{"title":"Has Access Control Become the Weak Link?","authors":"Trent Jaeger","doi":"10.1109/msec.2024.3427588","DOIUrl":"https://doi.org/10.1109/msec.2024.3427588","url":null,"abstract":"In the early 2000s, computer systems were under threat from a variety of Internet worms. This malware attacked network-facing programs by exploiting their memory errors, hijacking their execution to perform malicious operations and propagate the malware to other systems. One key change that commercial systems adopted to prevent such attacks was in access control enforcement. With the enhanced access control (and other defenses), defenders were able to prevent Internet worm attacks, but a variety of other significant and catastrophic attacks (e.g., ransomware) have emerged since that time. But our access control infrastructure is essentially the same as that used to combat Internet worms. In this column, I want to look more closely at the current state of access control enforcement and where we might go from here.","PeriodicalId":13152,"journal":{"name":"IEEE Security & Privacy","volume":"44 1","pages":""},"PeriodicalIF":1.9,"publicationDate":"2024-09-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142265419","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Inclusive Privacy and Security","authors":"Apu Kapadia, Yang Wang","doi":"10.1109/msec.2024.3433708","DOIUrl":"https://doi.org/10.1109/msec.2024.3433708","url":null,"abstract":"This special issue features six articles on addressing the privacy and security needs of diverse populations. These articles provide insights into design guidelines, techniques, and specific populations for building technologies for inclusive privacy and security.","PeriodicalId":13152,"journal":{"name":"IEEE Security & Privacy","volume":"189 1","pages":""},"PeriodicalIF":1.9,"publicationDate":"2024-09-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142265413","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"IEEE Computer Society Has You Covered!","authors":"","doi":"10.1109/msec.2024.3450029","DOIUrl":"https://doi.org/10.1109/msec.2024.3450029","url":null,"abstract":"","PeriodicalId":13152,"journal":{"name":"IEEE Security & Privacy","volume":"11 1","pages":""},"PeriodicalIF":1.9,"publicationDate":"2024-09-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142265418","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Get Published in the New IEEE Transaction on Privacy","authors":"","doi":"10.1109/msec.2024.3449986","DOIUrl":"https://doi.org/10.1109/msec.2024.3449986","url":null,"abstract":"","PeriodicalId":13152,"journal":{"name":"IEEE Security & Privacy","volume":"30 1","pages":""},"PeriodicalIF":1.9,"publicationDate":"2024-09-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142265271","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"The Rocky Road to Sustainable Security","authors":"Liliana Pasquale, Kushal Ramkumar, Wanling Cai, John McCarthy, Gavin Doherty, Bashar Nuseibeh","doi":"10.1109/msec.2024.3429888","DOIUrl":"https://doi.org/10.1109/msec.2024.3429888","url":null,"abstract":"In this column, we illustrate real-world scenarios in which modern systems cannot preserve security during operation. We examine the notion of sustainable security and discuss the challenges to engineering sustainably secure systems.","PeriodicalId":13152,"journal":{"name":"IEEE Security & Privacy","volume":"2 1","pages":""},"PeriodicalIF":1.9,"publicationDate":"2024-09-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142265417","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}