The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.06 - November/December (2007 vol.5)
pp: i1-i8
Published by the IEEE Computer Society

AUTHOR INDEX

A

Acıiçmez, Onur, Jean-Pierre Seifert, and Çetin Kaya Koç, " Micro-Architectural Cryptanalysis," July/Aug., pp. 62–64.

Ahmad, David, " The Contemporary Software Security Landscape," May/June, pp. 75–77.

Aime, Marco Domenico, Giorgio Calandriello, and Antonio Lioy, " Dependability in Wireless Networks: Can We Rely on WiFi?," Jan./Feb., pp. 23–29.

Alberts, Christopher, see Woody, Carol.

Ali, Asad M., see Vassilev, Apostol T.

Allen, William H., see Ford, Richard.

Allen, William H., see Ford, Richard.

Allen, William H., " Mixing Wheat with the Chaff: Creating Useful Test Data for IDS Evaluation," July/Aug., pp. 65–67.

Anderson, Ross, see McGraw, Gary.

Anderson, Ross, " Software Security: State of the Art," Jan./Feb., pp. 8.

Antón, Annie I., see Otto, Paul N.

Antón, Annie I., Julia B. Eart, Matthew W. Vail, Neha Jain, Carrie M. Gheen, and Jack M. Frink, " HIPAA's Effect on Web Site Privacy Policies," Jan./Feb., pp. 45–52.

Arce, Iván, " Ghost in the Virtual Machine," July/Aug., pp. 68–71.

Arce, Iván, " A Surprise Party (on Your Computer)?," Mar./Apr., pp. 15–16.

B

Baer, Walter S., and Andrew Parkinson, " Cyberinsurance in IT Security Management," May/June, pp. 50–56.

Baker, Wade H., and Linda Wallace, " Is Information Security Under Control?: Investigating Quality in Information Security Management," Jan./Feb., pp. 36–44.

Balducci, Francesco, see Piazzalunga, Ugo.

Bass, Samuel D., see Mullins, Barry E.

Baumer, David L., see Otto, Paul N.

Bellovin, Steve, " DRM, Complexity, and Correctness," Jan./Feb., pp. 80.

Bellovin, Steve, " Seers and Craftspeople," Sep./Oct., pp. 88.

Bertino, Elisa, see Li, Ninghui.

Bertino, Elisa, see Bhargav-Spantzel, Abhilasha.

Bhargav-Spantzel, Abhilasha, Anna C. Squicciarini, and Elisa Bertino, " Trust Negotiation in Identity Management," Mar./Apr., pp. 55–63.

Bishop, Matt, see Peisert, Sean.

Bishop, Matt, " About Penetration Testing," Nov./Dec., pp. 84–87.

Bishop, Matt, and Deborah A. Frincke, " Achieving Learning Objectives through E-Voting Case Studies," Jan./Feb., pp. 53–56.

Bramhall, Pete, Marit Hansen, Kai Rannenberg, and Thomas Roessler, " User-Centric Identity Management: New Trends in Standardization and Regulation," July/Aug., pp. 84–87.

Bratus, Surgey, " What Hackers Learn that the Rest of Us Don't: Notes on Hacker Curriculum," July/Aug., pp. 72–75.

Bruschi, Danilo, Lorenzo Martignoni, and Mattia Monga, " Code Normalization for Self-Mutating Malware," Mar./Apr., pp. 46–54.

Byun, Ji-Won, see Li, Ninghui.

C

Calandriello, Giorgio, see Aime, Marco Domenico.

Carettoni, Luca, Claudio Merloni, and Stefano Zanero, " Studying Bluetooth Malware Propagation: The BlueBag Project," Mar./Apr., pp. 17–25.

Carpenter, Matthew, Tom Liston, and Ed Skoudis, " Hiding Virtualization from Attackers and Malware," May/June, pp. 62–65.

Caulkins, Jonathan, Eric D. Hough, Nancy R. Mead, and Hassan Osman, " Optimizing Investments in Security Countermeasures: A Practical Tool for Fixed Budgets," Sep./Oct., pp. 57–60.

Chandramouli, Ramaswamy, and Philip Lee, " Infrastructure Standards for Smart ID Card Deployment," Mar./Apr., pp. 92–96.

Choi, Kyunghee, see Kim, Jangbok.

Chung, Kihyun, see Kim, Jangbok.

Coe, David, see English, Jennifer.

Conti, Gregory, see Sobiesk, Edward.

D

DeLooze, Lori, " Providing Web Service Security in a Federated Environment," Jan./Feb., pp. 73–75.

Dimitriadis, Christos K., " Improving Mobile Core Network Security with Honeynets," July/Aug., pp. 40–47.

Dingledine, Roger, Nick Mathewson, and Paul Syverson, " Deploying Low-Latency Anonymity: Design Challenges and Social Factors," Sep./Oct., pp. 83–87.

Donner, Marc, " Cyberassault on Estonia," July/Aug., pp. 4–5.

D

du, Castel, Bertrand, see Vassilev, Apostol T.

Dushin, Fred, and Eric Newcomer, " Handling Multiple Credentials in a Heterogeneous SOA Environment," Sep./Oct., pp. 80–82.

Dyson, Paul, see Peeters, Johan.

E

Eart, Julia B., see Antón, Annie I.

English, Jennifer, David Coe, Rhonda Gaede, David Hyde, and Jeffrey Kulick, " MEMS-Assisted Cryptography for CPI Protection," July/Aug., pp. 14–21.

Erbacher, Robert F., see Swart, Richard S.

F

Farivar, Reza, see Iyer, Ravishankar K.

Ferguson, Aaron J., see Mabry, Frank J.

Ferraiolo, David, Rick Kuhn, and Ravi Sandhu, " RBAC Standard Rationale: Comments on 'A Critique of the ANSI Standard on Role-Based Access Control'," Nov./Dec., pp. 51–53.

Ford, Richard, and William H. Allen, " How Not to Be Seen," Jan./Feb., pp. 67–69.

Ford, Richard, and William H. Allen, " How Not to Be Seen II: The Defenders Fight Back," Nov./Dec., pp. 65–68.

Franz, Michael, " Containing the Ultimate Trojan Horse," July/Aug., pp. 52–56.

Fraser, David, " The Canadian Response to the USA Patriot Act," Sep./Oct., pp. 66–68.

Freiling, Felix, see Willems, Carsten.

Frincke, Deborah A., see Bishop, Matt.

Frink, Jack M., see Antón, Annie I.

G

Gaede, Rhonda, see English, Jennifer.

Gagnon, Michael N., Stephen Taylor, and Anup K. Ghosh, " Software Protection through Anti-Debugging," May/June, pp. 82–84.

Geer, Daniel E., " The End of Black and White," July/Aug., pp. 88.

Geiselmann, Willi, and Rainer Steinwandt, " Special-Purpose Hardware in Cryptanalysis: The Case of 1,024-Bit RSA," Jan./Feb., pp. 63–66.

Gheen, Carrie M., see Antón, Annie I.

Ghosh, Anup K., see Gagnon, Michael N.

Gilhen, Jonathan, see Power, E. Michael.

Goetz, Eric, see Johnson, M. Eric.

Gratzer, Vanessa, and David Naccache, " Alien vs. Quine," Mar./Apr., pp. 26–31.

Gratzer, Vanessa, and David Naccache, " Trust on a Nationwide Scale," Sep./Oct., pp. 69–71.

Gritazalis, Dimitris, see Theoharidou, Marianthi.

Gupta, Suvajit, and Joel Winstead, " Using Attack Graphs to Design Systems," July/Aug., pp. 80–83.

H

Hamrock, James, see Lyda, Robert.

Hansen, Marit, see Bramhall, Pete.

Healey, William, see Iyer, Ravishankar K.

Heikkila, Faith M., " Encryption: Security Considerations for Portable Media Devices," July/Aug., pp. 22–27.

Hirsch, Corey, see Oshri, Ilan.

Hoglund, Greg, see McGraw, Gary.

Hole, Kjell J., Vebjørn Moen, André N. Klingsheimand, and Knut M. Tande, " Lessons from the Norwegian ATM System," Nov./Dec., pp. 25–31.

Holz, Thorsten, see Willems, Carsten.

Hough, Eric D., see Caulkins, Jonathan.

Hwu, Wen-Mei W., see Iyer, Ravishankar K.

Hyde, David, see English, Jennifer.

I

In't Veld, Sophie, " Data Sharing across the Atlantic," July/Aug., pp. 58–61.

Iyer, Ravishankar K., Zbigniew Kalbarczyk, Karthik Pattabiraman, William Healey, Wen-Mei W. Hwu, Peter Klemperer, and Reza Farivar, " Toward Application-Aware Security and Reliability," Jan./Feb., pp. 57–62.

J

Jacomuzzi, Pablo, see Piazzalunga, Ugo.

Jain, Neha, see Antón, Annie I.

Jakobsson, Markus, and Sid Stamm, " Web Camouflage: Protecting Your Clients from Browser-Sniffing Attacks," Nov./Dec., pp. 16–24.

James, John R., see Mabry, Frank J.

Johnson, M. Eric, and Eric Goetz, " Embedding Information Security into the Organization," May/June, pp. 16–24.

Jones, Jeffrey R., " Estimating Software Vulnerabilities," July/Aug., pp. 28–32.

K

Kalbarczyk, Zbigniew, see Iyer, Ravishankar K.

Kapadia, Apu, " A Case (Study) For Usability in Secure Email Communication," Mar./Apr., pp. 80–84.

Kim, Jangbok, Kihyun Chung, and Kyunghee Choi, " Spam Filtering With Dynamically Updated URL Statistics," July/Aug., pp. 33–39.

Klemperer, Peter, see Iyer, Ravishankar K.

Klingsheim, André N., see Hole, Kjell J.

Knutson, Tina R., " Building Privacy into Software Products and Services," May/June, pp. 72–74.

Koç, Çetin Kaya, see Acıiçmez, Onur.

Kotlarsky, Julia, see Oshri, Ilan.

Kuhn, Rick, see Ferraiolo, David.

Kulick, Jeffrey, see English, Jennifer.

L

Lacey, Timothy H., see Mullins, Barry E.

Landwehr, Carl E., " Food for Thought: Improving the Market for Assurance," May/June, pp. 3–4.

Landwehr, Carl E., " New Challenges for the New Year," Jan./Feb., pp. 3–4.

Landwehr, Carl E., " Revolution through Competition?," Nov./Dec., pp. 3–4.

Lawrence Pfleeger, Shari, Roland L. Trope, and Charles C. Palmer, " Guest Editors' Introduction: Managing Organizational Security," May/June, pp. 13–15.

Lawrence Pfleeger, Shari, Martin Libicki, and Michael Webber, " I'll Buy That! Cybersecurity in the Internet Marketplace," May/June, pp. 25–31.

Lee, Philip, see Chandramouli, Ramaswamy.

Lesk, Michael, " The New Front Line: Estonia under Cyberassault," July/Aug., pp. 76–79.

Lesk, Michael, " South Korea's Way to the Future," Mar./Apr., pp. 85–87.

Li, Ninghui, Ji-Won Byun, and Elisa Bertino, " A Critique of the ANSI Standard on Role-Based Access Control," Nov./Dec., pp. 41–49.

Libicki, Martin, see Lawrence Pfleeger, Shari.

Lioy, Antonio, see Aime, Marco Domenico.

Liston, Tom, see Carpenter, Matthew.

Lyda, Robert, and James Hamrock, " Using Entropy Analysis to Find Encrypted and Packed Malware," Mar./Apr., pp. 40–45.

Lysyanskaya, Anna, " Authentication without Identification," May/June, pp. 69–71.

M

Mabry, Frank J., John R. James, and Aaron J. Ferguson, " Unicode Steganographic Exploits: Maintaining Enterprise Border Security," Sep./Oct., pp. 32–39.

Martignoni, Lorenzo, see Bruschi, Danilo.

Martin, Keye, " Secure Communication without Encryption?," Mar./Apr., pp. 68–71.

Mathewson, Nick, see Dingledine, Roger.

McGraw, Gary, and Greg Hoglund, " Online Games and Security," Sep./Oct., pp. 76–79.

McGraw, Gary, " Silver Bullet Talks with Annie Antón," Sep./Oct., pp. 8–11.

McGraw, Gary, " Silver Bullet Speaks with Dorothy Denning," Mar./Apr., pp. 11–14.

McGraw, Gary, " Silver Bullet Speaks with John Stewart," Jan./Feb., pp. 9–11.

McGraw, Gary, " Silver Bullet Talks with Becky Bace," May/June, pp. 6–9.

McGraw, Gary, " Silver Bullet Talks with Mikko Hyppönen," Nov./Dec., pp. 8–11.

McGraw, Gary, and Ross Anderson, " Silver Bullet Talks with Ross Anderson," July/Aug., pp. 10–13.

McKinney, David, " Vulnerability Bazaar," Nov./Dec., pp. 69–73.

Mead, Nancy R., see Caulkins, Jonathan.

Merloni, Claudio, see Carettoni, Luca.

Mills, Robert F., see Mullins, Barry E.

Moen, Vebjørn, see Hole, Kjell J.

Monga, Mattia, see Bruschi, Danilo.

Morley, Bradford C., see Trope, Roland L.

Moroncelli, Cristiano, see Piazzalunga, Ugo.

Morris, John, and Jon Peterson, " Who's Watching You Now?," Jan./Feb., pp. 76–79.

Mullins, Barry E., Timothy H. Lacey, Robert F. Mills, Joseph E. Trechter, and Samuel D. Bass, " How the Cyber Defense Exercise Shaped an Information-Assurance Curriculum," Sep./Oct., pp. 40–49.

N

Naccache, David, see Gratzer, Vanessa.

Naccache, David, see Gratzer, Vanessa.

Newcomer, Eric, see Dushin, Fred.

Nichols, Elizabeth A., and Gunnar Peterson, " A Metrics Framework to Drive Application Security Improvement," Mar./Apr., pp. 88–91.

O

O'Donnell, Adam J., " The Evolutionary Microcosm of Stock Spam," Jan./Feb., pp. 70–72.

Oppliger, Rolf, " Providing Certified Mail Services on the Internet," Jan./Feb., pp. 16–22.

Ortega, Brandi, " News Briefs," Nov./Dec., pp. 6–7.

Oshri, Ilan, Julia Kotlarsky, and Corey Hirsch, " An Information Security Strategy for Networkable Devices," Sep./Oct., pp. 50–56.

Osman, Hassan, see Caulkins, Jonathan.

Otto, Paul N., Annie I. Antón, and David L. Baumer, " The ChoicePoint Dilemma: How Data Brokers Should Handle the Privacy of Personal Information," Sep./Oct., pp. 15–23.

P

Palmer, Charles C., see Lawrence Pfleeger, Shari.

Parkinson, Andrew, see Baer, Walter S.

Pattabiraman, Karthik, see Iyer, Ravishankar K.

Peeters, Johan, and Paul Dyson, " Cost-Effective Security," May/June, pp. 85–87.

Peisert, Sean, and Matt Bishop, " I Am a Scientist, Not a Philosopher!," July/Aug., pp. 48–51.

Perrone, Luiz Felipe, " Could a Caveman Do It? The Surprising Potential of Simple Attacks," Nov./Dec., pp. 74–77.

Peterson, Gunnar, see Steven, John.

Peterson, Gunnar, see Nichols, Elizabeth A.

Peterson, Jon, see Morris, John.

Petratos, Pythagoras, " Weather, Information Security, and Markets," Nov./Dec., pp. 54–57.

Lawrence Pfleeger, Shari " Spooky Lessons," Sep./Oct., pp. 7.

Piazzalunga, Ugo, Paolo Salvaneschi, Francesco Balducci, Pablo Jacomuzzi, and Cristiano Moroncelli, " Security Strength Measurement for Dongle-Protected Software," Nov./Dec., pp. 32–40.

Polley, Vincent I., see Trope, Roland L.

Power, E. Michael, see Trope, Roland L.

Power, E. Michael, " Developing a Culture of Privacy: A Case Study," Nov./Dec., pp. 58–60.

Power, E. Michael, Jonathan Gilhen, and Roland L. Trope, " Setting Boundaries at Borders: Reconciling Laptop Searches and Privacy," Mar./Apr., pp. 72–75.

R

Rannenberg, Kai, see Bramhall, Pete.

Roessler, Thomas, see Bramhall, Pete.

Rosenblum, David, " What Anyone Can Know: The Privacy Risks of Social Networking Sites," May/June, pp. 40–49.

Ryan, Julie J.C.H., " Plagiarism, Graduate Education, and Information Security," Sep./Oct., pp. 62–65.

S

Salvaneschi, Paolo, see Piazzalunga, Ugo.

Sandhu, Ravi, see Ferraiolo, David.

Sasse, M. Angela, " Red-Eye Blink, Bendy Shuffle, and the Yuck Factor: A User Experience of Biometric Airport Systems," May/June, pp. 78–81.

Schneider, Fred B., " Technology Scapegoats and Policy Saviors," Sep./Oct., pp. 3–4.

Schneider, Fred B., " Trusted Computing in Context," Mar./Apr., pp. 4–5.

Schneier, Bruce, " The Death of the Security Industry," Nov./Dec., pp. 88.

Schneier, Bruce, " Nonsecurity Considerations in Security Decisions," May/June, pp. 88.

Seifert, Jean-Pierre, see Aciiçmez, Onur.

Skoudis, Ed, see Carpenter, Matthew.

Sobiesk, Edward, and Gregory Conti, " The Cost of Free Web Tools," May/June, pp. 66–68.

Solomon, Dianne, " Balancing Privacy and Risk in the E-Messaging World," Sep./Oct., pp. 72–75.

Squicciarini, Anna C., see Bhargav-Spantzel, Abhilasha.

Stamm, Sid, see Jakobsson, Markus.

Steinwandt, Rainer, see Geiselmann, Willi.

Steven, John, and Gunnar Peterson, " Metricon 2.0," Nov./Dec., pp. 81–83.

Stytz, Martin R., " What Are the Numbers?," Nov./Dec., pp. 12.

Stytz, Martin R., " Who Are the Experts, and What Have They Done for Us Lately?," Nov./Dec., pp. 78–80.

Swart, Richard S., and Robert F. Erbacher, " Educating Students to Create Trustworthy Systems," May/June, pp. 58–61.

Syverson, Paul, see Dingledine, Roger.

T

Tande, Knut M., see Hole, Kjell J.

Taylor, Stephen, see Gagnon, Michael N.

Theoharidou, Marianthi, and Dimitris Gritazalis, " Common Body of Knowledge for Information Security," Mar./Apr., pp. 64–67.

Trechter, Joseph E., see Mullins, Barry E.

Trope, Roland L., E. Michael Power, Vincent I. Polley, and Bradford C. Morley, " A Coherent Strategy for Data Security through Data Governance," May/June, pp. 32–39.

Trope, Roland L., see Lawrence Pfleeger, Shari.

Trope, Roland L., see Power, E. Michael.

Tsang, Patrick P., " When Cryptographers Turn Lead into Gold," Mar./Apr., pp. 76–79.

V

Vail, Matthew W., see Antón, Annie I.

Vassilev, Apostol T., Bertrand du Castel, and Asad M. Ali, " Personal Brokerage of Web Service Access," Sep./Oct., pp. 24–31.

Vaudenay, Serge, " E-Passport Threats," Nov./Dec., pp. 61–64.

W

Wallace, Linda, see Baker, Wade H.

Webber, Michael, see Lawrence Pfleeger, Shari.

Willems, Carsten, Thorsten Holz, and Felix Freiling, " Toward Automated Dynamic Malware Analysis Using CWSandbox," Mar./Apr., pp. 32–39.

Winstead, Joel, see Gupta, Suvajit.

Woody, Carol, and Christopher Alberts, " Considering Operational Security Risk during System Development," Jan./Feb., pp. 30–35.

Z

Zanero, Stefano, see Carettoni, Luca.

Subject Index

A
Attack Trends

" The Contemporary Software Security Landscape," David Ahmad, May/June, pp. 75–77.

" The Evolutionary Microcosm of Stock Spam," Adam J. O'Donnell, Jan./Feb., pp. 70–72.

" Ghost in the Virtual Machine," Iván Arce, July/Aug., pp. 68–71.

" Online Games and Security," Gary McGraw, and Greg Hoglund, Sep./Oct., pp. 76–79.

" Vulnerability Bazaar," David McKinney, Nov./Dec., pp. 69–73.

B
Basic Training

" Balancing Privacy and Risk in the E-Messaging World," Dianne Solomon, Sep./Oct., pp. 72–75.

" Building Privacy into Software Products and Services," Tina R. Knutson, May/June, pp. 72–74.

" How Not to Be Seen," Richard Ford, and William H. Allen, Jan./Feb., pp. 67–69.

" How Not to Be Seen II: The Defenders Fight Back," Richard Ford, and William H. Allen, Nov./Dec., pp. 65–68.

" Mixing Wheat with the Chaff: Creating Useful Test Data for IDS Evaluation," William H. Allen, July/Aug., pp. 65–67.

Book Reviews

" Software Security: State of the Art," Ross Anderson, Jan./Feb., pp. 8.

" Spooky Lessons," Shari Lawrence Pfleeger, Sep./Oct., pp. 7.

" What Are the Numbers?," Martin R. Stytz, Nov./Dec., pp. 12.

Building Security In

" Cost-Effective Security," Johan Peeters, and Paul Dyson, May/June, pp. 85–87.

" Handling Multiple Credentials in a Heterogeneous SOA Environment," Fred Dushin, and Eric Newcomer, Sep./Oct., pp. 80–82.

" Metricon 2.0," John Steven, and Gunnar Peterson, Nov./Dec., pp. 81–83.

" A Metrics Framework to Drive Application Security Improvement," Elizabeth A. Nichols, and Gunnar Peterson, Mar./Apr., pp. 88–91.

" Using Attack Graphs to Design Systems," Suvajit Gupta, and Joel Winstead, July/Aug., pp. 80–83.

C
Certified Mail

" Providing Certified Mail Services on the Internet," Rolf Oppliger, Jan./Feb., pp. 16–22.

Clear Text

" The Death of the Security Industry," Bruce Schneier, Nov./Dec., pp. 88.

" DRM, Complexity, and Correctness," Steve Bellovin, Jan./Feb., pp. 80.

" The End of Black and White," Daniel E. Geer, July/Aug., pp. 88.

" Nonsecurity Considerations in Security Decisions," Bruce Schneier, May/June, pp. 88.

" Seers and Craftspeople," Steve Bellovin, Sep./Oct., pp. 88.

Crypto Corner

" Authentication without Identification," Anna Lysyanskaya, May/June, pp. 69–71.

" E-Passport Threats," Serge Vaudenay, Nov./Dec., pp. 61–64.

" Micro-Architectural Cryptanalysis," Onur Aciiçmez, Jean-Pierre Seifert, and Çetin Kaya Koç, July/Aug., pp. 62–64.

" Special-Purpose Hardware in Cryptanalysis: The Case of 1,024-Bit RSA," Willi Geiselmann, and Rainer Steinwandt, Jan./Feb., pp. 63–66.

" Trust on a Nationwide Scale," Vanessa Gratzer, and David Naccache, Sep./Oct., pp. 69–71.

" When Cryptographers Turn Lead into Gold," Patrick P. Tsang, Mar./Apr., pp. 76–79.

Cryptography

" Encryption: Security Considerations for Portable Media Devices," Faith M. Heikkila, July/Aug., pp. 22–27.

" MEMS-Assisted Cryptography for CPI Protection," Jennifer English, David Coe, Rhonda Gaede, David Hyde, and Jeffrey Kulick, July/Aug., pp. 14–21.

D
Data Breaches

" The ChoicePoint Dilemma: How Data Brokers Should Handle the Privacy of Personal Information," Paul N. Otto, Annie I. Antón, and David L. Baumer, Sep./Oct., pp. 15–23.

Digital Protection

" The New Front Line: Estonia under Cyberassault," Michael Lesk, July/Aug., pp. 76–79.

" Providing Web Service Security in a Federated Environment," Lori DeLooze, Jan./Feb., pp. 73–75.

" Software Protection through Anti-Debugging," Michael N. Gagnon, Stephen Taylor, and Anup K. Ghosh, May/June, pp. 82–84.

" South Korea's Way to the Future," Michael Lesk, Mar./Apr., pp. 85–87.

" Who Are the Experts, and What Have They Done for Us Lately?," Martin R. Stytz, Nov./Dec., pp. 78–80.

E
Education

" About Penetration Testing," Matt Bishop, Nov./Dec., pp. 84–87.

" Achieving Learning Objectives through E-Voting Case Studies," Matt Bishop, and Deborah A. Frincke, Jan./Feb., pp. 53–56.

" Common Body of Knowledge for Information Security," Marianthi Theoharidou, and Dimitris Gritazalis, Mar./Apr., pp. 64–67.

" Educating Students to Create Trustworthy Systems," Richard S. Swart, and Robert F. Erbacher, May/June, pp. 58–61.

" I Am a Scientist, Not a Philosopher!," Sean Peisert, and Matt Bishop, July/Aug., pp. 48–51.

" Plagiarism, Graduate Education, and Information Security," Julie J.C.H. Ryan, Sep./Oct., pp. 62–65.

Emerging Standards

" Deploying Low-Latency Anonymity: Design Challenges and Social Factors," Roger Dingledine, Nick Mathewson, and Paul Syverson, Sep./Oct., pp. 83–87.

" Infrastructure Standards for Smart ID Card Deployment," Ramaswamy Chandramouli, and Philip Lee, Mar./Apr., pp. 92–96.

" RBAC Standard Rationale: Comments on 'A Critique of the ANSI Standard on Role-Based Access Control'," David Ferraiolo, Nov./Dec., pp. 51–53.

" User-Centric Identity Management: New Trends in Standardization and Regulation," Pete Bramhall, Marit Hansen, Kai Rannenberg, and Thomas Roessler, July/Aug., pp. 84–87.

" Who's Watching You Now?," John Morris, and Jon Peterson, Jan./Feb., pp. 76–79.

F
From the Editors

" Cyberassault on Estonia," Marc Donner, July/Aug., pp. 4–5.

" Food for Thought: Improving the Market for Assurance," Carl E. Landwehr, May/June, pp. 3–4.

" New Challenges for the New Year," Carl E. Landwehr, Jan./Feb., pp. 3–4.

" Revolution through Competition?," Carl E. Landwehr, Nov./Dec., pp. 3–4.

" Technology Scapegoats and Policy Saviors," Fred B. Schneider, Sep./Oct., pp. 3–4.

" Trusted Computing in Context," Fred Schneider, Mar./Apr., pp. 4–5.

H
Healthcare Legislation

" HIPAA's Effect on Web Site Privacy Policies," Annie I. Antón, Julia B. Eart, Matthew W. Vail, Neha Jain, Carrie M. Gheen, and Jack M. Frink, Jan./Feb., pp. 45–52.

Honeynets

" Improving Mobile Core Network Security with Honeynets," Christos K. Dimitriadis, July/Aug., pp. 40–47.

I
Identity Management

" Personal Brokerage of Web Service Access," Apostol T. Vassilev, Bertrand du Castel, and Asad M. Ali, Sep./Oct., pp. 24–31.

" Trust Negotiation in Identity Management," Abhilasha Bhargav-Spantzel, Anna C. Squicciarini, and Elisa Bertino, Mar./Apr., pp. 55–63.

Information Security

" An Information Security Strategy for Networkable Devices," Ilan Oshri, Julia Kotlarsky, and Corey Hirsch, Sep./Oct., pp. 50–56.

" Is Information Security Under Control?: Investigating Quality in Information Security Management," Wade H. Baker, and Linda Wallace, Jan./Feb., pp. 36–44.

" How the Cyber Defense Exercise Shaped an Information-Assurance Curriculum," Barry E. Mullins, Timothy H. Lacey, Robert F. Mills, Joseph E. Trechter, and Samuel D. Bass, Sep./Oct., pp. 40–49.

Interview

" Silver Bullet Talks with Annie Antón," Gary McGraw, Sep./Oct., pp. 8–11.

" Silver Bullet Talks with Becky Bace," Gary McGraw, May/June, pp. 6–9.

" Silver Bullet Speaks with Dorothy Denning," Gary McGraw, Mar./Apr., pp. 11–14.

" Silver Bullet Speaks with John Stewart," Gary McGraw, Jan./Feb., pp. 9–11.

" Silver Bullet Talks with Mikko Hyppönen," Gary McGraw, Nov./Dec., pp. 8–11.

" Silver Bullet Talks with Ross Anderson," Gary McGraw, and Ross Anderson, July/Aug., pp. 10–13.

M
Malware

" Alien vs. Quine," Vanessa Gratzer, and David Naccache, Mar./Apr., pp. 26–31.

" Code Normalization for Self-Mutating Malware," Danilo Bruschi, Lorenzo Martignoni, and Mattia Monga, Mar./Apr., pp. 46–54.

" Studying Bluetooth Malware Propagation: The BlueBag Project," Luca Carettoni, Claudio Merloni, and Stefano Zanero, Mar./Apr., pp. 17–25.

" A Surprise Party (on Your Computer)?," Iván Arce, Mar./Apr., pp. 15–16.

" Toward Automated Dynamic Malware Analysis Using CWSandbox," Carsten Willems, Thorsten Holz, and Felix Freiling, Mar./Apr., pp. 32–39.

" Using Entropy Analysis to Find Encrypted and Packed Malware," Robert Lyda, and James Hamrock, Mar./Apr., pp. 40–45.

Managing Organizational Security

" A Coherent Strategy for Data Security through Data Governance," Roland L. Trope, E. Michael Power, Vincent I. Polley, and Bradford C. Morley, May/June, pp. 32–39.

" Cyberinsurance in IT Security Management," Walter S. Baer, and Andrew Parkinson, May/June, pp. 50–56.

" Embedding Information Security into the Organization," M. Eric Johnson, and Eric Goetz, May/June, pp. 16–24.

" Guest Editors' Introduction: Managing Organizational Security," Shari Lawrence Pfleeger, Roland L. Trope, and Charles C. Palmer, May/June, pp. 13–15.

" I'll Buy That! Cybersecurity in the Internet Marketplace," Shari Lawrence Pfleeger, Martin Libicki, and Michael Webber, May/June, pp. 25–31.

" What Anyone Can Know: The Privacy Risks of Social Networking Sites," David Rosenblum, May/June, pp. 40–49.

Measuring Security

" Security Strength Measurement for Dongle-Protected Software," Ugo Piazzalunga, Paolo Salvaneschi, Francesco Balducci, Pablo Jacomuzzi, and Cristiano Moroncelli, Nov./Dec., pp. 32–40.

N
News Briefs

" News Briefs," Brandi Ortega, Jan./Feb., pp. 12–15.

" News Briefs," Brandi Ortega, Mar./Apr., pp. 7–10.

" News Briefs," Brandi Ortega, May/June, pp. 10–12.

" News Briefs," Brandi Ortega, July/Aug., pp. 6–9.

" News Briefs," Brandi Ortega, Sep./Oct., pp. 12–14.

" News Briefs," Brandi Ortega, Nov./Dec., pp. 6–7.

O
On the Horizon

" Containing the Ultimate Trojan Horse," Michael Franz, July/Aug., pp. 52–56.

" Hiding Virtualization from Attackers and Malware," Matthew Carpenter, Tom Liston, and Ed Skoudis, May/June, pp. 62–65.

" Secure Communication without Encryption?," Keye Martin, Mar./Apr., pp. 68–71.

" Toward Application-Aware Security and Reliability," Ravishankar K. Iyer, Zbigniew Kalbarczyk, Karthik Pattabiraman, William Healey, Wen-Mei W. Hwu, Peter Klemperer, and Reza Farivar, Jan./Feb., pp. 57–62.

" Weather, Information Security, and Markets," Pythagoras Petratos, Nov./Dec., pp. 54–57.

Operational Security

" Considering Operational Security Risk during System Development," Carol Woody, and Christopher Alberts, Jan./Feb., pp. 30–35.

P
Privacy Interests

" The Canadian Response to the USA Patriot Act," David Fraser, Sep./Oct., pp. 66–68.

" The Cost of Free Web Tools," Edward Sobiesk, and Gregory Conti, May/June, pp. 66–68.

" Data Sharing across the Atlantic," Sophie In 't Veld, July/Aug., pp. 58–61.

" Developing a Culture of Privacy: A Case Study," E. Michael Power, Nov./Dec., pp. 58–60.

" Setting Boundaries at Borders: Reconciling Laptop Searches and Privacy," E. Michael Power, Jonathan Gilhen, and Roland L. Trope, Mar./Apr., pp. 72–75.

S
Secure Systems

" A Case (Study) For Usability in Secure Email Communication," Apu Kapadia, Mar./Apr., pp. 80–84.

" Could a Caveman Do It? The Surprising Potential of Simple Attacks," Luiz Felipe Perrone, Nov./Dec., pp. 74–77.

" Red-Eye Blink, Bendy Shuffle, and the Yuck Factor: A User Experience of Biometric Airport Systems," M. Angela Sasse, May/June, pp. 78–81.

" What Hackers Learn that the Rest of Us Don't: Notes on Hacker Curriculum," Surgey Bratus, July/Aug., pp. 72–75.

Software Engineering

" Estimating Software Vulnerabilities," Jeffrey R. Jones, July/Aug., pp. 28–32.

" Optimizing Investments in Security Countermeasures: A Practical Tool for Fixed Budgets," Jonathan Caulkins, Eric D. Hough, Nancy R. Mead, and Hassan Osman, Sep./Oct., pp. 57–60.

Spam Filtering

" Spam Filtering With Dynamically Updated URL Statistics," Jangbok Kim, Kihyun Chung, and Kyunghee Choi, July/Aug., pp. 33–39.

Standards

" A Critique of the ANSI Standard on Role-Based Access Control," Ninghui Li, Ji-Won Byun, and Elisa Bertino, Nov./Dec., pp. 41–49.

Steganographics

" Unicode Steganographic Exploits: Maintaining Enterprise Border Security," Frank J. Mabry, John R. James, and Aaron J. Ferguson, Sep./Oct., pp. 32–39.

U
User Authentication

" Lessons from the Norwegian ATM System," Kjell J. Hole, Vebjørn MoenAndré N. Klingsheimand Knut M. Tande, Nov./Dec., pp. 25–31.

W
Web Camouflage

" Web Camouflage: Protecting Your Clients from Browser-Sniffing Attacks," Markus Jakobsson, and Sid Stamm, Nov./Dec., pp. 16–24.

Wireless Networks

" Dependability in Wireless Networks: Can We Rely on WiFi?," Marco Domenico Aime, Giorgio Calandriello, and Antonio Lioy, Jan./Feb., pp. 23–29.

5 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool