. Smith.
Safety and Security of Programmable Network Infrastructures.
pp. 84-86, 91-92.
-
IEICE Transactions on Information and Systems, Vol. E81-D, No. 10
(October 1998):
- T.-J. Son, K.-Y. Whang, W.-Y. Kim and I.-Y. Song.
A Conflict Detection Mechanism for Authorization Using Intention Types
in Object-Oriented Database Systems. pp. 1053-1063.
-
IEEE Transactions on Computers, Vol. 47, No. 10 (October 1998):
- M. Kuhn.
Cipher Instruction Search Attack on the Bus-Encryption Security
Microcontroller DS5002FP. pp. 1153-1157.
-
Information Processing Letters, Vol. 68, No. 3 (November 1998)
- C. Padro.
Robust vector space secret sharing schemes. pp. 107-112.
-
Dr. Dobb's Journal, Vol. 23, No. 12 (December 1998):
- A. Ramanujapuram and P. Ram.
Digital Content & Intellectual Property Rights. pp. 20-27.
- B. Schneier.
The Twofish Encryption Algorithm. pp. 30-38.
- J. Daemen and C. Clapp.
The Panama Cryptographic Function. pp. 42-49.
- T. Aslam.
Protocols for E-Commerce. pp. 52-58.
- P. Trout.
Domain Usage Tracking for Windows NT. pp. 60-65.
- E. Conklin.
Smart Cards and the Open Terminal Architecture. pp. 70-80.
o B. Preneel, V. Rijmen and A. Bosselaers.
Principles and Performance of Crytographic Algorithms. pp. 126-131.
-
IEEE Computer, Vol. 31, No. 12 (December 1998):
- C. Irvine, S.-K. Chin, and D. Frincke. Integrating Security into the
Curriculum. pp. 25-30.
-
IEEE Network, Vol. 12, No. 3 (May/June 1998):
- D. Scott Alexander, W. Arbaugh, M. Hicks, P. Kakkar, A. Kermoytis,
J. Moore, C. Gunther, S. Nettles and J. Smith.
The SwitchWare Active Network Architecture. pp. 29-36.
- D. Scott Alexander, W. Arbaugh, A. Keromytis and J. Smith.
A Secure Active Network Environment Architecture: Realization in
SwitchWare. pp. 37-45.
-
Information Processing Letters, Vol. 66, No. 6 (June 1998):
- T.-M. Hsieh, Y.-S. Yeh, Y.-C. Hsieh and C.-C. Wang.
A homophonic DES. pp. 317-320.
-
Computer Communications, Vol. 21, No. 7 (June 1998):
- B. Soh and S. Young.
Distributed computing: an experimental investigation of
a malicious denial-of-service applet. pp. 670-674.
-
Computer Communications, Vol. 21, No. 8 (June 1998):
- C. Wang, C. Lin, C. Chang
Threshold signature schemes with traceable signers in group communications.
pp. 771-776.
-
Computer Communications, Vol. 21, No. 9 (July 1998):
- T. Kwon and J. Song.
Efficient and secure password-based authentication protocols
against guessing attacks. pp. 853-861.
-
IBM Systems Journal, Vol. 37, No. 3 (1998):
- L. Koved, A. Nadalin, D. Neal and T. Lawson.
The evolution of Java security. pp. 349-364.
-
Communications of the ACM, Vol. 41, No. 8 (August 1998):
- L. Cranor and B. LaMacchia.
Spam! pp. 74-83.
- R. Coldwell.
Viewpoint Did Chuck Babbage Predict Software Piracy. pp. 25-27.
-
IEICE Transactions on Communications, Vol. E81-B, No. 8 (August 1998):
- A. Shimizu, T. Horioka and H. Inagaki.
A Password Authentication Method for Contents Communications on
the Internet. pp. 1666-1673.
-
IEEE Computer, Vol. 31, No. 9 (September 1998):
- P. Dowd and J. McHenry.
Network Security: It's Time to Take It Seriously. pp. 24-28.
- B. Schneier.
Cryptographic Design Vulnerabilities. pp. 29-33.
- A. Rubin and D. Geer Jr.
A Survey of Web Security. pp. 34-42.
- R. Oppliger.
Security at the Internet Layer. pp. 43-47.
- W. Arbaugh, J. Davin, D. Farber and J. Smith.
Security for Virtual Private Networks. pp. 48-55.
- T. Taeman, R. Hutchinson, L. Pierson, P. Sholander and E. Witzke.
Algorithm-Agile Encryption in ATM Networks. pp. 57-64.
-
ACM Operating Systems Review, Vol. 32, No. 4 (October 1998):
- R. Anderson, F. Bergadano, B. Crispo, J.H. Lee, C. Nanifavas,
and R. Needham.
A New Family of Authentication Protocols. pp. 9-20.
- C.J. Mitchell and C.Y. Yeun
Fixing A Problem in the Helsinki Protocol. 21-24.
- D. Patiyoot and S.J. Shepherd.
Techniques for Authentication Protocols and Key Distribution
on Wireless ATM Networks. pp. 25-32.
- M. Joye and S.M. Yen.
ID-Based Secret-Key Cryptography. pp. 40-46.
- B. Wagner.
Controlling Cgi Programs. pp. 40--46.
- W. E. Kuhnhauser
A Classification of Interdomain Actions. pp. 47--61.
-
IBM Systems Journal, Vol. 37, No. 1 (1998):
- P.-C. Cheng, J. Garay, A. Herzberg, and H. Krawczyk.
A security architecture for the Internet Protocol. pp. 42-60.
- A. Herzberg and D. Naor.
Surf'N'Sign: Client signatures on Web documents. pp. 61-71.
- J. Abad Peiro, N. Asokan, M. Steiner, and M. Waidner.
Designing a generic payment service. pp. 72-88.
-
Computer Communications, Vol. 20, No. 16 (January 1998):
- B. Soh and S. Young.
Network system and world wide web security. pp. 1431-1436.
-
IEEE Transactions on Data & Knowledge Engineering, Vol. 10, No. 1
(January/February 1998):
- E. Bertino, S. Jajodia, L. Mancini and I. Ray.
Advanced Transaction Processing in Multilevel Secure File
Stores. pp. 120-135.
-
Computers & Security, Vol. 17, No. 2 (1998)
Refereed papers:
- M. Peyravian, A. Rginsky, and A. Kshemkalyani.
On probabilities of hash value matches. pp. 171-176.
- E. Dawson and H. Gustafson.
A method for measuring entropy of symmetric cipher key
generators. pp. 177-184.
-
Electronics Letters, Vol. 34, No. 4 (February 19, 1998)
- G. Horng and C.-K. Hsu.
Weakness in the Helsinki protocol. pp. 354-355.
-
Computer Communications, Vol. 21, No. 2 (March 1998):
- W.-B. Lee and C.-C. Chang.
Authenticity of public keys in asymmetric cryptosystems. pp. 195-198.
-
Computer Communications, Vol. 21, No. 3 (March 1998):
- B. Smith, J. Garcia-Luna-Aceves.
Efficient security mechanisms for the border gateway routing
protocol. pp. 203-210.
- H.-M. Sun and S.-P. Shieh.
Secure broadcasting in large networks. pp. 279-283.
- W.-B. Lee and C.-C. Chang.
Using RSA with low exponent in public network. pp. 284-286.
-
Distributed Computing, Vol. 11, No. 2 (1998):
- J. Gray and P. Syverson.
A logical approach to multilevel security of probabilistic
systems, pp. 73-90.
-
IEEE Network, Vol. 12, No. 2 (March/April 1998):
- T. Bass, A. Freyre, D. Gruber and G. Watt.
E-Mail Bombs and Countermeasures:
Cyber Attacks on Availability and Brand Integrity. pp. 10-17.
-
IEICE Transactions on Information and Systems, Vol. E81-D, No. 4
(April 1998):
- T. Tanaka, Y. Kaji, H. Watanabe, T. Takata, and T. Kasami.
Security Verification of Real-Time Cryptographic Protocols
Using a Rewriting Approach. pp. 355-363.
-
Computer Networks & ISDN Systems, Vol. 30, Nos. 1-7 (April 1998):
- M. Abadi, A. Birrell, R. Stata and E. Wobber.
Secure Web tunneling. pp. 531-539.
- M. Naor and B. Pinkas.
Secure accounting and auditing on the Web. pp. 541-550.
- R. Khare and A. Rifkin.
Trust management on the World Wide Web. pp. 651-653.
-
ACM SIGOPS Operating Systems Review, Vol. 32, No. 2 (April 1998)
- M. de Vivo, G. de Vivo, and G. Isern.
Internet security attacks at the basic levels. pp. 4-15.
- S. Gritzalis and G. Aggelis.
Security issues surrounding programming languages for mobile code:
JAVA vs. Safe-Tcl. pp. 16-32.
-
Electronics Letters, Vol. 34, No. 10 (May 14, 1998)
- C. Mitchell, M. Ward and P. Wilson.
Key control in key agreement protocols. pp. 980-981.
-
IEEE Journal on Selected Areas in Communications, Vol. 16, No. 4
(May 1998):
[Special issue on Copyright and Privacy Protection]
- R. Anderson, I. Cox, S. Low and N. Maxemchuk.
Guest Editorial. pp. 449-451.
- G. Simmons.
The History of Subliminal Channels. pp. 452-462.
- G. Simmons.
Results Concerning the Bandwidth of Subliminal Channels. pp. 463-473.
- R. Anderson and F. Petitcolas.
On the Limits of Steganography. pp. 474-481.
- M. Reed, P. Syverson and D. Goldschlag.
Anonymous Connections and Onion Routing. pp. 482-494.
- A. Jerichow, J. Muller, A. Pfitzmann, B. Pfitzmann and M. Waidner.
Real-Time Mixes: A Bandwidth-Efficient Anonymity Protocol. pp. 495-509.
- J. Hernandez, F. Perez-Gonzalez, J. Rodriguez and G. Nieto.
Performance Analysis of a 2-D-Multipulse Amplitude Modulation Scheme
for Data Hiding and Watermarking of Still Images. pp. 510-524.
- C. Podilchuk and W. Zeng.
Image-Adaptive Watermarking Using Visual Models. pp. 525-539.
- M. Swanson, B. Zhu and A. Tewfik.
Multiresolution Scene-Based Video Watermarking Using Perceptual
Models. pp. 540-550.
- R. Ohbuchi, H. Masuda and M. Aono.
Watermarking Three-Dimensional Polygonal Models Through Geometric and
Topological Modifications. pp. 551-560.
- S. Low and N. Maxemchuk.
Performance Comparison of Two Text Marking Methods. pp. 561-572.
- S. Craver, N. Memon, B.-L. Yeo and M. Yeung.
Resolving Rightful Ownerships with Invisible Watermarking Techniques:
Limitations, Attacks, and Implications. pp. 573-586.
- I. Cox and J.-P. Linnartz.
Some General Methods for Tampering with Watermarks. pp. 587-593.
-
Computer Communications, Vol. 21, No. 5 (May 1998):
- Y.-S. Chang and T.-C. Wu.
Group-oriented authentication mechanism with key exchange. pp. 485-497.
-
Proceedings of the IEEE, Vol. 86, No. 6 (June 1998):
- Swanson, Kobayashi, and Tewfik.
Multimedia Data Embedding and Watermarking Technologies. pp. 1064-1087.
-
IEEE Computer, Vol. 31, No. 6 (June 1998)
- U. Lindqvist and E. Jonsson.
A Map of Security Risks Associated with Using COTS. pp. 60-66.
- Q. Zhong and N. Edwards.
Security Control for COTS Components. pp. 67-73.
-
ACM SIGOPS Operating Systems Review, Vol. 32, No. 3 (July 1998)
- S. Xu, G. Zhang and H. Zhu.
On the Security of Three-Party Cryptographic Protocols. pp. 7-20.
-
Communications of the ACM, Vol. 41, No. 7 (July 1998)
- Digital Watermarking
N. Memon and P. Wong.
Protecting digital media content. pp. 35-43.
- S. Craver, B.-L. Yeo, and M. Yeung.
Technical trials and legal tribulations. pp. 44-55.
- F. Mintzer, G. Braudaway, and A. Bell.
Opportunities for watermarking standards. pp. 56-65.
- J. Zhao, E. Koch, and C. Luo.
In business today and tomorrow. pp. 67-72.
- J. Acken.
How watermarking adds value to digital content. pp. 75-80.
-
Proceedings of the IEEE, Vol. 86, No. 7 (July 1998):
- A. Mehrotra and L. Golding.
Mobility and Security Management in GSM System and Some
Proposed Future Improvements. pp. 1480-1497.
-
Computer Networks and ISDN Systems, Vol. 29, No. 15 (November 1997):
- C. Dalton and J. Griffin. Applying military grade security to the
Internet. pp. 1799-1808.
- D. Steves, C. Edmondson-Yurkana and M. Gouda.
Properties of secure transaction protocols. pp. 1809-1821.
- B.-J. Koops. Crypto regulations in Europe. Some key trends and issues.
pp. 1823-1831.
-
Computer Communications, Vol. 20, No. 14 (December 1997):
- W.-B. Lee and C.-C. Chang. Three ID-based information security
functions. pp. 1301-1307.
-
Computer Communications, Vol. 20, No. 15 (December 1997):
- W. Godoy Jr. and D. Pereira Jr. A proposal of a cryptography
algorithm with techniques of error correction. pp. 1374-1380.
- C.-H. Lin. Dynamic key management schemes for access control in a
hierarchy. pp. 1381-1385.
-
Computers & Security, Vol. 17, No. 1 (1998):
- Vesselin Bontchev. Macro virus identification proglems. pp. 69-90.
-
Information Processing Letters, Vol. 65, No. 1 (January 1998):
- P. Ryan and S. Schneider. An attack on a recursive authentication
protocol. A cautionary tale. pp. 7-10.
- R. Molva and G. Tsudik. Secret sets and their applications. pp. 47-55.
-
Information Processing Letters, Vol. 65, No. 2 (January 1998):
- G. Horng. An active attack on protocols for server-aided RSA signature
computation. pp. 71-73.
-
IEEE Transactions on Communications, Vol. 46, No. 1 (January 1998):
- X. Lin, Y. Xing and Y. Yang. Comment on "Reparable Key Distribution
Protocols for Internet Environments". pp. 20-21.
- T. Hwang. Author's reply. pp. 22.
-
IEEE Spectrum, Vol. 35, No. 2 (February 1998):
- S. Lodin and C. Schuba. Firewalls fend off invasions from the net.
pp. 26-34.
-
IEEE Communications Magazine, Vol. 36, No. 2 (February 1998):
- J. Francis, H. Herbrig and N. Jefferies. Secure provision of UMTS
services over diverse access networks. pp. 128-136.
-
Information and Computation, Vol. 140, No. 2 (February 1998):
- S. Low and N. Maxemchuk. A Collusion Problem and Its Solutions.
pp. 158-182.
-
Communications of the ACM, Vol. 41, No. 3 (March 1998):
- H. Wang, M. Lee and C. Wang. Consumer Privacy Concerns about
Internet Marketing. pp. 63-70.
- R. Hall. How to Avoid Unwanted Email. pp. 88-95.
-
IEEE Transactions on Communications, Vol. 46, No. 3 (March 1998):
- S. Low, N. Maxemchuk and A. Lapone. Document Identification for
Copyright Protection Using Centriod Detection. pp. 372-383.
-
IEEE Communications Magazine, Vol. 36, No. 3 (March 1998):
- S. Burgett, E. Kock and J. Zhao. Copyright Labeling of Digitized
Image Data. pp. 94-100.
-
IEEE Internet Computing, Vol. 2, No. 2 (March/April 1998):
- Y.-K. Hsu and S. Seymour.
An Internet Security Framework Based on Short-Lived Certificates.
-
IEEE Computer, Vol. 31, No. 4 (April 1998):
- M. Kang, A. Moore and I. Moskowitz. Design and Assurance Strategy
for the NRL Pump. pp. 56-63.
-
- Journal of Computer Security, Vol. 5, No. 4 [received January, 1998].
Papers from 1996 IFIP WG 11.3 Working Conf. on Database Security.
- S. Castano, S. De Capitani di Vimercati and M. G. Fugini. Automated derivation of global authorizations for database federations. pp. 271-302.
- V. Atluri and W.-K. Huang. Enforcing mandatory and discretionary
security in workflow management systems. pp. 303-340.
- S. A. Demurjian, Sr., and T.C. Ting. Towards a definitive paradigm for security in object-oriented systems and applications. pp. 341-382.
- OnTheInternet Vol. 3, No. 1 (Jan/Feb 1998) (Internet Society)
Russell Baird Tewksbury. Is the Internet heading for a cache crunch? pp. 16-22.
- ACM SIGOPS Operating System Review, Vol. 32, No. 1 (January, 1998).
- Edward A. Feustel and Terry Mayfield. The DGSA: unmet information security challenges for uoperating system designers. pp. 3-22.
- Birgit Pfitzmann and Michael Waidner. How to break fraud-detectable key recovery. pp. 23-28.
- Proceedings of the IEEE, Vol. 85, No. 12 (Dec. 1997).
C. E. Landwehr and D. M. Goldschlag. Security issues in networks with Internet
access. pp. 2034-2051.
- IEEE COMPUTER, Vol. 30, No. 12 (Dec 1997). Chris Herringshaw. Detecting attacks on networks. pp. 16-17.
- ACM SIGOPS Operating System Review, Vol. 31, No. 5 (December, 1997).
Proceedings of the 16th ACM Symp. on Operating Systems Principles:
- Dan S. Wallach, Dirk Balfanz, Drew Dean, and Edward W. Felten. Extensible Security Arhitecture for Java. pp. 116-128.
- Andrew C. Myers and Barbara Liskov. A decentralized model for information flow control. pp. 129-142.
- Journal of Computer Security, Vol. 5, No. 3 [received about November, 1997]. Special issue on Security in the World Wide Web.
- F. Bergadano, B. Crispo and M. Lomas. Strong authenticationi and privacy with standard browsers. pp. 191-212.
- J.-J. Quisquater and M. Joye. Authentication of sequences with the SL2 hash function: application to video sequences. pp. 213-224.
- C. Bryce, W. Kuhnhauser, R. Amouroux, M. Lopez and H. Rudnik. CWASAR: a European infrastructure for secure electronic commerce. pp. 225-236.
- P.F. Syverson, M.G. Reed, and D.M. Goldschlag. Private web browsing. pp. 237-248.
- M. Roscheisen and T. Winograd. A network-centric design for relationship-based security and access control. pp. 249-254.
- M. Winslett, N. Ching, V. Jones and I. Slepchin. Using digital credentials on the World Wide Web. pp. 255-267.
- Computers & Security Volume 16, Number 8 (1997). (Elsevier)
Refereed Papers:
- Thomas H. Hinke, Harry S. Delugach, and Randall P. Wolf. Protecting databases from inference attacks. pp. 687-709.
- Dimitris Gritzalis. A baseline security policy for distributed healthcare information systems. pp. 709-720.
- Computers & Security Volume 16, Number 7 (1997). (Elsevier)
Refereed Paper:
Julie Bunnell, John Podd, Ron Henderson, Renee Napier and James Kennedy moffat. Cognitive, associative and conventional passwords: recall and guessing rates. pp. 629-642.
- Computers & Security Volume 16, Number 6 (1997). (Elsevier)
Refereed Papers:
- L. Labuschagne and J.H.P. Eloff. Improved system-access control using complementary technologies. pp. 543-550.
- Simon Foley. Building Chinese walls in standard Unix. pp. 551-564.
- ACM SIGCOMM Computer Communication Review, Volume 27, Number 4
(October, 1997). Proceedings ACM SIGCOMM '97 Conference.Suvo Mittra and Thomas Woo. A flow-based approach to datagram security. pp. 221-235.
- Computers & Security Volume 16, Number 5 (1997). (Elsevier)
Harold Joseph Highland Commemorative Issue.
- IEEE Trans. on Knowledge and Data Engineering Vol. 9 No. 5
(September/October 1997, received Nov '97):
V. Atluri, S. Jajodia, and E. Bertino. Transaction processing in multilevel
secure databases with kernelized architecture: challenges and solutions.
pp. 697-708.
- Journal of Computer Security, Vol. 5, No. 2
[received about 10/97]:
- D. Malkhi and M. Reiter. A high-throughput secure reliable multicast protocol. pp. 113-128.
- J. Sinclair. Action systems for security specification. pp. 129-154.
- S. De Capitani di Vimercati and P. Samarati. Authorization specification and enforcement in federated database systems. pp. 155-188.
- Journal of Computer Security, Vol. 5, No. 1
[received about 10/97]:
- P.A. Bonatti, M.L. Sapino, and V.S. Subrahmanian. Merging heterogeneous
security orderings. pp. 3-10.
- V. Lotz. Threat scenarios as a means to formally develop secure systems.
pp. 31-68.
- J. Camenisch, U. Maurer, and M. Stadler. Digital payments systems with passive anonymity-revoking trustees. pp. 69-90.
- N. Asokan, G. Tsudic, and M. Waidner. Server-supported signatures.
pp. 91-108.
- Communications of the ACM, Vol. 40, No. 11 (November 1997):
Hal Berghel. Watermarking cyberspace. pp. 19-24.
- IEEE Transactions on Software Engineering, Vol. 23, No. 9 (Sept. 1997): R. Focardi and R. Gorrieri. The compositional security checker: a tool for the verification of information flow security properties. pp. 550-571.
- Computers & Security Volume 16, Number 4 (1997). (Elsevier)
Refereed Article:
Chih-Hung Wang and Tzonelih Hwang. Modefied Chen-Hwang identity-based conference key broadcast schemes with user authentication. pp. 339-344.
- ACM SIGOPS Operating System Review, Vol. 31, No. 4 (October, 1997).
Shouhuai Xu, Gendu Zhang, and Hong Zhu. On the properties fo cryptographic protocols and the weaknesses of the BAN-like logics. pp. 12-23.
- IEEE Software Vol.14, No. 5 (Sept/Oct 1997).
- Charles P. Pfleeger and Deborah M. Cooper. Security and privacy: promising
advances. pp. 27-34.
- Andrew P. Kosoresow and Steven A. Hofmeyr. Intrusion detection via system
call traces. pp. 35-42.
- Nicholas Puketza, Mandy Chung, Ronald A. Olsson, and Biswanath Mukherjee.
A software platform for testing intrusion detection systems. pp. 43-51.
- Nayeem Islam, Rangachari Anand, Trent Jaeger, and Josyula R. Rao. A
flexible security system for using Internet content. pp. 52-59.
- Firewalls: an expert roundtable. pp. 60-66.
- Unlocking key issues in security: interview with Dorothy Denning. pp.
108-109.
- Cynthia E. Irvine. Challenges in computer security education. pp.
110-111.
- IEEE COMPUTER, Vol. 30, No. 9 (Sept 1997).
N. Asokan, Phillipe A. Janson, Michael Steiner, and Micahael Waidner. The
state of the art in electronic payment systems. pp. 28-36.
- IEEE Trans. on Knowledge and Data Engineering Vol. 9 No. 4
(July/August 1997).
- P.C. Chu. Cell suppression methodology: the importance of suppressing
marginal totals. pp. 513-523.
- P. Samarati, E. Bertino, A. Ciampichetti, and S. Jajodia. Information
flow control in object-oriented systems. pp. 524-538.
- S.-P. Shieh and V. D. Gligor. On a pattern-oriented model for intrusion
detection. pp. 661-667.
- I. Majetic and E. L. Leiss. Authorization and revocation in object-
oriented databases. pp. 668-672.
- Computers & Security Volume 16, Number 3 (1997). (Elsevier)
Refereed Articles:
- Zbigniew Ciechanowicz. Risk analysis: requirements, conflicts and problems.
pp. 223-232.
- Ivan Krsul and Eugene H. Spafford. Authorship analysis: identifying the
author of a programs. pp. 233-256.
- IEEE Journal on Selected Areas in Communications, Vol. 15,
No. 3 (April 1997).
Li Gong. Enclaves: enabling secure collaboration over the Internet. pp. 567-575.
Also available at
http://java.sun.com/people/gong/papers/pubs97.html
- IEEE Annals of the History of Computing, Vol. 19, No. 3
(July-Sept 1997).
Donald Mackenzie and Garrel Pottinger. Mathematics, technology, and
trust: formal verification, computer security, and the U. S. military.
pp. 41-59.
- Communications of the ACM, Vol. 40, No. 8 (August 1997):
- Thomas C. Rindfleisch. Privacy, information technology, and health care. pp. 92-101.
- Brock N. Meeks. Privacy lost, anytime, anywhere. pp. 11-13.
- Journal of Computer Security, Vol. 4, No. 4
[received about 7/97]:
- M. K. Reiter, M.K. Franklin, J. B. Lacy, and R. N. Wright.
The Omega key management service. pp.267-288.
- S.-C. Chuang. Security ATM networks. pp. 289-330.
- M. Bishop. Conspiracy and information flow in the Take-Grant protection
model. pp. 331-360.
- Crosstalk, The Journal of Defense Software Engineering, Vol. 10,
No. 8 (August, 1997). Karen Ferraiolo and Victoria Thompson. Let's just be mature about security: using a CMM for security engineering. pp. 15-20.
- Computers & Security Volume 16, Number 2 (1997). (Elsevier)
Features:
- Fred Cohen. Information system defences: a priliminary classification scheme. pp. 94-114.
- Stephane Bouniol. The puzzle theorem -- the less I know, the less I can disclose. pp. 115-126.
Refereed Papers:
- Dennis Volpano and Cynthia Irvine. Secure flow typing. pp. 137-144.
- O. Tettero, D.J. Out, H.M. Franken, and J. Schot. Information security embedded in the design of telematics systems. pp. 145-164.
- ACM Software Engeneering Notes, Vol. 22, No. 4 (July 1997).
Don Reifer. Report on 4th ACM Conf. on Computer and Communications Security. pp. 32-33.
- ACM SIGOPS Operating System Review, Vol. 31, No. 3 (July, 1997).
- Keok Auyong and Chye-Lin Chee. Authentication services for computer
networks and electronic messaging systems. pp. 3-15.
- Liqun Chen, Dieter Gollmann, and Chris J. Mitchell. Authentication using
minimally trusted servers. pp. 16-28.
- IEEE COMPUTER, Vol. 30, No. 6 (June 1997).
X. Nick Zhang. Secure code distribution. pp. 76-79.
- Communications of the ACM, Vol. 40, No. 5 (May 1997):
Rolf Oppliger. Internet security: firewalls and beyond. pp. 92-102.
- Dr. Dobb's Journal, Vol. 22, No. 6 (June 1997):
- Tom Markham. Internet security protocol. pp. 70-75.
- Cliff Berg. Java Q&A: How do I create my own security manager? pp. 115-119.
- BYTE, Vol. 22, No. 6 (June 1997): Peter Wayner.
Who goes there? (authentication). pp. 70-80.
- IEEE Network, Vol. 11, No. 3, May/June 1997. Issue on network
and Internet security:
- Roger M. Needham. The changing environment for security protocols.
pp. 12-15.
- David Chadwick, Andrew J. Young, and Nada Kapidzic Cicovic. Merging and
extending the PGP and PEM trust models -- the ICE-TEL trust model. pp. 16-25.
- Uri Blumenthal, Nguyen C. Hien, and Bert Wijnen. Key derivation for
network management applications. pp. 26-29.
- Michael Herfert. Security enhanced mailing lists. pp. 30-33.
- Mohammad Peyravian and Thomas D. Tarman. Asynchronous Transfer Mode
security. pp. 34-41.
- Muriel Medard, Douglas Marquis, Richard A. Barry, and Steven G. Finn.
Security issues in all-optical networks. pp. 42-48.
- L. Gong, "Java Security: Present and Near Future". IEEE Micro,
17(3):14--19, May/June 1997.
- IEEE Trans. on Computers Vol. 46, Number 5 (May 1997).
- S. R. Blackburn, S. Murghy, and K.G. Paterson. Comments on "Theory and
Applications of Cellular Automata in Cryptography." pp. 637-638.
- S. Nandi and P. Pal Chaudhuri. Reply to comments on "Theory and
Application of Cellular Automata in Cryptography." pl. 639.
- Crosstalk, The Journal of Defense Software Engineering, Vol. 10,
No. 5 (May, 1997). John Mochulski. Connecting classified environments to
the Internet. pp. 9-13.
- BYTE, Vol. 22, No. 5 (May 1997): Gary McGraw and Edward Felten.
Avoiding hostile applets. pp. 89-92.
- IEEE COMPUTER, Vol. 30, No. 4 (April 1997).
- Lee Garber. Students stumble onto Internet Explorer flaw. pp. 18-20.
- D. Richard Kuhn. Source of failure in the public switched telephone
network. pp. 31-36.
- ACM SIGSAC Security Audit & Control Review, Vol. 15, No. 2
(April 1997).
- Cynthia Irvine. Report on the First ACM Workshop on Education in Computer
Security. pp. 3-5.
- Selwyn Russell. A k-th order Carmichael key scheme for shared encryption
(abstract). pp. 6-7.
- Carl Stephen Guynes, Richard G. Vedder, and Michael T. Vanecek. Security
issues on the Internet. pp. 9-12.
- Daniel Guinier. From eavesdropping to security on the cellular telephone
system GSM. pp. 13-18.
- IEEE Transactions on Software Engineering, Vol. 23, No. 4 (April 1997):
E. Jonsson and T. Olovsson.
A quantitative model of the security intrusion process based on attacker
behavior.
pp. 235-245.
- ACM SIGOPS Operating System Review, Vol. 31, No. 2 (April, 1997).
- Arne Helme and tage Stabell-Kulo. Security functions for a file
repository. pp. 3-8.
- Tage Stabell-Kulo. Security and log structured file systems. pp. 9-10.
- IEEE Transactions on Software Engineering, Vol. 23, No. 3 (March 1997):
M. Abadi.
Explicit communication revisited: two new attacks on authentication protocols.
pp. 185-186.
- Computers & Security Volume 16, Number 1 (1997). (Elsevier)
Features:
- Gerald Kovacich. Information warfare and the information system security
professional. pp. 14-24.
- Brian Boyce. Cyber Extortion -- the corporate response. pp. 25-28.
- Fred Cohen. Information system attacks: a preliminary classification
scheme. pp. 29-46.
Refereed Paper:
B.C. Soh and T. S. Dillon. System intrusion processes: a simulation model.
pp. 71-79.
- Journal of Computer Security, Vol. 4, Nos. 2,3 (Dec. 1996)
[received about 3/97]:
- S.-P. Shieh and V. D. Gligor. Detecting illicit leakage of informaion in
operating systems. pp. 123-148.
- P. Ammann, R. S. Sandhu, and R. Lipton. The expressive power of
multi-parent creation in monotonic access control models. pp. 149-166.
- D. Volpano, C. Irvine, and G. Smith. A sound type system for secure flow
analysis. pp. 167-188.
- J. McDermott and R. Mukkamala. Analytic performance comparison of
transaction processing algorithms for the SINTRA replicated-architecture
database system. pp. 189-228.
- J. Millen. Editor's preface to the Bell-LaPadula model. pp. 229-232.
- L. J. LaPadula. Foreword. pp. 233-238.
- L. J. LaPadula and D. E. Bell. MITRE Technical Report 2547, Volume II.
pp. 239-263.
- IEEE Trans. on Knowledge and Data Engineering Vol. 9 No. 2 (Mar-Apr
1997). X. Qian and T. F. Lunt. A semantic framework of the multilevel secure relational model. pp. 292-301.
- Dr. Dobb's Journal, Vol. 22, No. 4 (April 1997). Aleksandr Jurisic
and Alfred J. Menezes.Elliptic curves and cryptography. pp. 26-37.
- IEEE Trans. on Knowledge and Data Engineering Vol. 9 No. 1 (Jan-Feb
1997). E. Bertino, P. Samarati, and S. Jajodia.
An extended authorization model for relational databases. pp. 85-101.
- ACM SIGSAC Security Audit & Control Review, Vol. 15, No. 1
(January 1997).
- Gerhard Schimpf. Security management for administration and control of
corporate-wide diverse systems. ppp.4-10.
- Selwyn Russell. Multisignature algorithms for ISO 9796. pp.11-14.
- IEEE Spectrum, Vol. 34, No. 2 (February 1997). Special issue on
electronic money:
- Tekla S. Perry. Exectronic money: toward a virutal wallet. pp. 18-19.
- Edward W. Kelley, Jr. Future of electronic money: a regulator's
perspective.
- Marvin A. Sirbu. Credits and debits on the Internet. pp. 23-29.
- David Chaum and Stefan Brands. 'Minting' electronic cash. pp. 30-34.
- Peter S. Gemmell. Traceable e-cash. pp. 35-37.
- Stanley E. Morris. Crime and prevention: a Treasury viewpoint. pp. 38-39.
- Robert W. Baldwin and C. Victor Chang. Locking the e-safe. pp. 40-46.
- Carol Hovenga Fancher. In your pocket: smartcards. pp. 47-53.
- Michael C. McChesney. Banking in cyberspace: an investment in itself. pp.
54-59.
- Steven M. H. Wallman. Technology takes to securities trading.pp. 60-65.
- Alfred R. Berkeley III. Nasdaq's technology floor: its president takes
stock.
- Mike Ter Maat. The economics of e-cash. pp. 68-73.
- Howard Anderson. Money and the Internet: a strange new relationship.
pp. 74-76.
- IEEE COMPUTER, Vol. 30, No. 2 (February 1997). Andreas Pfitzmann,
Birgit Pfitzmann, Matthias Schunter, and Michael Waidner. Trusting mobile user
devices and security modules. pp. 61-68.
Internet Kiosk: Public key cryptography. pp. 101-104.
- IEEE/ACM Transactions on Networking, Vol. 4, No. 6 (Dec 1996):
S. H. Low, N.F. Maxemchuk, and S. Paul.
Anonymous Credit Cards and Their Collusion Analysis.
pp. 809-816.
- Journal of Cryptology, Vol. 10, No. 1 (Winter, 1997):
- P. de Rooij. On Schnorr's Preprocessing for Digital Signature Schemes.
pp. 1-16.
- D. Beaver, J. Feigenbaum, J. Kilian, and P. Rogaway. Locally Random
Reductions: Improvements and Applications. pp. 17-36.
- Toshiya Itoh, Yuji Ohta, and Hiroki Shizuya. A Language-Dependent
Cryptographic Primative. pp. 37-49.
- H. Dobbetin. RIPEMD with Two-Round Compress Function Is Not
Collision-Free. pp. 1-16.
- B. S. Kaliski, Jr. A Chosen Message Attack on Demytko's Elliptic
Curve Cryptosystem. pp. 17-36.
- ACM SIGOPS Operating System Review, Vol. 31, No. 1 (Jan, 1997).
- Vijay Varadharajan. Extending the schematic protection model II: revocation. pp. 64-77.
- Marie Rose Low and James A. Malcolm. A joint authorisation scheme.
pp. 88-96.
- IEEE Trans. on Computers Vol. 46, Number 1 (Jan. 1997).
S. Papadimitrious, A. Bezerianos, T. Bountis.
Secure communication with chaotic systems of difference equations. pp. 27-38.
- IEEE COMPUTER Vol. 30, No. 1, January, 1997.
- Sara Reese Hedberg. HP's international cryptography framework:
compromise or threat? pp. 28-30.
- Randall J. Atkinson. Toward a more secure internet. pp. 57-61.
- IEEE Software Vol.14, No. 1 (Jan/Feb 1997).
- Charles P. Pfleeger. The fundamentals of information security. pp.15 ff.
- Karl Dakin. What if there were no software piracy? pp. 20-21.
- Communications of the ACM, Vol. 40, No. 1 (January 1997):
- A. S. Grimshaw, Wm. A. Wulf, et. al. The Legion vision of a worldwide
virtual computer. pp. 39-45.
- Carey Nachenberg. Computer virus -- antivirus coevolution. pp. 46-51.
- Bruce Schneier. Inside Risks: cryptography, security and the future.
p. 138.
- Computers & Security Volume 15, Number 8 (1996). (Elsevier)
Refereed Papers:
- Lam For Kwok and Dennis Longley. A security officer's workbench. pp.
695-706.
- Frederick B. Cohen. A secure World-Wide-Web daemon. pp. 707-724.
- Markus Michels, David Naccache, and Holger Petersen. GOST 34.10 -- a brief
overview of Russia's DSA. pp. 725-732.
- Computers & Security Volume 15, Number 7 (1996). (Elsevier)
Refereed Papers:
- Vesselin Bontchev. Possible macro virus attacks and how to prevent them.
pp. 595-626.
- Cees Jansen and Piet van der Vlist. Message encipherment with minimal
expansion and redundancy -- doing better than ISO-10126. pp. 627-632.
- John Yesberg and Mark Anderson. Quantitative authentication and vouching.
pp. 633-646.
- Computers & Security Volume 15, Number 6 (1996). (Elsevier)
Special features:
- Bob Frank. Security issues in the virtual corporation. pp. 471-476.
- Ken Lindup. The role of information security in corporate governance. pp.
477-485.
- Gerald Kovacich. Establishing a network security programme. pp. 486-498.
- Edwin Heinlein. Year 2000 -- a real IS security issue. pp. 499-500.
- Jim Press. Object oriented cryptographic facility design: export
considerations. pp. 507-514.
Refereed papers:
- Vijay Varadharajan and Claudio Calvelli. Extending the schematic
protection model -- II. Revocation. pp. 525-536.
- Sung-Ming Yen. Cryptanalysis and repair of the multi-verifier signature
with verifier specification. pp. 537-544.
- ACM SIGSAC Security Audit & Control Review, Vol. 14, No. 4
(October 1996).
- H. Rubinovitz. Issues '95 -- Electronic commerce. pp. 2-6.
- S. Bhakhtiari, R. Gonzalez, R. Safavi-Naini, H. W. Peter Beadle. Payment
systems for hypermedia information systems. pp. 7-11.
- Joseph Arceneaux. Experiences in the art of security. pp. 12-16.
- Benjamin Wright. Signing tax returns with a digital pen. pp. 17-22.
- Dr. Dobb's Journal, Vol. 22, No. 1 (January 1997):
- A. Bosselaers, H. Dobbertin, and B. Preneel.
The RIPEMD-160 cryptographic hash function.
pp. 24-29.
- A. Johnson.
Steganography for DOS programmers.
pp. 48-51.
- Computers & Security Volume 15, Number 5 (1996). (Elsevier)
Special features:
- E. B. Heinlein. Computer security in China. pp. 369-376.
- R. T. Moulton and M. E. Moulton. Electronic communications risk
management: a checklist for business managers. pp. 377-386.
Refereed papers:
- Tzong-Chen Wu and Hung-Sung Sung. Authenticating passwords over an
insecure channel. pp. 431-440.
- Gregory White. cooperating security managers: distributed intrusion
detection systems. pp. 441-450.
- Computing Systems, Vol. 9, No. 3 (Summer 1996):
C. Calabrese.
A Tool for Building Firewall-Router Configurations.
pp. 239-253.
- Data and Knowledge Engineering, Vol. 21, No. 1 (December 1996):
S. Castano, G. Martella and P. Samarati.
Analysis, comparison and design of role-based security specifications.
pp. 31-55.
- Computer Networks and ISDN Systems, Vol. 28, No. 14 (November 1996):
S. Kolletzki.
Secure Internet banking with Privacy Enhanced Mail - A protocol
for reliable exchange of secured order forms.
pp. 1891-1899.
M. Gehrke and T. Hetschold.
Management of a public key certification infrastructure - Experiences from
the DeTeBerkom project BMSec.
pp. 1901-1914.
- Dr. Dobb's Journal, Vol. 21, No. 11 (November 1996):
M. Shoffner and M. Hughes.
Java and Web-Executable Object Security.
pp. 38-49.
- IEEE Personal Communications, Vol. 3, No. 5 (October 1996):
S. Mohan.
Privacy and Authentication Protocols for PCS.
pp. 34-38.
- IEEE Transactions on Software Engineering, Vol. 22, No. 10 (October 1996):
N. Puketza, K. Zhang, M. Chung, B. Mukherjee, and R. Olsson.
A Methodology for Testing Intrusion Detection Systems.
pp. 719-729.
- Information Processing Letters, Vol. 60, No. 1 (October 1996):
A. Jabri.
The unicity distance: An upper bound on the probability of an eavesdropper
successfully estimating the secret key.
pp. 43-47.
- Computer Communications, Vol. 19, No. 9-10 (August 1996):
- V. Varadharajan and C. Calvelli.
Key management for a secure LAN-SMDS network.
pp. 813-823.
- G. Horng and C. Yang.
Key authentication scheme for cryptosystems based on discrete logarithms.
pp. 848-850.
- T.-C. Wu, S.-L. Chou and T.-S. Wu.
Two ID-based multisignature protocols for sequential and broadcasting
architectures. pp. 851-856.
- Journal of the ACM, Vol. 43, No. 3 (May 1996):
O. Goldreich and R. Ostrovsky.
Software Protection and Simulation on Oblivious RAMs.
pp. 431-473.
- ACM SIGCOMM Computer Communication Review, Volume 26, Number 5
(October, 1996). D.P. Jabion. Strong password-only authenticated key
exchange. pp. 5-26.
- Computers & Security Volume 15, Number 2 (1996). (Elsevier)
- IEEE Trans. on Knowledge and Data Engineering Vol. 8, Number 5
(October 1996). V. Atluri, S. Jajodia, and E. Bertino. Alternative
correctness criteria for concurrent execution of transactions in multilevel secure databases. pp. 839-854.
- Journal of Computer Security, Vol. 4, No. 1 (1996)[received
11/96]:
- B. d'Ausbourg and Ch. Calas. Controlling causal dependencies over
a secure network. pp. 3-26.
- A.W. Roscoe, J.C.P. Woodcock, and L. Wulf. Non-interference through
determinism. pp. 27-54.
- U. M. Maurer and P. E. Schmid. A calculus for security bootstrapping
in distributed systems. pp. 55-80.
- A. Jiwa, T. Hardjono and J. Seberry. Beacons for authentication
in distributed systems. pp. 81-96.
- R. Hauser, P. Janson, R. Molva, G. Tsudik, and E. Van Herreweghen.
Robust and secure password and key change method. pp. 97-112.
- Computers & Security Volume 15, Number 4 (1996). (Elsevier)
Special Features:
- Rossouw von Solms. Information security management: the second
generation. pp. 281-288.
- Jacques Lemieux. Using RAD tools to develop secure client/server
applications. pp. 289-296.
- Thomas Finne. The information security chain. pp. 297-316.
Refereed papers:
- Joan Borrell and Joseph Rifa. An implementable secure voting scheme.
pp. 327-338.
-
Wen-Shenq Juang and Chin-Laung Lei. A collision-free secret ballot protocol
for computerized general elections. pp.339-348.
- High Integrity Systems, Volume 1, No. 5 (1996). John Clark
and Jeremy Jacob. Attacking Authentication Protocols. pp. 465-473.
- ACM SIGOPS Operating System Review, Vol. 30, No. 4 (Oct, 1996).
Chris J. Mitchell and Liqun Chen. Comments on the S/Key user authentication
scheme. pp. 12-16.
- IEEE Trans. on Knowledge and Data Engineering Vol. 8, Number 4
(August 1996).P. Samarati, E. Bertino, and S. Jajodia. An authorization
model for a distributed hypertext system. pp. 555-562.
- Journal of Computer Security, Vol. 3, No. 4 (1994/1995)[received
9/96]:
- S. N. Foley and J. L. Jacob. Specifying security for computer supported
collaborative working. pp. 233-254.
- L. Chen, D. Gollmann, and C. J. Mitchell. Distributing trust amongst
multiple authenication servers. pp. 255-268.
- A. Zakinthinos and E. S. Lee. The composability of non-interference. pp.
269-282.
- M. Bishop. Theft of information in the take-grant protection model. pp.
283-308.
- C. Blundo, L. A. Frota Mattos, and D. R. Stinson. Multiple key
distribution maintaining user anonymity via broadcast channels. pp. 309-322.
- ACM SIGOPS Operating System Review, Vol. 30, No. 3 (July, 1996).
- Paul F. Syverson. A new look at an old protocol. pp. 1-4.
- Vijay Varadharajan and Phillip Allen. Joint actions based authorization
schemes. pp 32-45.
- ACM SIGSAC Security Audit & Control Review, Vol. 14, No. 3
(July 1966).
- James J. Mavrikides. Security issues in a networked UNIX and MVS/VM
environment. pp. 2-8.
- C. S. Guynes, R.M. Gollady, and R. A. Huff. Database security in a
client/server environment. pp. 9-12.
- Sam Nitzberg.Emerging security issues involving the presence of microphone
and video cameras in the computing environment. pp. 13-16.
- Marie A. Wright. Silence and secrecy: a historical sketch of the NSA.
pp. 17-20.
- IEICE Transactions on Fundamentals of Electronics, Communications and
Computer Sciences, Vol. E79-A, No. 7 (July 1996):
- T. Hardjono and J. Seberry. Security Issues in Mobile Information Networks.
pp. 1021-1026.
- H. Watanabe, T. Fujiwara and T. Kasami. An Improved Method for Formal
Security Verification of Cryptographic Protocols. pp. 1089-1096.
- Designs, Codes and Cryptography, Vol. 8, No. 3 (June 1996):
J. Domingo-Ferrer. Achieving Rights Untransferability with
Client-Independent Servers. pp. 263-271.
- Information Processing Letters, Vol. 58, No. 6 (June 1996):
S. Obana and K. Kurosawa. Veto is impossible in secret sharing schemes.
pp. 293-295.
- Computer Communications, Vol. 19, No. 5 (May 1996):
M. Prabhu and S. Raghavan. Tutorial: Security in computer
networks and distributed systems. pp. 379-388.
- IEEE Trans. on Parallel and Distributed Systems, Vol. 7, No. 6
(June 1996). P. Ammann, S. Jajodia, and P. Frankl. Globally consistent event
ordering in one-directional distributed environments. pp. 665-670.
- ACM SIGSAC Security Audit & Control Review, Vol. 14, No. 2
(April 1996).
- R. Sandhu. Report on the First ACM Workshop on role-based access control.
pp. 2-4.
- Richard Graveman and Li Gong. Summary of the Third ACM Conference on
Computer and Communications Security. pp. 5-7.
- Tony Greening. Ask and ye shall receive: a study in "social engineering".
pp. 8-14.
- ACM Computing Surveys, Vol. 28, No. 1 (March 1996):
(Selected articles from the issue dedicated to Paris Kanellakis.)
- S. Jajodia. Database Security and Privacy. pp. 129-131.
- R. Sandhu and P. Samarati. Authentication, Access Control, and Audit.
pp. 241-243.
- Computers & Security Volume 15, Number 3 (1996). (Elsevier)
Special Features:
- Nigel Miller. Establishing web sites -- legal issues and risks.
pp. 198-202.
- Clive Blatchford. Internet as pornutopia? pp. 203-208.
- Paul Evans. Information protection for publishers. pp. 209-211.
- Eike Born. Enforcing legal ownership rights by an access control system.
pp. 212-220.
Refereed papers:
- Shiuh-Jen Wang and Jin-Fu Chang. Smart card based secure password
authentication scheme. pp. 231-238.
- W. g. de Ru and J. H. P. Eloff. Risk analysis modelling with the use of
fuzzy logic. pp. 239-248.
- Jing-Jang Hwang. A conventional approach to secret balloting in computer
networks. pp. 249-263.
- Computing Systems, Vol. 9, No. 2 (Spring 1996):
M. Bishop and M. Dilger.
Checking for Race Conditions in File Accesses.
pp. 131-152.
- IEEE Micro, Vol. 16, No. 3 (June 1996):
- M. Abdelguerfi, B. Kaliski, Jr., and W. Patterson.
Guest Editors' Introduction: Public-Key Security Systems.
pp. 10-13.
- D. Naccache and D. M'Raihi. Cryptographic Smart Cards.
pp. 14-24.
- C. Koc, T. Acar and B. Kaliski, Jr.
Analyzing and Comparing Montgomery Multiplication Algorithms.
pp. 26-33.
- A.iZuquete and P. Guedes.
Transparent Authentication and Confidentiality for Stream Sockets.
pp. 34-41.
- J.-F. Dhem, D. Veithen, and J.-J. Quisquater.
SCALPS: Smart Card for Limited Payment Systems.
pp. 42-51.
- Communications of the ACM, Vol. 39, No. 5 (May 1996):
R. Fagin, M. Naor and P. Winkler.
Comparing Information Without Leaking It.
pp. 77-85.
- Information Processing Letters, Vol. 58, No. 4 (May 1996):
S.-J. Hwang, C.-C. Chang and W.-P. Yang.
Authenticated encryption schemes with message linkage.
pp. 189-194.
- Computer Networks & ISDN Systems, Vol. 28, No. 7-11 (May 1996):
P.-A. Pays and F. de Comarmond.
An intermediation and payment system technology.
pp. 1197-1206.
- IEEE Communications Magazine, Vol. 34, No. 5 (May 1996):
J. Brassil, A. Choudhury, D. Kristol, A. Lapone, S. Low, N. Maxemchuk
and L. O'Gorman.
SEPTEMBER - Secure Electronic Publishing Trial.
pp. 48-55.
- The Journal of Logic Programming, Vol. 26, No. 2 (February 1996):
C. Meadows.
The NRL Protocol Analyzer: An Overview.
pp. 113-131.
- OnTheInternet Vol. 2, No. 3 (May-June 1996) (Internet Society)
- Hank Kluepfel. Inside out you turn me.pp. 18-23.
- Michael Greenwald, Sandeep K. Singhal, Jonathan R. Stone, and David R. Cheriton. Designing an academic firewall. pp. 24-33. [Based on "Designing
an academic firewall: policy, practice, and experience with SURF, same authors, Proc. 2nd Working Conf. on Reverse Engineering, IEEE, July 1996(?)].
- Dixie Baker, Steve Manning, Kraig Meyer, and Stuart Schaeffer. Addressing threats in World Wide Web technology. pp. 34-41, 46. [Based on article, same
title and authors, Proc. Computer Security Applications Conf., IEEE, Dec., 1995].
- Jonathan Littman. The fugitive game: online with Kevin Mitnick, pp. 42-45. Excerpt of book, same title.
- ACM SIGCOMM Computer Communication Review, Volume 26, Number 2
(April, 1996). W. Tuvell. Response to "Problems with DCE security services," pp. 64-73.
- Computers & Security Volume 15, Number 2 (1996). (Elsevier)
Special Features:
- Edwin B. Heinlein. Medical records security. pp. 100-113.
- Fred Cohen. A note on distributed coordinated attacks. pp.103-122.
Refereed Papers:
- Hiroyuki Matsumoto and Ikuro Oyaizu. A confidentiality system for ISDN inter-PC high-speed file transfer. pp. 141-156.
- Marcel Spruit and Maarten Looijen. IT security in Dutch practice. pp. 147-170.
- Udi Manber. A simple scheme to make passwords based on one-way functions much harder to crack. pp. 171-179.
- COMPUTER, Vol. 29, No. 6 (June 1996). Simson L. Garfinkel. Internet Kiosk: Public key cryptography. pp. 101-104.
- Communications of the ACM, Vol. 39 (1996)Number 6 (June),
Anish Bhimani. Securing the commercial Internet. pp.29-35.
- IEEE Trans. on Software Engineering Vol. 22, Number 5
(May. 1996). Special section -- Best Papers of the 1995 IEEE
Symposium on Security and Privacy.
- C. Meadows. Guest editorial: Introduction to the Special Section.
pp. 281-282.
- O. Sibert, P.A. Porras, and R. Lindell. An Analysis of the Intel 80x86 Security Architecture and Implementations. pp. 283-293.
- R. J. Anderson and S. J. Bezuidenhoudt. On the Reliability of Electronic Payment Systems. pp. 294-301.
- M. K. Franklin and M. K. Reiter. The Design and Implementation of a Secure Austion Service. pp. 302-312.
- R. Kailar. Accountability in Electronic Commerce Protocols. pp. 313-328.
- M. H. Kang, I. S. Moskowitz, and D. C. Lee. A Network Pump. pp. 329-338.
- Computers & Security Volume 15, Number 1 (1996). (Elsevier)
Special Features:
- Jon David. The new face of the virus threat. pp. 13-16.
- Mark Buckwell. The spook solution - now open for business. pp.17-26.
- Paul Smith. Achieving interoperable security services in open systems
products. pp. 27-37.
- Thierry Moreau. A probabilistic flaw in PGP design? pp.39-43.
Refereed Papers:
- J. Eloff, R. Holbein, and S. Teufel. Security classification for
documents. pp. 55-72.
- Min-Shiang Hwang, Wen-Guey Tzeng, and Wei-Pang Yang. An access control system based on the Chinese remainder theoorem and time stamp concept.
pp. 73-82.
- Computing Systems, Vol. 9, No. 1 (Winter 1996):
- F. Avolio. Guest Editorial. pp. 1-2.
- I. Winkler. The Non-Technical Threat to Computing Systems. pp. 3-14.
- A. Rubin. Independent One-Time Passwords. pp. 15-27.
- D. Davis, D. Geer and T. Ts'o. Kerberos with Clocks Adrift: History,
Protocols, and Implementation. pp. 29-46.
- L. Badger, D. Sterne, D. Sherman and K. Walker. A Domain and Type
Enforcement UNIX Prototype. pp. 47-83.
- COMPUTER, Vol. 29, No. 3 (March 1996). Erin English and Scott
Hamilton. Network security under siege: the timing attack. pp. 95-97.
- ACM SIGOPS Operating System Review, Vol. 30, No. 2 (April, 1996).
Shiuh-Pyng Shieh and Wen-Her Yang. An authentication and key distribution
system for open network systems. pp. 32-41.
- ACM SIGCOMM Computer Communication Review, Volume 26, Number 1
(January, 1996). T. Coffey and P. Saidha. Non-repudiation with mandatory
proof of receipt. pp. 6-17.
- IEEE Trans. on Knowledge and Data Engineering Vol. 8, Number 1
(Feb. 1996). Special issue on secure database systems technology.
- B. Thuraisingham and T. C. Ting. Guest editors' introduction. pp. 1-2.
- X. Qian and T. F. Lunt. A MAC policy framework for multilevel relational
databases. pp. 3-15.
- R.K. Thomas and R.S. Sandhu. A trusted subject architecture for
miltilevel secure object-oriented databases. pp. 16-31.
- K. P. Smith, B. T. Blaustein, S. Jajodia, and L. Notargiacomo.
Correctness criteria for multilevel secure transactions. pp. 32-45.
- D. G. Marks. Inference in MLS database systems. pp. 46-55.
- H. S. Delugach and T. H. Hinke. Wizard: a database inference analysis
and detection system. p. 56-66
- E. Bertino, C. Bettini, E. Ferrari and P. Samarati. A temporal access
control mechanism for database systems. pp. 67-80.
- V. Varadharajan and C. Calvelli. An access control model and its use
in representing mental health application access policy. pp. 81-95.
- Communications of the ACM, Vol. 39 (1996) Number 3, March:
Special section on how to use key escrow:
- R. Ganesan. Introduction. pp.32-33.
- D. E. Denning and D. K. Branstad. A taxonomy for key escrow encryption
systems. pp.34-40.
- S. T. Walker, S. B. Lipner, C. M. Ellison, and D. M. Balenson. Commercial
key recovery. pp. 41-47.
- D. P. Maher. Crypto backup and key escrow. pp. 48-54.
- R. Ganesan. The Yaksha security system. pp. 55-60.
- COMPUTER, Vol. 29, No. 2 (February 1996):
R. Sandhu, E. Coyne, H. Feinstein and C. Youman.
Role-Based Access Control Models. pp. 38-47.
- IEEE Communications Magazine, Vol. 34, No. 1 (January 1996):
P. Lin and L. Lin. Security in Enterprise Networking: A Quick Tour. pp. 56-61.
- Design, Codes and Cryptography, Vol. 7, No. 1/2 (January 1996):
- P. Syverson and C. Meadows. A Formal Language for Cryptographic Protocol
Requirements. pp. 27-59.
- K. Nyberg and R. Rueppel. Message Recovery for Signature Schemes Based
on the Discrete Logarithm Problem. pp. 61-81.
- Computer Communications, Vol. 18, No. 12 (December 1995):
- D. Trcek and J. Blazic. Formal language for security services base
modelling and analysis. pp. 921-928.
- C-C. Chang, S-M. Tsu and C-Y. Chen. Remote scheme for password authentication
based on theory of quadratic residues. pp. 936-942.
- T-C. Wu. Remote login authentication scheme based on a geometric approach.
pp. 959-963.
- T. Hwang, N-Y. Lee, C-H. Wang and M-Y. Ko. On the security of Wu and Yeh's
conference key distribution scheme. pp. 978-981.
- K-Y. Lam. Replay tolerance of authentication protocols. pp. 988-992.
- Y-H. Chen and T. Hwang. ID-based non-interactive zero-knowledge proof
system based on one-out-of-two non-interactive oblivious transfer.
pp. 993-996.
- The Computer Journal, Vol. 38, No. 8:
M. Reiter and L. Gong. Securing Causal Relationships in Distributed Systems.
pp. 633-642.
- ACM SIGSAC Security Audit & Control Review, Vol. 14, No. 1
(January 1996).
- Report from New Security Paradigms Workshop. pp.2-3.
- V. K. Murthy. Probabilistic Quorum Protocols for Biometrical User Authentication in OLTP. pp. 5-10.
- IEEE Transactions on Software Engineering, Vol. 22, No. 1
(January 1996), Special Section -- Best Papers of the IEEE Symposium on
Security and Privacy 1994:
- J. McHugh. Guest Editorial: Introduction to the special section. pp. 3-5.
- M. Abadi and R. Needham. Prudent engineering practice for cryptographic
protocols. pp. 6-15.
- N. Heintze and J. D. Tygar. A model for secure protocols and their
compositions. pp.16-30.
- M. K. Reiter. A secure group membership protocol. pp. 31-42.
- L. Gong and X. Qian. Computational issues in secure interoperation. pp.43-52.
- J. McLean. A general theory of composition for a class of "possibilistic"
properties. pp. 53-67.
- IEEE Transactions on Computers, Vol. 45, No. 1 (January 1996):
J. Dj. Golic. Linear models for keystream generators. pp. 41-49.
- Distributed Computing, Vol. 9, No. 3 (1995):
L. Gong. Efficient network authentication protocols: lower bounds and optimal
implementations. pp. 131-145.
- Scientific American, Vol. 273, No. 6 (December 1995):
T. Beth. Confidential communication on the Internet. pp. 270-273.
- Information Processing Letters, Vol. 57, No. 1 (January 1996):
W-B. Lee and C-C. Chang. Integrating authentication in public key
distribution system. pp. 49-52.
- Computers & Security Volume 14, Number 8 (1995). (Elsevier)
Refereed Papers:
- Love Ekenberg, Subhash Oberoi, and Istvan Orci. A cost model for managing
information security hazards. pp. 707-718.
- Marshall Abrams and Marvin Zelkowitz. Striving for correctness. pp.
719-738.
- Computers & Security Volume 14, Number 7 (1995). (Elsevier)
Refereed Papers:
- B.C. Soh and T. S. Dillon. Setting optimal intrusion-detecton thresholds.
pp. 621-632.
- W. Fred de Koning. A methodology for the design of security plans. pp.
633-644.
- James Backhouse and Gurpreet Dhillon. Corporate computer crime management:
a research perspective. pp. 645-652.
- IEEE Spectrum, Vol. 32, No. 12 (December 1995).
J. Adam. The privacy problem. pp. 46-52.
- Information Processing Letters, Vol. 56, No. 5 (December 1995):
A.M. Youssef and S.E. Tavares. Resistance of balanced s-boxes
to linear and differential cryptanalysis. pp. 249-252.
- IEEE Personal Communications, Vol. 2, No. 5 (October 1995):
D. Chess, B. Grosof, C. Harrison, D. Levine, C. Parris and G. Tsudik.
Itinerant Agents for Mobile Computing. pp. 34-49.
- ACM SIGAPP Applied Computing Review, Vol. 3, No. 1 (Summer 1995).
Special Issue on Security, B. Unger, Guest Editor:
- C. Angaye. Security in a Networked Environment. pp. 2-5.
- R. Li and E. Unger. Security Issues with TCP/IP. pp. 6-13.
- S. Hansen. Hybrid Inferential Security Methods for Statistical Databases.
pp. 14-18.
- Dr. Dobb's Journal, Vol. 21 No. 1 (Jan. 1996).
- T. J. Pope. Password files. pp.72-77.
- B. Schneier. Differential and linear cryptanalysis. pp. 42-49.
- I. Goldberg and D. Wagner. Randomness and the Netscape browser. pp. 58-65.
- Computers & Security Volume 14, Number 6 (1995). (Elsevier)
Special Features:
- Claude Oliver. Privacy anonymity and accountability. pp. 489-490.
- Alan Krull. Controls in the next millennium: anticipating the
IT-enabled future. pp.491-495.
- Jim Reid. Open systems security: traps and pitfalls. pp. 496-517.
Refereed Papers:
- F. Stoll. The need for decentralization and privacy in mobile
communications networks. p. 527-540.
- Raymond Lo, Karl Levitt, and Ronald Olsson. MCF: a malicious code filter. p. 541-566.
- OnTheInternet Vol. 1, No. 5 (Nov-Dec 1995) (Internet Society)
- Peter Harter. Netlaw: security standards and snowballing. pp.10-11.
- ACM SIGCOMM Computer Communication Review, Volume 25, Number 5
(October, 1995).
- G. White and U. Pooch. Problems with DCE security services. pp.5-12.
- Wireless Networks, Vol. 1 No. 3 (Oct. 1995). (Baltzer Science Pub.)
- L. Gong and N. Schacham. Multicast security and its extension to a mobile
environment. pp. 281-296.
- D. A. Cooper and K. P. Birman. The design and implementation of a private
message service for mobile computers. pp. 297-310.
- ;login: (The USENIX association newsletter), Vol. 20, No. 6
(December 1995):
P. Honeyman. Digest of the USENIX Workshop on Electronic Commerce. pp. 6-19.
- Information Processing Letters, Vol. 56, No. 3 (November 1995):
- G. Lowe. An attack on the Needham-Schroeder public-key authentication protocol. pp. 131-133.
- J. Clark and J. Jacob. On the security of recent protocols. pp. 151-155.
- Computers & Security Volume 14, Number 5 (1995). (Elsevier)
Refereed Papers:
- A. Doumas, K. Mavroudakis, D. Gritzalis, and S. Katsikas.
Design of a neural network for recognition and classification of computer
viruses. p. 435-448.
- Muninder Kailay and Peter Jarratt. RAMeX: a prototype expert system for
computer security risk analysis and management. p. 449-464.
- Thomas Hardjono and Jennifer Seberry. Aplications of smartcards for
anonymous and verifiable databases. p. 465-472.
- IEEE Journal on Selected Areas in Communications, Vol. 13, No. 8
(October 1995).
Issue on "The Global Internet", J. Crowcroft, D. Estrin, H. Schulzrinne,
and M. Schwartz, Guest editors [URL: http://www.research.att.com/jsac]
- J. Crowcroft, D. Estrin, H. Schulzrinne, and M. Schwartz.
Guest Editorial - The Global Internet. pp. 1366-1370.
- J.T. Brassil, S. Low, N.F. Maxemchuk and L. O'Gorman. Electronic Marking
and Identification Techniques to Discourage Document Copying. pp. 1495-1504.
- B.C. Neuman. Security, Payment, and Privacy for Network Commerce.
pp. 1523-1531. (Invited paper)
- Information Processing Letters, Vol. 56, No. 2 (October 1995):
T.W. Cusick. Cryptanalysis of a public key system based on Diophantine
equations. pp. 73-75.
- BYTE, Vol. 20, No. 10 (October 1995):
P. Wayner. Picking the Crypto Locks. pp. 77-80.
- IEEE Transactions on Computers, Vol. 44, No. 9 (September 1995):
L. O'Connor. A Differential Cryptanalysis of Tree-Structured
Substitution-Permutation Networks. pp. 1150-1152.
- Dr. Dobb's Journal, Vol. 20, No. 9 (September 1995):
B. Schneier. The Blowfish Encryption Algorithm: One Year Later.
pp. 137-138.
- Computers & Security Volume 14, Number 4 (1995). (Elsevier)
Refereed Papers:
- Simon Wiseman. Classification services in the SWORD secure DBMS.
pp. 207-322.
- Greg O'Shea. Redundant access rights. pp. 323-348.
- Simon Shepherd. A high speed software implementation of the Data
Encryption Standard. pp. 349-357.
- OnTheInternet Vol. 1, No. 4 (Sept-Oct 1995) (Internet Society)
- It's an enigma: MCNC demonstrates security systems for data
superhighways. pp. 6-9.
- Jeff Schiller. Cryptography. pp. 16-19
- John Gage, Reggie Best, Vint Cerf, Rose Ann Giordano, Tim Berners-Lee,
John Patrick, Tsutomu Shimomura. Network security: Do you know who's
breaking in right now?.(panel session from INET '95). pp. 21-27.
- ACM SIGSAC Security Audit & Control Review, Vol. 13, No. 4
(October 1995).
- Diane Levine. Report in ISSA New York Chapter Conference. pp.4-6.
- Simon Foley. Report on Computer Security Foundations Workshop. pp. 7-9.
- Allan Mills, Tom Richards, and Leon Kappelman. Audit commission fifth
triannual survey. pp. 10-13.
- IEEE Trans. on Knowledge and Data Engineering Vol. 7, Number 5
(Oct. 1995):
L. Gong. and X. Qian. Enriching the expressive power of security labels.
(correspondence). pp. 839-841.
- ACM SIGOPS Operating System Review, Vol. 29, No. 4 (October, 1995)
- Yun Ding and Patrick Horster. Undetectable on-line password guessing
attacks. pp. 77-86.
- Ping Hu and Bruce Christianson. Is you computing environment secure?
Security problems with interrupt handling mechanisms.
- IEEE Trans. on Computers Vol. 44, Number 9 (Sept. 1995).
H. M. Heys, S. E. Tavares. Avalanche characteristics of
substitution-permutation encryption networks. pp. 1131-1139.
- High Integrity Systems, Vol. 1 , Number 3 (1995). Security-related
papers:
- J. G. Williams and L. J. LaPadula. Modelling external consistency of
automated systems. pp. 249-268.
- J. M. Voas, C. C. Michael and K. W. Miller. Confidently assessing a zero
probability of software failure. pp. 269-276.
- W. J. Cullyer and W. J. Scales. Irregularities in the behaviour of the
68020 processor. pp. 301-312.
- L. Rowland and J. A. Clark. Commentary: automated intrusion detection:
theory and practice. pp. 313-322.
- SIGSAC Security Audit & Control Review Volume 13, Number 3 (July
1995)[special issue Issues 94 Workshop on Public Key Cryptography]:
- Harvey H. Rubinovitz. Issues 94 - public key - trials and tribulations.
pp. 2-4.
- Diane E. Coe and Frank J. Smith. Developing and deploying a corporate-wide
digital signature capability. pp.5-8.
- Warwick Ford. Advances in public-key certificates. pp.9-15.
- SIGSAC Security Audit & Control Review Volume 13, Number 2 (April
1995). C. S. Guynes and R. G. Thorn. Network security in a client/server
environment. pp. 7-12.
- Computers & Security Volume 14, Number 3 (1995). (Elsevier)
Refereed Papers:
- Frank Deane, Kate Barrelle, Ron Henderson and Doug Mahar.
Perceived acceptability of biometric security systems. pp.225-232.
- Matt Bishop and Daniel Klein. Improving system security via proactive
password checking. pp. 233-250.
- H. Booysem and J. Eloff. Classification of objects for improved
access control. pp.251-266.
- Information Processing Letters, Vol. 55, No. 3 (August 1995).
L. Gong. Collisionful keyed hash functions with selectable collisions,
pp. 167-170.
- Information Processing Letters, Vol. 55, No. 1 (July 1995).
H-Y. Lin and L. Harn. Fair reconstruction of a secret. pp. 45-47.
- IEEE Transactions on Computers, Vol. 44, No. 7 (July 1995).
S-M. Yen and C-S. Laih. Improved Digital Signature Suitable for Batch
Verification. pp. 957-959.
- MIT Technology Review, Vol. 98, No. 5 (July 1995).
Dorothy Denning. Resolving the encryption dilemma: The case for the
clipper chip. pp. 48-55.
- IEEE Journal on Selected Areas in Communications, Vol. 13, No. 5,
June 1995. A. Myles, D. B. Johnson, and C. Perkins. A mobile host protocol
supporting route optimization and authentication.pp. 839-849.
- Proceedings of the IEEE, Vol. 83, No. 6, June 1995. B. M. Macq
and J.-J. Quisquater. Cryptology for digital TV broadcasting. (Invited
Paper). pp. 944-957.
- IEEE Network, Vol. 9, No. 3, May/June 1995. A. K. Choudhury, N. F.
Maxemchuk, S. Paul, and H. G. Schulzrinne. Copyright protection for
electronic publishing Over computer networks. pp. 12-20.
- BYTE, Vol. 20, No. 6, June 1995. A. Singleton. Cash on the
wirehead. pp. 71-78.
- Computer Communications Volume 18, Number 6, (June 1995). A. D.
Rubin. Secure distribution of electronic documents in a hostile
environment. pp. 429-434.
- Computers & Security Volume 14, Number 2 (1995). (Elsevier) Refereed
Papers:
- Tzong-Chen Wu and Wei-Hua He. A geometric approach for sharing secrets.
pp.135-146.
- Marshall D. Abrams and Jonathan D. Moffett. A higher level of computer
security through active policies.
pp.147-158.
- Hui-Min Tsai and Chin-Chen Chang. A cryptographic implementation for dynamic access control in a user hierarchy. pp. pp.159-166.
- John Cleary, Sean Irvine, and Ingrid Rinsma-Mechert. On the insecurity of arithmetic coding. pp.167-180.
- ACM SIGOPS Operating System Review, Vol. 29, No. 3 (July, 1995):
- J. Alves-Foss and S. Barbosa. Assessing computer security vulnerability.
pp. 3-13.
- I-L. Kao and R. Chow. An efficient and secure authentication protocol
using uncertified keys. pp. 14-21.
- M. Steiner, G. Tsudik, and M. Waidner. Refinement and extension of
encrypted key exchange. pp. 22-30.
- IEEE Trans. on Knowledge and Data Engineering, Vol. 7, No. 3 (June
1995):
P. A. Bonatti, S. Kraus, and V. S. Subrahmanian. Foundations of secure
deductive databases. pp. 406-422.
- IEEE Trans. on Communications, Vol. 43, No. 5 (May 1995):
T. Hwang and W.-C. Ku. Repairable key distribution protocols for
Internet environments. pp. 1947-1949 (thanks to Anish Mathuria for this entry).
- Journal of Computer Security, Vol. 3, No. 1 (1994/1995)[received
5/95]:
- R. Focardi and R. Gorrieri. A classification of security properties for
process algebras. pp. 5-34.
- J. K. Millen. Unwinding forward correctability. pp. 35-54.
- W. R. Bevier and W. D. Young. A state-based approach to noninterference.
pp. 55-70.
- G. J. Simmons and C. Meadows. The role of trust in information integrity
protocols. p. 71-84.
- Computer Networks and ISDN Systems, Vol. 27, No. 6, April 1995:
- T. Norderhaug and J.M. Oberding. Designing a web of intellectual property.
pp. 1037-1046.
- S. Anderson and R. Garvin. Sessioneer: flexible session level authentication with off the shelf servers and clients. pp. 1047-1053.
- J. Kahan. A capability-based authorization model for the World-Wide Web.
pp. 1055-1064.
- IEEE Trans. on Knowledge and Data Engineering, Vol. 7, No. 2 (April
1995):
B. Thuraisingham and W. Ford. Security constraint processing in a multilevel
secure distributed database management system. pp.274-293.
- Computers & Security Volume 14, Number 1 (1995). (Elsevier) Refereed
Papers:
- Marshall D. Abrams and Michael V. Joyce. Trusted system concepts.
pp.45-56.
- Marshall D. Abrams and Michael V. Joyce. Trusted computing update.
pp.57-68.
- Marshall D. Abrams and Michael V. Joyce. New thinking about
information technology security. pp.69-82.
- Journal of Computer Security, Vol. 2, No. 4 (1993)[received
3/22/95]:
- J.D. Horton, R.H. Cooper, W.F. Hyslop, B.G. Nickerson, O.K. Ward, R. Harland,
E. Ashby, and W.M. Stewart. The cascade vulnerability problem. pp.279-290.
- J.T. Trostle. Modelling a fuzzy time system. pp. 291-309.
- V. Atluri, E. Bertino, and S. Jajodia. Achieving stricter correctness
requirements in multilevel secure database management systems. pp.311-351.
- IEEE Trans. on Software Engineering, Vol. 21, No. 3 (Mar 1995):
K. Ilgun, R.A. Kemmerer, and P.A. Porras. State transition analysis:
a rule-based intrusion detection approach. pp.181-199.
-
Information Processing Letters, Volume 53, Number 2, February 1995
(thanks to Anish Mathuria for this entry):
- Chae Hoon Lim, Pil Joong Lee.
Several practical protocols for authentication and key exchange.
pp. 91-96.
- Tzonelih Hwang, Yung-Hsiang Chen.
On the security of SPLICE/AS - The authentication system in WIDE Internet.
pp. 97-101.
- Tzonelih Hwang, Narn-Hih Lee, Chuan-Ming Li, Ming-Yung Ko, Yung-Hsiang Chen.
Two attacks on Neuman-Stubblebine authentication protocols.
pp. 103-107.
- ACM Trans. on Database Systems, Vol. 19, No. 4 (Dec 1994).
M. Winslett, K. Smith, and X. Qian. Formal query languqages for secure relational
databases. pp.626-663.
- ACM Trans. on Computer Systems, Vol. 12, No. 4 (Nov 1994).
M. K. Reiter, K. P. Birman, and R. van Renesse. A security architecture
for fault-tolerant systems. pp.340-371.
- ACM Trans. on Computer Systems, Vol. 12, No. 4 (Nov 1994).
J. S. Chase, H. M. Levy, M. J. Feeley, and E. D. Lazowska. Sharing
and protection in a single-address-space operating system. pp.271-307.
- Journal of the ACM, Vol. 41, No. 6 (Nov 1994): T. Rabin. Robust
sharing of secrets when the dealer is honest or cheating. pp.1089-1109.
- IEEE Trans. on Computers, Vol. 44, No. 1 (Jan 1995): C.H. Lin,
C.C. Chang, and R.C.T. Lee. A new public-key cipher system based upon the
Diophantine equations. pp.13-19.
- Communications of the ACM, Vol. 38 (1995) Number 2, February:
Daniel Stevenson, Nathan Hillery, and Greg Byrd. Secure communications
in ATM networks. pp.45-53.
- SIGSAC Security Audit & Control Review Volume 13, Number 1 (January
1995):
- D. Sidwell and T. Ehrsam. CMW information labels: a DBMS perspective. pp.2-6.
- J. Adams and D. Luther. The evolution of MaxSix trusted networking. pp. 7-11.
- Scott Scudamore. MultiSIX: How it improves interoperability in a multi-vendor
network. pp. 12-16.
- IEEE COMPUTER Vol. 28, No. 1, January, 1995, Mark Lomas and
Bruce Christianson. To whom am I speaking? Remote booting in a hostile world.
pp.50-54.
- Computers & Security Volume 13, Number 8 (1994). (Elsevier) Refereed
Papers:
- Imtiaz Mohammed and David M. Dilts. Design for dynamic user-role-based
security. pp.661-672.
- S.H. von Solms and Isak van der Merwe. The management of computer security
profiles using a role-oriented approach. pp.673-680.
- Chin-Chen Chang, Jao-Ji Shen and Tzong-Chen Wu. Access control with binary
keys. pp.681-686.
- H. Gustafson, E. Dawson, L. Nielsen, and W. Caelli. A computer package for
measuring the strength of encryption algorithms. pp.687-698.
- Computers & Security Volume 13, Number 7 (1994). (Elsevier) Refereed
Papers:
- Thomas Hardjono, Yuliang Zheng and Jennifer Seberry. Database authentication
revisited. pp.573-580.
- Chi-Sung Laih, Wen-Hong Chiou and C.C. Chang. Authentication and protection
of public keys. pp.581-586.
- Jeffrey Picciotto and Richard D. Graubart. Extended labeling policies for
enhanced application support. pp. 587-601.
- Jorng-Twu Liaw. A dynamic cryptographic key generation and information
broadcasting scheme in information systems. pp.601-610.
- Mark H. Looi and William J. Caelli. A note on supplying a trusted clock
via a secure device. pp.611-614.
- Advances in Computers, Vol. 38, Guenther Pernul. Database security.
Academic Press, 1994, ISBN 0-12-012138-7, pp.1-72.
- ACM Computing Surveys, Vol. 26, No. 3 (Sept. 1994),
Carl E. Landwehr, Alan R. Bull, John P. McDermott, William S. Choi.
A taxonomy of computer program security flaws. pp.211-254.
- Scientific American, Vol. 271, No. 5 (Nov. 1994),
Jeffrey I. Schiller. Secure distributed computing. pp. 54-58.
- IEEE Communications Magazine, Sept. 1994. Issue on "Securing
the Information Superhighway", Ravi Ganesan, Guest Editor:
- Ravi Ganesan. Guest editorial: Security the information superhighway.
pp.28-30.
- B. Clifford Neuman and Theordore Ts'o. Kerberos: an authentication
service for computer networks. pp.33-39.
- Ravi S. Sandhu and Pierangela Samarati. Access control: principles and
practice. pp.40-48.
- Steven M. Bellovin and Williarm R. Cheswick. Network firewalls. pp.50-57.
- Dorothy E. Denning and Miles Smid. Key escrowing today. pp.58-69.
- Patrick W. Brown. Digital signatures: are they legal for electronic
commerce? pp.76-81.
- Henry M. Kluepfel. Securing a global village and its resources. pp.82-89.
- Communications of the ACM, Vol. 37 (1994)
- Number 11, November
- Ravi Ganesan and Ravi Sandhu. Securing cyberspace. (Guest editors'
introduction), pp.28-31.
- Ross J. Anderson. Why cryptosystems fail. pp.32-41.
- Roger M. Needham. Denial of service: an example. pp.42-47.
- Ralf C. Hauser. Does licensing require new access control techniques? pp.
48-55.
- Gustavus J. Simmons. Cryptanalysis and protocol failures. pp.56-65.
- Paul C. Clark and Lance J. Hoffman. BITS: a smartcard protected operating
system. pp.66-70.
- Number 9, September
- George W. Hart. To decode short cryptograms. pp. 102.
- Lance J. Hoffman, Faraz A. Ali, Steven L. Heckler, and Ann Huybrechts.
Cryptography policy. pp. 109.
- Peter G. Neumann. Inside RISKS: expectations of security and privacy.
p. 138.
- Number 8, August
- Katherine Fithen and Barbara Fraser. CERT incident response and the
Internet. pp. 108-113.
- Susan Landau, Stephen Kent, Clint Brooks, Scott Charney, Dorothy Denning,
Whitfield Diffie, Anthony Lauck, Douglas Miller, Peter G. Neumann, and David
Sobel.
Crypto policy perspectives. pp. 115-121.
- ACM SIGCOMM Computer Communication Review, Volume 24, Number 3
(July, 1994).
- D.F. Hadj Sadok and Judith Kelner. Privacy enhanced mail design and
implementation perspectives. pp.38-46.
- AT&T Technical Journal, Volume 72, Number 5, September/October 1994.
- Thomas A. Brooks and Michael M. Kaplan. Security Technologies. pp.4-8.
- David P. Maher. Trust in the new information age. pp. 9-16.
- Andrew M. Odlyzko. Public key cryptography. pp.17-23.
- Karl A. Siil. An introduction to cryptanalysis. pp.24-29.
- Matt Blaze, Jack Lacy, Thomas London, and Mike Reiter. Issues and
mechanisms for trustworthy systems: creating transparent mistrust. pp. 30-39.
- Edward Amoroso, W.E. Kleppinger, and David Majette. An engineering
approach to secure system analysis, design, and integration. pp. 40-51.
- Ronald L. Sharp, Steven R. Eisen, W.E. Kleppinger, and Mark E. Smith.
Network security in a heterogeneous environment. pp.52-60.
- Stephan A. Sherman, Richard Skibo, and Richard S. Murray. Secure network
access using multiple applications of AT&T's smart card. pp. 61-72.
- Nicholas F. Maxemchuk. Electronic document distribution. pp.73ff.
- Computing Systems Volume 7, Number 1 (Winter 1994) Matt Bishop, Guest
Editor.
- Matt A. Bishop, Guest Editorial p. v
- Willis H. Ware, Policy Considerations for Data Networks, p. 1.
- Raphael Yahalom, Birgit Klein, Thomas Beth.
Trust-Based Navigation in Distributed Systems. p. 45
- Marjan Krajewski, Jr., John C. Chipehak, David A. Chodorow, Jonathon T.
Trostle. Applicability of Smart Cards to Network User Authentication. p. 75.
- Allan Heydon, J.D. Tygar. Specifying and Checking UNIX Security
Constraints. p. 91.
- Leonard J. LaPadula. A Rule-Set Approach to Formal Modeling of a
Trusted Computer System. p. 113.
- Computers & Security Volume 13, Number 6. (Elsevier) Refereed
Papers:
- Michel Denault, Dimitris Gritzalis, Dimitris Karagiannis and Paul
Spirakis. Intrusion detection: approach and performance issues of the
SECURENET system. pp. 495-507.
- Bhavani Thuraisingham. Security issues for federated database systems.
pp. 509-526.
- Peter Ladkin and Harold Thimbleby. Comments on a paper by Voas, Payne
and Cohen: `A model for detecting the existence of software corruption
in real time'. pp. 527-531.
- Computers & Security Volume 13, Number 5. (Elsevier) Refereed
Papers:
- Karin Badenhorst and Jan Eloff. TOPM: a formal approach to the
optimization of information technology risk management. pp. 411-436.
- Eike Born and Helmut Steigler. Discretionary access control by means of
usage conditions. pp. 437-450.
- Computers & Security Volume 13, Number 4. (Elsevier) Refereed
Papers:
- E.E.O. Roos Lindgreen and I.S. Herschberg. On the validity of the
Bell-LaPadula model. pp. 317-334.
- D. Longley and S. Vasudevan. Effect of key generators on the automatic
search for flaws in key management schemes. pp.335-348.
- D.N.J. Mostert and S.H. von Solms. A methodology to include computer
security, safety and resilience requriements as part of the user requirement.
pp. 349-364.