CSDL - Proceedings A

Conference Committee (PDF)

pp. xii

Program and Tutorial Committee (PDF)

pp. xiv

Reviewers (PDF)

pp. xv

Speaker Biographies (PDF)

pp. xvi

Distinguished Lecture

How to Cheat at the Lottery (or, Massively Parallel Requirements Engineering) (Abstract)

Ross Anderson, University of Cambridge

pp. 1

PDF

Track A: Electronic Commerce

Modular Fair Exchange Protocols for Electronic Commerce (Abstract)

Holger Vogt, Darmstadt University of Technology

Henning Pagnia, Darmstadt University of Technology

Felix C. Gärtner, Darmstadt University of Technology

pp. 3

PDF

Trustworthy Access Control with Untrustworthy Web Servers (Abstract)

Tim Wilkinson, Defense Evaluation and Research Agency

Dave Hearn, Defense Evaluation and Research Agency

Simon Wiseman, Defense Evaluation and Research Agency

pp. 12

PDF

A Language for Modeling Secure Business Transactions (Abstract)

Alexander W. Roehm, University of Essen

Gaby Herrmann, University of Essen

Guenther Pernul, University of Essen

pp. 22

PDF

Track B: System Engineering

Safe Areas of Computation for Secure Computing with Insecure Applications (Abstract)

André L.M. dos Santos, University of California at Santa Barbara

Richard A. Kemmerer, University of California at Santa Barbara

pp. 35

PDF

Architecture and Concepts of the ARGuE Guard (Abstract)

Jeremy Epstein, NAI Labs

pp. 45

PDF

Using Abuse Case Models for Security Requirements Analysis (Abstract)

John McDermott, James Madison University

Chris Fox, James Madison University

pp. 55

PDF

Track A: Networks

A Parallel Packet Screen for High Speed Networks (Abstract)

Carsten Benecke, University of Hamburg

pp. 67

PDF

An Asynchronous Distributed Access Control Architecture for IP over ATM Networks (Abstract)

Olivier Paul, ENST de Bretagne

Maryline Laurent, ENST de Bretagne

Sylvain Gombault, ENST de Bretagne

pp. 75

PDF

Secure Communications in ATM Networks (Abstract)

Maryline Laurent, IRISA

Ahmed Bouabdallah, ENST de Bretagne

Christophe Delahaye, ENST de Bretagne

Herbert Leitold, IAIK

Reinhard Posch, IAIK

Enrique Areizaga, Fundacion Robotiker

Juàn Manuel Mateos, Inelcom Ingeniera

pp. 84

PDF

Track A: Security Analysis

Using Checkable Types in Automatic Protocol Analysis (Abstract)

Stephen H. Brackin, Arca Systems / Exodus Communications

pp. 99

PDF

SCR: A Practical Approach to Building a High Assurance COMSEC Syste (Abstract)

James Kirby Jr, Naval Research Laboratory

Myla Archer, Naval Research Laboratory

Constance Heitmeyer, Naval Research Laboratory

pp. 109

PDF

Application-Level Isolation Using Data Inconsistency Detection (Abstract)

Amgad Fayad, The MITRE Corporation

Sushil Jajodia, The MITRE Corporation

Catherine D. McCollum, The MITRE Corporation

pp. 119

PDF

Track B: Workflow

A Prototype Secure Workflow Server (Abstract)

Douglas L. Long, Odyssey Research Associates

Julie Baker, Odyssey Research Associates

Francis Fung, Odyssey Research Associates

pp. 129

PDF

Napoleon: A Recipe for Workflow (Abstract)

C. Payne, Secure Computing Corporation

D. Thomsen, Secure Computing Corporation

J. Bogle, Secure Computing Corporation

R. O'Brien, Secure Computing Corporation

pp. 134

PDF

Tools to Support Secure Enterprise Computing (Abstract)

Myong H. Kang, Naval Research Laboratory

Brian J. Eppinger, Naval Research Laboratory

Judith N. Froscher, Naval Research Laboratory

pp. 143

PDF

Track A: Crypto

An Effective Defense Against First Party Attacks in Public-Key Algorithms (Abstract)

Stephen M. Matyas Jr, IBM Corporation

Allen Roginsky, IBM Corporation

pp. 155

PDF

Towards a Practical, Secure, and Very Large Scale Online Election (Abstract)

Jared Karro, University of North Carolina at Greensboro

Jie Wang, University of North Carolina at Greensboro

pp. 161

PDF

Design of LAN-Lock, A System for Securing Wireless Networks (Abstract)

Richard E. Newman, University of Florida

Mark V. Hoyt, University of Florida

Tim Swanson, University of Florida

Phillipe Broccard, Raytheon Systems Division

Mark Sanders, Raytheon Systems Division

Joe Winner, Raytheon Systems Division

pp. 170

PDF

Track A: Security Services

Toward a Taxonomy and Costing Method for Security Services (Abstract)

Cynthia Irvine, Naval Postgraduate School

Tim Levin, Anteon Corporation

pp. 183

PDF

TrustedBox: A Kernel-Level Integrity Checker (Abstract)

Pietro Iglio, Fondazione Ugo Bordoni

pp. 189

PDF

Adding Availability to Log Services of Untrusted Machines (Abstract)

Arianna Arona, Universit? degli Studi di Milano

Danilo Bruschi, Universit? degli Studi di Milano

Emilia Rosti, Universit? degli Studi di Milano

pp. 199

PDF

Track B: Security Policy

Policy-Based Management: Bridging the Gap (Abstract)

Susan Hinrichs, Cisco Systems

pp. 209

PDF

Security Policy Coordination for Heterogeneous Information Systems (Abstract)

John Hale, University of Tulsa

Pablo Galiasso, University of Tulsa

Mauricio Papa, University of Tulsa

Sujeet Shenoi, University of Tulsa

pp. 219

PDF

The ARBAC99 Model for Administration of Roles (Abstract)

Ravi Sandhu, George Mason University

Qamar Munawer, George Mason University

pp. 229

PDF

Track A: Public Key Infrastructures

A Distributed Certificate Management System (DCMS) Supporting Group-Based Access Controls (Abstract)

Rolf Oppliger, Swiss Federal Strategy Unit for Information Technology FSUIT

Andreas Greulich, Swiss Federal Strategy Unit for Information Technology FSUIT

Peter Trachsel, Swiss Federal Strategy Unit for Information Technology FSUIT

pp. 241

PDF

Fast Checking of Individual Certificate Revocation on Small Systems (Abstract)

Selwyn Russell, Queensland University of Technology

pp. 249

PDF

A Model of Certificate Revocation (Abstract)

David A. Cooper, National Institute of Standards and Technology

pp. 256

PDF

Track B: Forum

Information Security Education for the Next Millennium: Building the Next Generation of Practitioners (Abstract)

pp. 265

PDF

Generic Support for PKIX Certificate Management in CDSA (Abstract)

Shabnam Erfani, WatchGuard Technologies

Sekar Chandersekaran, Microsoft Corporation

pp. 269

PDF

Efficient Certificate Status Handling within PKIs: an Application to Public Administration Services (Abstract)

Marco Prandini, University of Bologna

pp. 276

PDF

Track B: Mobile Code

User Authentication and Authorization in the Java(tm) Platform (Abstract)

Charlie Lai, Sun Microsystems, Inc.

Li Gong, Sun Microsystems, Inc.

Larry Koved, International Business Machines, Inc.

Anthony Nadalin, International Business Machines, Inc.

Roland Schemers

pp. 285

PDF

Transactions in Java Card (Abstract)

Marcus Oestreicher, IBM Research Laboratory Zurich

pp. 291

PDF

Track A: Panel Session

Legal and Technical Responses to Protecting the U. S. Critical Infrastructures (Abstract)

pp. 299

PDF

Track B: Middleware

A Middleware Approach to Asynchronous and Backward Compatible Detection and Prevention of ARP Cache Poisoning (Abstract)

Mahesh V. Tripunitara, Purdue University

Partha Dutta, AT&T Labs

pp. 303

PDF

A Resource Access Decision Service for CORBA-Based Distributed Systems (Abstract)

Konstantin Beznosov, Baptist Health Systems of South Florida

Yi Deng, Florida International University

Bob Blakley, DASCOM

John Barkley, National Institute of Standards and Technology

pp. 310

PDF

Non-Repudiation Evidence Generation for CORBA Using XML (Abstract)

Michael Wichert, GMD - German National Research Center for Information Technology

David Ingham, Newcastle University

Steve Caughey, Newcastle University

pp. 320

PDF

Track A: Security Architectures

Security Relevancy Analysis on the Registry of Windows NT 4.0 (Abstract)

Wenliang Du, Purdue University

Aditya P. Mathur, Purdue University

Praerit Garg, Microsoft Corporation

pp. 331

PDF

Security Architecture Development and Results for a Distributed Modeling and Simulation System (Abstract)

Richard B. Neely, Science International Applications Corporation

pp. 341

PDF

SecurSight: An Architecture for Secure Information Access (Abstract)

John G. Brainard, RSA Laboratories

pp. 349

PDF

Track B: Intrusion Detection

SAM: Security Adaptation Manager (Abstract)

pp. 361

PDF

An Application of Machine Learning to Network Intrusion Detection (Abstract)

Chris Sinclair, University of Texas at Austin

Lyn Pierce, University of Texas at Austin

Sara Matzner, University of Texas at Austin

pp. 371

PDF

A Process State-Transition Analysis and its Application to Intrusion Detection (Abstract)

Nittida Nuansri, Prince of Songkla University

Samar Singh, La Trobe University

Tharam S. Dillon, La Trobe University

pp. 378

PDF

Author Index (PDF)

pp. 389