发布求助
文献互助 智能选刊 最新文献

Proceedings of Internet Society Symposium on Network and Distributed Systems Security最新文献

筛选
英文 中文
Parallelized network security protocols 并行网络安全协议
Proceedings of Internet Society Symposium on Network and Distributed Systems Security Pub Date : 1996-02-22 DOI: 10.1109/NDSS.1996.492421
E. Nahum, D. Yates, S. O'Malley, H. Orman, R. Schroeppel
{"title":"Parallelized network security protocols","authors":"E. Nahum, D. Yates, S. O'Malley, H. Orman, R. Schroeppel","doi":"10.1109/NDSS.1996.492421","DOIUrl":"https://doi.org/10.1109/NDSS.1996.492421","url":null,"abstract":"Security and privacy are growing concerns in the Internet community, due to the Internet's rapid growth and the desire to conduct business over it safely. This desire has led to the advent of several proposals for security standards, such as secure IP, secure HTTP, and the Secure Socket Layer. All of these standards propose using cryptographic protocols such as DES and RSA. Thus, the need to use encryption protocols is increasing. Shared-memory multiprocessors make attractive server platforms, for example as secure World-Wide Web servers. These machines are becoming more common, as shown by recent vendor introductions of platforms such as SGI's Challenge, Sun's SPARCCenter, and DEC's AlphaServer. The spread of these machines is due both to their relative ease of programming and their good price/performance. This paper is an experimental performance study that examines how encryption protocol performance can be improved by using parallelism. We show linear speedup for several different Internet-based cryptographic protocol stack running on a symmetric shared-memory multiprocessor using two different approaches to parallelism.","PeriodicalId":104846,"journal":{"name":"Proceedings of Internet Society Symposium on Network and Distributed Systems Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1996-02-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129245307","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 19
SKEME: a versatile secure key exchange mechanism for Internet SKEME:一种用于Internet的通用安全密钥交换机制
Proceedings of Internet Society Symposium on Network and Distributed Systems Security Pub Date : 1996-02-22 DOI: 10.1109/NDSS.1996.492418
H. Krawczyk
{"title":"SKEME: a versatile secure key exchange mechanism for Internet","authors":"H. Krawczyk","doi":"10.1109/NDSS.1996.492418","DOIUrl":"https://doi.org/10.1109/NDSS.1996.492418","url":null,"abstract":"A secure and versatile key exchange protocol for key management over Internet is presented. SKEME constitutes a compact protocol that supports a variety of realistic scenarios and security models over Internet. It provides clear tradeoffs between security and performance as required by the different scenarios without incurring in unnecessary system complexity. The protocol supports key exchange based on public key, key distribution centers, or manual installation, and provides for fast and secure key refreshment. In addition, SKEME selectively provides perfect forward secrecy, allows for replaceability and negotiation of the underlying cryptographic primitives, and addresses privacy issues as anonymity and repudiatability.","PeriodicalId":104846,"journal":{"name":"Proceedings of Internet Society Symposium on Network and Distributed Systems Security","volume":"12 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1996-02-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134378530","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 254
Designing an academic firewall: policy, practice, and experience with SURF 设计一个学术防火墙:SURF的政策、实践和经验
Proceedings of Internet Society Symposium on Network and Distributed Systems Security Pub Date : 1996-02-22 DOI: 10.1109/NDSS.1996.492415
M. Greenwald, S. Singhal, Jonathan Stone, D. Cheriton
{"title":"Designing an academic firewall: policy, practice, and experience with SURF","authors":"M. Greenwald, S. Singhal, Jonathan Stone, D. Cheriton","doi":"10.1109/NDSS.1996.492415","DOIUrl":"https://doi.org/10.1109/NDSS.1996.492415","url":null,"abstract":"Corporate network firewalls are well-understood and are becoming commonplace. These firewalls establish a security perimeter that aims to block (or heavily restrict) both incoming and outgoing network communication. We argue that these firewalls are neither effective nor appropriate for academic or corporate research environments needing to maintain information security while still supporting the free exchange of ideas. In this paper we present the Stanford University Research Firewall (SURF), a network firewall design that is suitable for a research environment. While still protecting information and computing resources behind the firewall, this firewall is less restrictive of outward information flow than the traditional model; can be easily deployed; and can give internal users the illusion of unrestricted e-mail, anonymous FTP, and WWW connectivity to the greater Internet. Our experience demonstrates that an adequate firewall for a research environment can be constructed for minimal cost using off-the-shelf software and hardware components.","PeriodicalId":104846,"journal":{"name":"Proceedings of Internet Society Symposium on Network and Distributed Systems Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1996-02-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131100003","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 31
A case study of secure ATM switch booting 安全ATM交换机启动的案例研究
Proceedings of Internet Society Symposium on Network and Distributed Systems Security Pub Date : 1996-02-22 DOI: 10.1109/NDSS.1996.492417
Shaw-Cheng Chuang, M. Roe
{"title":"A case study of secure ATM switch booting","authors":"Shaw-Cheng Chuang, M. Roe","doi":"10.1109/NDSS.1996.492417","DOIUrl":"https://doi.org/10.1109/NDSS.1996.492417","url":null,"abstract":"This paper examines a few techniques for booting Asynchronous Transfer Mode (ATM) switches securely over an insecure network. Each of these techniques assume a different trust model. This work is being carried out in the context of the Fairisle ATM switch environment. In this environment we are envisaging an open multi-service network where ATM switches are booted with third party software, possibly using a third party booting service. Hence we are faced with an increased security threat, compared with a closed network environment, in ensuring that the switch has been booted with authorised and authenticated boot code. In this paper, we examines these threats and presents three schemes of countering the threats.","PeriodicalId":104846,"journal":{"name":"Proceedings of Internet Society Symposium on Network and Distributed Systems Security","volume":"170 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1996-02-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116528782","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
An integration of PGP and MIME PGP和MIME的集成
Proceedings of Internet Society Symposium on Network and Distributed Systems Security Pub Date : 1996-02-22 DOI: 10.1109/NDSS.1996.492351
Kazuhiko Yamamoto
{"title":"An integration of PGP and MIME","authors":"Kazuhiko Yamamoto","doi":"10.1109/NDSS.1996.492351","DOIUrl":"https://doi.org/10.1109/NDSS.1996.492351","url":null,"abstract":"Internet text mail has been developing to satisfy various user requests, such as transporting non-textual objects and privacy enhancements. While MIME redefined the mail body format to support non-textual objects and multipart structure, PGP provides encryption and digital signature features for text mail. MIME however does not provide privacy services whereas non-textual objects cannot be exchanged with PGP. It is of recent interest to integrate PGP and MIME so that users can make use of these two services at the same time. This paper describes an integration of PGP and MIME. Our scheme embeds PGP objects into MIME and maintains backward compatibility with PGP. It is possible to encrypt, sign, and sign-then-encrypt non-textual objects, single-parts in a multi-part, an entire multipart, etc. We also explain our viewing and composing mechanisms that allow users to handle PGP/MIME messages intuitively without format restrictions.","PeriodicalId":104846,"journal":{"name":"Proceedings of Internet Society Symposium on Network and Distributed Systems Security","volume":"61 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1996-02-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126238046","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
C-HTTP-the development of a secure, closed HTTP-based network on the Internet c - http——在Internet上开发一个安全的、封闭的基于http的网络
Proceedings of Internet Society Symposium on Network and Distributed Systems Security Pub Date : 1996-02-22 DOI: 10.1109/NDSS.1996.492414
T. Kiuchi, S. Kaihara
{"title":"C-HTTP-the development of a secure, closed HTTP-based network on the Internet","authors":"T. Kiuchi, S. Kaihara","doi":"10.1109/NDSS.1996.492414","DOIUrl":"https://doi.org/10.1109/NDSS.1996.492414","url":null,"abstract":"We have designed \"C-HTTP\" which provides secure HTTP communication mechanisms within a closed group of institutions on the Internet, where each member is protected by its own firewall. C-HTTP-based communications are made possible by the following three components: a client-side proxy, a sewer-side proxy and a C-HTTP name server. A client-side proxy and server-side proxy communicate with each other using a secure, encrypted protocol while communications between a user agent and client-side proxy or an origin sewer and sewer-side proxy are performed using current HTTP/1.0. In a C-HTTP-based network, instead of DNS, a C-HTTP-based secure, encrypted name and certification service is used. The aim of C-HTTP is to assure institutional level security and is different in scope from other secure HTTP protocols currently proposed which are oriented toward secure end-to-end HTTP communications in which security protection is dependent on each end-user.","PeriodicalId":104846,"journal":{"name":"Proceedings of Internet Society Symposium on Network and Distributed Systems Security","volume":"33 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1996-02-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115409001","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
IDUP and SPKM: developing public-key-based APIs and mechanisms for communication security services IDUP和SPKM:为通信安全服务开发基于公钥的api和机制
Proceedings of Internet Society Symposium on Network and Distributed Systems Security Pub Date : 1996-02-22 DOI: 10.1109/NDSS.1996.492419
C. Adams
{"title":"IDUP and SPKM: developing public-key-based APIs and mechanisms for communication security services","authors":"C. Adams","doi":"10.1109/NDSS.1996.492419","DOIUrl":"https://doi.org/10.1109/NDSS.1996.492419","url":null,"abstract":"In this paper we discuss progress in the development of application program interfaces (APIs) and mechanisms which provide a comprehensive set of security services to application developers. The APIs, though similar, are designed for distinct environments: the session API (\"GSS\") is aimed at the on-line real-time messaging environment; the store-and-forward API (\"IDUP\") is particularly suited to electronic-mail types of environments (where messages are secured independently of any an-line communication with intended recipients of those messages). Both APIs are designed to be easy to use, yet with appropriate public-key-based mechanisms (such as SPKM and PIM) include many necessary services for communication security, such as data origin authentication, data confidentiality, data integrity, and support for non-repudiation. A full key management and certification infrastructure can be provided by implementations of these APIs/mechanisms in a way which is completely transparent to the calling application thus ensuring maximum flexibility and scalability to future environments.","PeriodicalId":104846,"journal":{"name":"Proceedings of Internet Society Symposium on Network and Distributed Systems Security","volume":"38 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1996-02-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124751873","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
A "bump in the stack" encryptor for MS-DOS systems 用于MS-DOS系统的“堆栈中的颠簸”加密器
Proceedings of Internet Society Symposium on Network and Distributed Systems Security Pub Date : 1996-02-22 DOI: 10.1109/NDSS.1996.492422
D. Wagner, S. Bellovin
{"title":"A \"bump in the stack\" encryptor for MS-DOS systems","authors":"D. Wagner, S. Bellovin","doi":"10.1109/NDSS.1996.492422","DOIUrl":"https://doi.org/10.1109/NDSS.1996.492422","url":null,"abstract":"Most implementations of IP security are deeply entwined in the source of the protocol stack. However, such source code is not readily available for MS-DOS systems. We implemented a version using the packet driver interface. Our module sits between the generic Ethernet driver and the hardware driver; it emulates each to the other. Most of the code is straightforward; in a few places, though, we were forced to compensate for inadequate interface definitions.","PeriodicalId":104846,"journal":{"name":"Proceedings of Internet Society Symposium on Network and Distributed Systems Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1996-02-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130227219","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 12
Digital signature protection of the OSPF routing protocol OSPF路由协议的数字签名保护
Proceedings of Internet Society Symposium on Network and Distributed Systems Security Pub Date : 1996-02-22 DOI: 10.1109/NDSS.1996.492416
S. Murphy, M. R. Badger
{"title":"Digital signature protection of the OSPF routing protocol","authors":"S. Murphy, M. R. Badger","doi":"10.1109/NDSS.1996.492416","DOIUrl":"https://doi.org/10.1109/NDSS.1996.492416","url":null,"abstract":"The routing protocols used to disseminate routing information throughout the Internet are not protected from intruders or faulty router participants. This paper reports on work in progress to protect the OSPF routing protocol through the use of cryptography, specifically, digital signatures. The routing information is signed with an asymmetric cryptographic algorithm, allowing each router recipient to check the source and integrity of the information. This paper discusses the fundamental issues in security of routing protocols, reviews the basics of OSPF operation, describes the proposed design and discusses remaining vulnerabilities.","PeriodicalId":104846,"journal":{"name":"Proceedings of Internet Society Symposium on Network and Distributed Systems Security","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1996-02-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132326913","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 122
Scalability of security in distributed object systems 分布式对象系统中安全性的可扩展性
Proceedings of Internet Society Symposium on Network and Distributed Systems Security Pub Date : 1996-02-22 DOI: 10.1109/NDSS.1996.492352
D. Nessett
{"title":"Scalability of security in distributed object systems","authors":"D. Nessett","doi":"10.1109/NDSS.1996.492352","DOIUrl":"https://doi.org/10.1109/NDSS.1996.492352","url":null,"abstract":"This paper addresses the problem of scalability in distributed object systems. It first describes the scaling problem and then uses several examples as discussion points for the participants.","PeriodicalId":104846,"journal":{"name":"Proceedings of Internet Society Symposium on Network and Distributed Systems Security","volume":"24 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1996-02-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133346288","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信