发布求助
文献互助 智能选刊 最新文献

Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217)最新文献

筛选
英文 中文
Application-level isolation to cope with malicious database users 应用程序级隔离,以应对恶意数据库用户
Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217) Pub Date : 1998-12-07 DOI: 10.1109/CSAC.1998.738580
S. Jajodia, Peng Liu, Catherine D. McCollum
{"title":"Application-level isolation to cope with malicious database users","authors":"S. Jajodia, Peng Liu, Catherine D. McCollum","doi":"10.1109/CSAC.1998.738580","DOIUrl":"https://doi.org/10.1109/CSAC.1998.738580","url":null,"abstract":"System protection mechanisms such as access controls can be fooled by authorized but malicious users, masqueraders, and misfeasors. Intrusion detection techniques are therefore used to supplement them. The capacity of these techniques, however is limited: innocent users may be mistaken for malicious ones while malicious users stay at large. Isolation is a method that has been applied to protect systems from damage while investigating further. This paper proposes the use of isolation at an application level to gain its benefits while minimizing loss of resources and productive work in the case of incidents later deemed innocent. We describe our scheme in the database context. It isolates the database transparently from further damage by users suspected to be malicious, while still maintaining continued availability for their transactions. Isolation is complicated by the inconsistencies that may develop between isolated database versions. We present both static and dynamic approaches to identify and resolve conflicts. Finally, we give several examples of applications in which the isolation scheme should be worthwhile and be able to achieve good performance.","PeriodicalId":426526,"journal":{"name":"Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217)","volume":"64 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1998-12-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121067154","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 20
A selection criteria for intrusion detection systems 入侵检测系统的选择标准
Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217) Pub Date : 1998-12-07 DOI: 10.1109/CSAC.1998.738648
E. Amoroso, R. Kwapniewski
{"title":"A selection criteria for intrusion detection systems","authors":"E. Amoroso, R. Kwapniewski","doi":"10.1109/CSAC.1998.738648","DOIUrl":"https://doi.org/10.1109/CSAC.1998.738648","url":null,"abstract":"A set of criteria is introduced for comparing and assessing intrusion detection systems. The theory, requirements classes, metrics and practical application of the criteria are discussed. 15 specific requirements are described and broken down into Class A, Class B and Class C compliance. A questionnaire for obtaining vendor information is shown; advice and experiences from test evaluations are given, based on our use of the criteria with several commercially available systems.","PeriodicalId":426526,"journal":{"name":"Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217)","volume":"83 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1998-12-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128615233","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 24
NetSTAT: a network-based intrusion detection approach NetSTAT:一个基于网络的入侵检测方法
Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217) Pub Date : 1998-12-07 DOI: 10.1109/CSAC.1998.738566
G. Vigna, R. Kemmerer
{"title":"NetSTAT: a network-based intrusion detection approach","authors":"G. Vigna, R. Kemmerer","doi":"10.1109/CSAC.1998.738566","DOIUrl":"https://doi.org/10.1109/CSAC.1998.738566","url":null,"abstract":"Network-based attacks have become common and sophisticated. For this reason, intrusion detection systems are now shifting their focus from the hosts and their operating systems to the network itself. Network-based intrusion detection is challenging because network auditing produces large amounts of data, and different events related to a single intrusion may be visible in different places on the network. This paper presents NetSTAT, a new approach to network intrusion detection. By using a formal model of both the network and the attacks, NetSTAT is able to determine which network events have to be monitored and where they can be monitored.","PeriodicalId":426526,"journal":{"name":"Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217)","volume":"11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1998-12-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128915998","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 315
Security architecture for a virtual heterogeneous machine 虚拟异构机的安全体系结构
Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217) Pub Date : 1998-12-07 DOI: 10.1109/CSAC.1998.738611
Roger Wright, D. Shifflett, C. Irvine
{"title":"Security architecture for a virtual heterogeneous machine","authors":"Roger Wright, D. Shifflett, C. Irvine","doi":"10.1109/CSAC.1998.738611","DOIUrl":"https://doi.org/10.1109/CSAC.1998.738611","url":null,"abstract":"We describe security for a virtual heterogeneous machine (VHM). Our security architecture is based upon separation of services into four distinct domains. It is designed to take advantage of operating system support for domains, where available. We have chosen to use emerging public key technology as an interim solution to provide domain separation. A prototype demonstration of our architecture has been developed.","PeriodicalId":426526,"journal":{"name":"Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217)","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1998-12-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121924923","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 13
A certified e-mail protocol 经过认证的电子邮件协议
Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217) Pub Date : 1998-12-07 DOI: 10.1109/CSAC.1998.738655
B. Schneier, J. Riordan
{"title":"A certified e-mail protocol","authors":"B. Schneier, J. Riordan","doi":"10.1109/CSAC.1998.738655","DOIUrl":"https://doi.org/10.1109/CSAC.1998.738655","url":null,"abstract":"Protocols to facilitate secure electronic delivery are necessary if the Internet is to achieve its true potential as a business communications tool. We present a protocol for secure e-mail that protects both the sender and the receiver, and can be implemented using current e-mail products and existing Internet infrastructure.","PeriodicalId":426526,"journal":{"name":"Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217)","volume":"31 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1998-12-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133938052","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 56
Intrusion detection. Applying machine learning to Solaris audit data 入侵检测。将机器学习应用于Solaris审计数据
Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217) Pub Date : 1998-12-07 DOI: 10.1109/CSAC.1998.738647
David Endler
{"title":"Intrusion detection. Applying machine learning to Solaris audit data","authors":"David Endler","doi":"10.1109/CSAC.1998.738647","DOIUrl":"https://doi.org/10.1109/CSAC.1998.738647","url":null,"abstract":"An intrusion detection system (IDS) seeks to identify unauthorized access to computer systems' resources and data. The most common analysis tool that these modern systems apply is the operating system audit trail that provides a fingerprint of system events over time. In this research, the Basic Security Module auditing tool of Sun's Solaris operating environment was used in both an anomaly and misuse detection approach. The anomaly detector consisted of the statistical likelihood analysis of system calls, while the misuse detector was built with a neural network trained on groupings of system calls. This research demonstrates the potential benefits of combining both aspects of detection in future IDSs to decrease false positive and false negative errors.","PeriodicalId":426526,"journal":{"name":"Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217)","volume":"3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1998-12-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131705628","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 130
Mutual Authentication, Confidentiality, and Key MANagement (MACKMAN) system for mobile computing and wireless communication 用于移动计算和无线通信的相互认证、保密和密钥管理(MACKMAN)系统
Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217) Pub Date : 1998-12-07 DOI: 10.1109/CSAC.1998.738651
T. Brutch, P. Brutch
{"title":"Mutual Authentication, Confidentiality, and Key MANagement (MACKMAN) system for mobile computing and wireless communication","authors":"T. Brutch, P. Brutch","doi":"10.1109/CSAC.1998.738651","DOIUrl":"https://doi.org/10.1109/CSAC.1998.738651","url":null,"abstract":"In any distributed networked environment, security systems for network access and communication are necessary to allow legitimate hosts on the network to access the network services while denying non-registered hosts. Ideally, such systems should ensure both confidentiality and integrity of messages exchanged over the network. We discuss the deficiencies with the registration and authentication services provided by Global System for Mobile Communication (GSM), Cellular Digital Packet Data (CDPD), and IS-41. Next, we present the design of the Mutual Authentication, Confidentiality, and Key MANagement (MACKMAN) system to provide a more secure registration and authentication service for mobile computing and wireless communication. The capabilities provided by MACKMAN include registration of legitimate hosts with the network, mutual authentication, and data confidentiality and integrity in a mobile and wireless environment. Data confidentiality and integrity are provided by using the public key Elliptic Curve RSA (ECRSA) cryptosystem in conjunction with a hierarchy of certification authorities for key distribution and management.","PeriodicalId":426526,"journal":{"name":"Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217)","volume":"172 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1998-12-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132622395","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
Towards an infrastructure for MLS distributed computing 面向MLS分布式计算的基础设施
Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217) Pub Date : 1998-12-07 DOI: 10.1109/CSAC.1998.738587
Myong H. Kang, J. Froscher, B. Eppinger
{"title":"Towards an infrastructure for MLS distributed computing","authors":"Myong H. Kang, J. Froscher, B. Eppinger","doi":"10.1109/CSAC.1998.738587","DOIUrl":"https://doi.org/10.1109/CSAC.1998.738587","url":null,"abstract":"Distributed computing owes its success to the development of infrastructure, middleware, and standards (e.g., CORBA) to support interoperability. The computing community has slowly recognized the need to protect information and has begun to develop commercial security infrastructures and standards. The US Government must protect national security information against unauthorized information flow. To support MLS distributed computing, a MLS infrastructure must be built that enables information sharing among users at different classification levels. This infrastructure should provide MLS services for protection of classified information and use both the emerging distributed computing and commercial security infrastructures, when possible. The resulting infrastructure will enable users to integrate commercial information technology products into their systems. In this paper, we examine the philosophy that has led to successful distributed computing among heterogeneous, autonomous components and propose an analogous approach for MLS distributed computing. We identify some services that are required to support MLS distributed computing, argue that these services are needed regardless of the MLS architecture used, present an approach for designing these services, and provide design guidance for a critical building block of the MLS infrastructure.","PeriodicalId":426526,"journal":{"name":"Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217)","volume":"62 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1998-12-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129333552","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 18
The RRA97 model for role-based administration of role hierarchies 基于角色的角色层次管理的RRA97模型
Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217) Pub Date : 1998-12-07 DOI: 10.1109/CSAC.1998.738569
R. Sandhu, Q. Munawer
{"title":"The RRA97 model for role-based administration of role hierarchies","authors":"R. Sandhu, Q. Munawer","doi":"10.1109/CSAC.1998.738569","DOIUrl":"https://doi.org/10.1109/CSAC.1998.738569","url":null,"abstract":"Role-based access control (RBAC) has recently received a lot of attention due to its flexibility, expressive power and simplicity in administration. In RBAC permissions are associated with roles and users are made members of roles thereby acquiring the associated permissions. Centralized management of RBAC in large systems is a tedious and costly task. An appealing possibility is to use RBAC itself to facilitate decentralized administration of RBAC. The recently proposed ARBAC97 (administrative RBAC '97) model identifies components called URA97, PRA97 and RRA97 for administration of user-role, permission-role and role-role assignments respectively. URA97 and PRA97 have already been described in detail in the literature, whereas RRA97 has so far not been defined. The central contribution of this paper is to give a complete and formal definition of RRA97, thereby completing the ARBAC97 model. The effect of role-role assignment is to construct a role hierarchy (that is, a partial order) in which senior roles inherit permissions from junior roles. Modifications to the role hierarchy can have drastic impact on the effective distribution of permissions to roles. At the same time we would like to decentralize this aspect of RBAC administration so that, for example, it should be possible for project security officers to rearrange roles within a project without impacting other role relationships within the department in which the project exists. RRA97 shows how this goal can be achieved.","PeriodicalId":426526,"journal":{"name":"Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217)","volume":"100 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1998-12-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122740689","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 35
Role based access control framework for network enterprises 基于角色的网络企业访问控制框架
Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217) Pub Date : 1998-12-07 DOI: 10.1109/CSAC.1998.738571
D. Thomsen, D. O'Brien, J. Bogle
{"title":"Role based access control framework for network enterprises","authors":"D. Thomsen, D. O'Brien, J. Bogle","doi":"10.1109/CSAC.1998.738571","DOIUrl":"https://doi.org/10.1109/CSAC.1998.738571","url":null,"abstract":"A business's success depends on its ability to protect valuable business assets in an increasingly hostile environment. Protecting information requires a cost, not only in purchasing security components, but also in ensuring that those security components are properly managed. Role based access control (RBAC) shows promise for making security administration easier, thus reducing the cost of managing security components. RBAC provides a convenient layer of abstraction by describing access control patterns. This paper presents an RBAC framework comprised of seven abstract layers. Multiple layers allow users to work with a layer they understand. Thus a balance can be struck between fine grained access control and ease of management. The goal is to provide easy security management for a wide variety of network applications. The NAPOLEON tool which implements parts of the framework is also described.","PeriodicalId":426526,"journal":{"name":"Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217)","volume":"27 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1998-12-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121745579","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 70
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信