Proceedings 1995 IEEE Symposium on Security and Privacy最新文献

筛选
英文 中文
Absorbing covers and intransitive non-interference 吸收盖和传递不干扰
Proceedings 1995 IEEE Symposium on Security and Privacy Pub Date : 1995-05-08 DOI: 10.1109/SECPRI.1995.398926
Sylvan Pinsky
{"title":"Absorbing covers and intransitive non-interference","authors":"Sylvan Pinsky","doi":"10.1109/SECPRI.1995.398926","DOIUrl":"https://doi.org/10.1109/SECPRI.1995.398926","url":null,"abstract":"The paper gives necessary and sufficient conditions for a system to satisfy intransitive non-interference. Security is defined in terms of allowable flows of information among action domains as represented by an interferes relation /spl sim/>. We examine properties of special sets called basis elements generated from the relation /spl sim/> and introduce the notion of absorbing covers which is associated with the standard unwinding theorems for non-interference. Our approach separates the equivalence relation arguments from the non-interference properties, and as a by product, we develop a decision procedure for non-interference. An upper bound on the number of iterations needed for termination of the procedure is provided.<<ETX>>","PeriodicalId":420458,"journal":{"name":"Proceedings 1995 IEEE Symposium on Security and Privacy","volume":"36 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1995-05-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115390376","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 71
The Intel 80/spl times/86 processor architecture: pitfalls for secure systems Intel 80/spl times/86处理器架构:安全系统的陷阱
Proceedings 1995 IEEE Symposium on Security and Privacy Pub Date : 1995-05-08 DOI: 10.1109/SECPRI.1995.398934
O. Sibert, Phillip A. Porras, R. Lindell
{"title":"The Intel 80/spl times/86 processor architecture: pitfalls for secure systems","authors":"O. Sibert, Phillip A. Porras, R. Lindell","doi":"10.1109/SECPRI.1995.398934","DOIUrl":"https://doi.org/10.1109/SECPRI.1995.398934","url":null,"abstract":"An in-depth analysis of the 80/spl times/86 processor families identifies architectural properties that may have unexpected, and undesirable, results in secure computer systems. In addition, reported implementation errors in some processor versions render them undesirable for secure systems because of potential security and reliability problems. We discuss the imbalance in scrutiny for hardware protection mechanisms relative to software, and why this imbalance is increasingly difficult to justify as hardware complexity increases. We illustrate this difficulty with examples of architectural subtleties and reported implementation errors.<<ETX>>","PeriodicalId":420458,"journal":{"name":"Proceedings 1995 IEEE Symposium on Security and Privacy","volume":"48 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1995-05-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117347432","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 31
Preserving privacy in a network of mobile computers 在移动计算机网络中保护隐私
Proceedings 1995 IEEE Symposium on Security and Privacy Pub Date : 1995-05-08 DOI: 10.1109/SECPRI.1995.398920
D. Cooper, K. Birman
{"title":"Preserving privacy in a network of mobile computers","authors":"D. Cooper, K. Birman","doi":"10.1109/SECPRI.1995.398920","DOIUrl":"https://doi.org/10.1109/SECPRI.1995.398920","url":null,"abstract":"Even as wireless networks create the potential for access to information from mobile platforms, they pose a problem for privacy. In order to retrieve messages, users must periodically poll the network. The information that the user must give to the network could potentially be used to track that user. However, the movements of the user can also be used to hide the user's location if the protocols for sending and retrieving messages are carefully designed. We have developed a replicated memory service which allows users to read from memory without revealing which memory locations they are reading. Unlike previous protocols, our protocol is efficient in its use of computation and bandwidth. We show how this protocol can be used in conjunction with existing privacy preserving protocols to allow a user of a mobile computer to maintain privacy despite active attacks.<<ETX>>","PeriodicalId":420458,"journal":{"name":"Proceedings 1995 IEEE Symposium on Security and Privacy","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1995-05-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117019696","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 100
A network version of the Pump 一个网络版本的泵
Proceedings 1995 IEEE Symposium on Security and Privacy Pub Date : 1995-05-08 DOI: 10.1109/SECPRI.1995.398929
Myong H. Kang, I. S. Moskowitz, D. Lee
{"title":"A network version of the Pump","authors":"Myong H. Kang, I. S. Moskowitz, D. Lee","doi":"10.1109/SECPRI.1995.398929","DOIUrl":"https://doi.org/10.1109/SECPRI.1995.398929","url":null,"abstract":"A designer of reliable MLS networks must consider covert channels and denial of service attacks in addition to traditional network performance measures such as throughput, fairness, and reliability. We show how to extend the NRL data Pump to a certain MLS network architecture in order to balance the requirements of congestion control, fairness, good performance, and reliability against those of minimal threats from covert channels and denial of service attacks. We back up our claims with simulation results.<<ETX>>","PeriodicalId":420458,"journal":{"name":"Proceedings 1995 IEEE Symposium on Security and Privacy","volume":"70 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1995-05-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116064365","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 57
Integrating security in CORBA based object architectures 在基于CORBA的对象体系结构中集成安全性
Proceedings 1995 IEEE Symposium on Security and Privacy Pub Date : 1995-05-08 DOI: 10.1109/SECPRI.1995.398922
R. Deng, S. Bhonsle, Weiguo Wang, A. Lazar
{"title":"Integrating security in CORBA based object architectures","authors":"R. Deng, S. Bhonsle, Weiguo Wang, A. Lazar","doi":"10.1109/SECPRI.1995.398922","DOIUrl":"https://doi.org/10.1109/SECPRI.1995.398922","url":null,"abstract":"We propose a distributed security architecture for incorporation into object oriented distributed computing systems, and in particular, into OMG's CORBA based object architectures. The primary objective of the security architecture is to make CORBA resilient to both component failures and malicious attacks. The core of the architecture is the notion of secure ORB node-an ORB node enhanced with \"pluggable\" system security objects interacting through generic security service APIs. System security objects coupled with protocols among them facilitate creation and management of clients, objects, and security information. Security services addressed in the paper include, but are in no way limited to, client/object authentication, access control, and integrity and confidentiality protections.<<ETX>>","PeriodicalId":420458,"journal":{"name":"Proceedings 1995 IEEE Symposium on Security and Privacy","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1995-05-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114224623","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 32
Capacity estimation and auditability of network covert channels 网络隐蔽信道的容量估计与可审计性
Proceedings 1995 IEEE Symposium on Security and Privacy Pub Date : 1995-05-08 DOI: 10.1109/SECPRI.1995.398932
B. Venkatraman, R. Newman
{"title":"Capacity estimation and auditability of network covert channels","authors":"B. Venkatraman, R. Newman","doi":"10.1109/SECPRI.1995.398932","DOIUrl":"https://doi.org/10.1109/SECPRI.1995.398932","url":null,"abstract":"Classical covert channel analysis has focused on channels available on a single computer: timing channels and storage channels. We characterize network covert channels. Potential network covert channels are exploited by modulating transmission characteristics. We distinguish between spatial covert channels, caused by a variation in the relative volume of communication between nodes in the network, and temporal covert channels caused by a variation in transmission characteristics over time, extending the work of Girling (1987). A model for obtaining a spatially neutral transmission schedule was given by Newman-Wolfe and Venkatraman (1991, 1992). Temporally neutral transmissions are characterized and scheduling policies to generate temporally neutral transmission schedules were given by Venkatraman and Newman-Wolfe (1993). We estimate the covert channel capacity using an adaptive scheduling policy, modeling the system as a mode secure system. Based on our measurements on the University of Florida campus-wide backbone network (UFNET), we discuss the auditability of network covert channels and suggest some handling policies to reduce the capacity of these covert channels to TCSEC acceptable levels.<<ETX>>","PeriodicalId":420458,"journal":{"name":"Proceedings 1995 IEEE Symposium on Security and Privacy","volume":"1197 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1995-05-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126737152","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 43
Reasoning about accountability in protocols for electronic commerce 关于电子商务协议中责任的推理
Proceedings 1995 IEEE Symposium on Security and Privacy Pub Date : 1995-05-08 DOI: 10.1109/SECPRI.1995.398936
R. Kailar
{"title":"Reasoning about accountability in protocols for electronic commerce","authors":"R. Kailar","doi":"10.1109/SECPRI.1995.398936","DOIUrl":"https://doi.org/10.1109/SECPRI.1995.398936","url":null,"abstract":"A new framework is proposed for the analysis of communication protocols that require accountability, such as those for electronic commerce. Informal arguments are presented to show that a heretofore un-explored property \"provability\" is pertinent to examine the potential use of communication protocols in the context of litigation, and in the context of audit. A set of postulates which are applicable to the analysis of proofs in general (e.g., zero knowledge proofs), and the proofs of accountability in particular, are proposed. The proposed approach is more natural for the analysis of accountability then the existing belief logics that have been used in the past for the analysis of key distribution protocols. Some recently proposed protocols for electronic commerce and public-key delegation are analyzed to illustrate the use of the new analysis framework in detecting (and suggesting remedies for eliminating) their lack of accountability, and in detecting and eliminating redundancies.<<ETX>>","PeriodicalId":420458,"journal":{"name":"Proceedings 1995 IEEE Symposium on Security and Privacy","volume":"6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1995-05-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131197447","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 63
A multilevel file system for high assurance 高保证的多级文件系统
Proceedings 1995 IEEE Symposium on Security and Privacy Pub Date : 1995-05-08 DOI: 10.1109/SECPRI.1995.398924
C. Irvine
{"title":"A multilevel file system for high assurance","authors":"C. Irvine","doi":"10.1109/SECPRI.1995.398924","DOIUrl":"https://doi.org/10.1109/SECPRI.1995.398924","url":null,"abstract":"The designs of applications for multilevel systems cannot merely duplicate those of the untrusted world. When applications are built on a high assurance base, they will be constrained by the underlying policy enforcement mechanism. Consideration must be given to the creation and management of multilevel data structures by untrusted subjects. Applications should be designed to rely upon the TCB's security policy enforcement services rather than build new access control services beyond the TCB perimeter. The results of an analysis of the design of a general purpose file system developed to execute as an untrusted application on a high assurance TCB are presented. The design illustrates a number of solutions to problems resulting from a high assurance environment.<<ETX>>","PeriodicalId":420458,"journal":{"name":"Proceedings 1995 IEEE Symposium on Security and Privacy","volume":"49 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1995-05-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130509800","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 23
The design and implementation of a secure auction service 安全拍卖服务的设计和实现
Proceedings 1995 IEEE Symposium on Security and Privacy Pub Date : 1995-05-08 DOI: 10.1109/SECPRI.1995.398918
M. Franklin, M. Reiter
{"title":"The design and implementation of a secure auction service","authors":"M. Franklin, M. Reiter","doi":"10.1109/SECPRI.1995.398918","DOIUrl":"https://doi.org/10.1109/SECPRI.1995.398918","url":null,"abstract":"We present the design and implementation of a distributed service for performing sealed-bid auctions. This service provides an interface by which clients, or \"bidders\", can issue secret bids to the service for an advertised auction. Once the bidding period has ended, the auction service opens the bids, determines the winning bid, and provides the winning bidder with a ticket for claiming the item bid upon. Using novel cryptographic techniques, the service is constructed to provide strong protection for both the auction house and correct bidders, despite the malicious behavior of any number of bidders and even a constant fraction of the servers comprising the auction service. Specifically, it is guaranteed that (i) bids of correct bidders are not revealed until after the bidding period has ended, (ii) the auction house collects payment for the winning bid, (iii) losing bidders forfeit no money, and (iv) only the winning bidder can collect the item bid upon. We also discuss techniques to enable anonymous bidding.<<ETX>>","PeriodicalId":420458,"journal":{"name":"Proceedings 1995 IEEE Symposium on Security and Privacy","volume":"190 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1995-05-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121328932","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 318
Recent-secure authentication: enforcing revocation in distributed systems 最近安全身份验证:在分布式系统中强制撤销
Proceedings 1995 IEEE Symposium on Security and Privacy Pub Date : 1995-05-08 DOI: 10.1109/SECPRI.1995.398935
S. Stubblebine
{"title":"Recent-secure authentication: enforcing revocation in distributed systems","authors":"S. Stubblebine","doi":"10.1109/SECPRI.1995.398935","DOIUrl":"https://doi.org/10.1109/SECPRI.1995.398935","url":null,"abstract":"A general method is described for formally specifying and reasoning about distributed systems with any desired degree of immediacy for revoking authentication. To effect revocation, 'authenticating entities' impose freshness constraints on credentials or authenticated statements made by trusted intermediaries. If fresh statements are not presented, then the authentication is questionable. Freshness constraints are derived from initial policy assumptions and authentic statements made by trusted intermediaries. By adjusting freshness constraints, the delay for certain revocation can be arbitrarily bounded. We illustrate how the inclusion of freshness policies within certificates enables the design of a secure and highly available revocation service. We illustrate the application of the method and new techniques in an example.<<ETX>>","PeriodicalId":420458,"journal":{"name":"Proceedings 1995 IEEE Symposium on Security and Privacy","volume":"35 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1995-05-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115208886","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 65
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信