JUNE 2007 (Vol. 40, No. 6) p. 4
0018-9162/07/$31.00 © 2007 IEEE
Published by the IEEE Computer Society
Published by the IEEE Computer Society
The Case for Flexible NIST Security Standards
Feisal Keblawi and Dick Sullivan
Recently, the US National Institute of Standards and Technology (NIST) began issuing new kinds of information system security (ISS) standards. Responding to the 2002 Federal Information Security Management Act (FISMA), these mandatory standards regulate ISS processes in federal civilian agencies and require standardized security controls in all related federal information systems.
Experience shows that federal standards aligned with established commercial practices generally succeed. The authors seek to initiate a dialogue on the role and reach of NIST as a rule maker and as a standards writer for federal cybersecurity that will result in a new understanding about the limits of security rule making in the present federal environment.
Best Practices for Automated Traceability
Jane Cleland-Huang, Raffaella Settimi, Eli Romanova, Brian Berenbach, and Stephen Clark
Traceability helps determine that researchers have refined requirements into lower-level design components, built them into the executable system, and tested them effectively. It further helps analysts understand the implications of a proposed change and ensures that no extraneous code exists.
Unfortunately, many organizations fail to implement effective traceability. Because manual traces are often created ad hoc, they tend to be inconsistent and often incomplete. Automated traceability methods aggressively tackle these problems by decreasing the effort needed to construct and maintain a set of traceability links and by providing traceability across a much broader set of documents.
An Open Source Environment for Cell Broadband Engine System Software
Michael Gschwind, David Erb, Sid Manning, and Mark Nutter
New computer architectures usually arise in response to tectonic shifts in technology and market conditions. As the era of pure CMOS frequency scaling ends, architects must again respond to massive technological changes by more efficiently exploiting density scaling.
The Cell Broadband Engine provides the first implementation of a chip-multiprocessor with a significant number of general-purpose programmable cores targeting a broad set of workloads, including intensive multimedia and scientific processing.
Isolation in Commodity Multicore Processors
Nidhi Aggarwal, Parthasarathy Ranganathan, Norman P. Jouppi, and James E. Smith
Technology scaling and power trends have led to the widespread emergence of chip multiprocessors as the predominant hardware paradigm. From a system viewpoint, CMPs provide higher levels of integration, typically including multiple processing cores, caches, memory controllers, and even some I/O processing—all in a single socket.
Multiple cores will provide unprecedented compute power on a single chip. However, integration of several components on a chip must be accompanied by features that enable isolation from fault effects, destructive performance interference, and security breaches.
iMouse: An Integrated Mobile Surveillance and Wireless Sensor System
Yu-Chee Tseng, You-Chiun Wang, Kai-Yang Cheng, and Yao-Yu Hsieh
With their environment-sensing capability, wireless sensor networks can enrich human life in applications such as healthcare, building monitoring, and home security.
The iMouse system integrates WSN technologies into surveillance technologies to support intelligent mobile surveillance services. The authors suggest several ways to improve or extend iMouse. One option is to facilitate mobile sensor navigation by, for example, integrating localization schemes to guide mobile sensors instead of using color tapes. A second option is to exploit coordination among mobile sensors, especially when they're on the road.
Password-Based Authentication: Preventing Dictionary Attacks
Saikat Chakrabarti and Mukesh Singhal
The most common verification technique is to check whether the claimant possesses information or characteristics that a genuine entity should possess. For example, we can authenticate a phone call by recognizing a person's voice and identify people we know by recognizing their appearance.
But the authentication process can get complicated when visual or auditory clues aren't available to help with identification.
Because they're cheap and convenient, passwords have become the most popular technique for authenticating users trying to access confidential data stored in computers, even though such authentication is vulnerable to several forms of attack. Password protocols preventing offline dictionary attacks need more than heuristic arguments to provide a guarantee of security.