Search For:

Displaying 1-13 out of 13 total
Fifteen Years after TX: A Look Back at High Assurance Multi-Level Secure Windowing
Found in: Computer Security Applications Conference, Annual
By Jeremy Epstein
Issue Date:December 2006
pp. 301-320
Research in the late 1980s and early 1990s produced a prototype high assurance multi-level secure windowing system that allowed users to see information of multiple classifications on the same screen, performing cut & paste from low to high windows. Th...
 
Information Assurance Technology Forecast 2008
Found in: IEEE Security and Privacy
By Steven M. Bellovin, Terry V. Benzel, Bob Blakley, Dorothy E. Denning, Whitfield Diffie, Jeremy Epstein, Paulo Verissimo
Issue Date:January 2008
pp. 16-23
A virtual roundtable (featuring panelists Steven Bellovin, Terry Benzel, Bob Blakely, Dorothy Denning, Whitfield Diffie, Jeremy Epstein, and Paulo Verissimo) discussing the next 15 years in computer security.
 
Are all types of internet voting unsafe?
Found in: IEEE Security & Privacy
By Jeremy Epstein
Issue Date:May 2013
pp. 3-4
Everyone knows online voting comes with risks of tampering. How do public and private online elections differ, and do those differences alter the risks in any way?
 
Lost Treasures
Found in: IEEE Security & Privacy
By Dan Thomsen,Jeremy Epstein,Peter G. Neumann
Issue Date:November 2012
pp. 17-19
Is the computer security field really old enough to have lost treasures? Will a granite punch card with ancient Cobol contain some code fragment that produces a better firewall? Hardly. The computing environment changes so much and so radically that implem...
 
Can We Be Too Careful?
Found in: IEEE Security and Privacy
By Jeremy Epstein
Issue Date:March 2012
pp. 3-5
How can we know if a technology's risk or benefit is greater? From electronic voting machines to backscatter machines, our ever increasing technology is raising issues we must address.
 
Reflecting on Some Past Predictions
Found in: IEEE Security and Privacy
By Jeremy Epstein
Issue Date:March 2012
pp. 7-10
Are computer security experts good futurists? This article examines some of the predictions from 2002 from practitioners, researchers, and corporate managers, and then assesses how well they did at guessing the state of security in 2012.
 
A Survey of Vendor Software Assurance Practices
Found in: Computer Security Applications Conference, Annual
By Jeremy Epstein
Issue Date:December 2009
pp. 528-537
Books and articles frequently exhort developers to build secure software by designing security in. A few large companies (most notably Microsoft) have completely reengineered their development process to include a focus on security. However, for all except...
 
Security Lessons Learned from Soci?t? G?n?rale
Found in: IEEE Security and Privacy
By Jeremy Epstein
Issue Date:May 2008
pp. 80-82
The huge trading losses in 2007 and 2008 at Société Générale were caused by insider Jerome Kerviel's unauthorized actions. We can learn many lessons about the technological aspects of security from this insider attack, as well as some that we might hope to...
 
Electronic Voting
Found in: Computer
By Jeremy Epstein
Issue Date:August 2007
pp. 92-95
Computer scientists have a key role to play in ensuring that election systems meet often conflicting requirements.
 
Why Applying Standards to Web Services Is Not Enough
Found in: IEEE Security and Privacy
By John Viega, Jeremy Epstein
Issue Date:July 2006
pp. 25-31
Properly designing and securing your Web services application is important, and it's not just a matter of using security standards. Developers must understand both the limitations and drawbacks to security standards in order to fully secure their Web servi...
 
Software Security and SOA: Danger, Will Robinson!
Found in: IEEE Security and Privacy
By Jeremy Epstein, Scott Matsumoto, Gary McGraw
Issue Date:January 2006
pp. 80-83
The current buzzword of choice among the technical elite (at least those subject to marketing departments) is service-oriented architecture, or SOA (pronounced
 
Phishing Our Employees
Found in: IEEE Security & Privacy
By Jeremy Epstein
Issue Date:May 2014
pp. 3-4
nullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnull...
   
NetWare 4 as an example of role-based access control
Found in: Proceedings of the first ACM Workshop on Role-based access control (RBAC '95)
By Jeremy Epstein, Ravi Sandhu
Issue Date:November 1995
pp. 18-es
The Edee architecture provides a mechanism for explicitly and uniformly capturing business occurrences, and provisions of contracts, policies, and law. Edee is able to reason about the interactions of intra-, inter-, and extra-organizational policy, and ex...
     
 1