Search For:

Displaying 1-50 out of 113 total
Reflections on the 30th Anniversary of the IEEE Symposium on Security and Privacy
Found in: 2010 IEEE Symposium on Security and Privacy (SP)
By Peter G. Neumann,Matt Bishop,Sean Peisert,Marv Schaefer
Issue Date:May 2010
pp. 3-13
This article is a retrospective of concepts and people who have contributed significantly to the IEEE Symposium on Security and Privacy over the past 30 years. The authors identify many individuals who have contributed to SSP as program chairs, general cha...
 
Certitude and Rectitude
Found in: Requirements Engineering, IEEE International Conference on
By Peter G. Neumann
Issue Date:June 2000
pp. 153
Certitude: the state of being or feeling certain; Rectitude: correctness of judgment or procedure. There is a fundamental difference between certification (which is intended to give you the feeling that someone or something is doing the right thing) and co...
 
Lost Treasures
Found in: IEEE Security & Privacy
By Dan Thomsen,Jeremy Epstein,Peter G. Neumann
Issue Date:November 2012
pp. 17-19
Is the computer security field really old enough to have lost treasures? Will a granite punch card with ancient Cobol contain some code fragment that produces a better firewall? Hardly. The computing environment changes so much and so radically that implem...
 
The IEEE Symposium on Security and Privacy Is Moving to San Francisco
Found in: IEEE Security and Privacy
By Peter G. Neumann,Ulf Lindqvist
Issue Date:March 2012
pp. 65-66
The authors discuss the IEEE Symposium on Security and Privacy, which because of its growing popularity, is moving to a larger venue this year.
 
Requirements-Related Risks in Critical Systems
Found in: Requirements Engineering, IEEE International Conference on
By Peter G. Neumann
Issue Date:June 2000
pp. 3
This talk considers some of the roles that requirements engineering plays in computer system development, with particular emphasis on systems with critical requirements such as security, reliability, safety, and survivability. The RISKS archives are litter...
   
Computer system - Security evaluation
Found in: Managing Requirements Knowledge, International Workshop on
By Peter G. Neumann
Issue Date:June 1978
pp. 1087
No summary available.
   
Views for Multilevel Database Security
Found in: Security and Privacy, IEEE Symposium on
By Dorothy E. Denning, Selim G. Akl, Matthew Morgenstern, Peter G Neumann, Roger R. Schell, Mark Heckman
Issue Date:April 1986
pp. 156
Because views on relational database systems mathematically define arbitrary sets of stored and derived data, they have been proposed as a way of handling context- and contenbdependent classification, dynamic classification, inference, aggregation, and san...
 
Computer-Related Risk Futures
Found in: Computer Security Applications Conference, Annual
By Peter G. Neumann
Issue Date:December 2009
pp. 35-40
This paper reflects on many risks in the development and use of computer-related systems. It considers past and future alternatives, suggests some remedial approaches, and offers a few broad conclusions. Various long-touted common-sense approaches that are...
 
Risking Communications Security: Potential Hazards of the Protect America Act
Found in: IEEE Security and Privacy
By Steven M. Bellovin, Matt Blaze, Whitfield Diffie, Susan Landau, Peter G. Neumann, Jennifer Rexford
Issue Date:January 2008
pp. 24-33
A new US law allows warrantless wiretapping whenever one end of the communication is believed to be outside national borders. This creates serious security risks: danger of exploitation of the system by unauthorized users, danger of criminal misuse by trus...
 
Risks of neglecting infrastructure
Found in: Communications of the ACM
By Jim Horning, Peter G. Neumann, Peter G. Neumann
Issue Date:June 2008
pp. 101-104
Students must learn to accentuate the positive in order to eliminate the negative perceptions of career opportunities in IS.
     
Risks of Untrustworthiness
Found in: Computer Security Applications Conference, Annual
By Peter G. Neumann
Issue Date:December 2006
pp. 321-328
This paper revisits the risks of untrustworthiness, and considers some incidents involving computer-based systems that have failed to live up to what had been expected of them. The risks relate to security, reliability, survivability, human safety, and oth...
 
PSOS Revisited
Found in: Computer Security Applications Conference, Annual
By Peter G. Neumann, Richard J. Feiertag
Issue Date:December 2003
pp. 208
This paper provides a retrospective view of the design of SRI's Provably Secure Operating System (PSOS), a formally specified tagged-capability hierarchical system architecture. It examines PSOS in the light of what has happened in computer system developm...
 
Robust Nonproprietary Software
Found in: Security and Privacy, IEEE Symposium on
By Peter G. Neumann
Issue Date:May 2000
pp. 0122
Our ultimate goal here is to be able to develop robust systems and applications that are capable of satisfying serious requirements, not merely for security but also for reliability, fault tolerance, human safety, and survivability in the face of a wide ra...
 
The CHERI capability model: Revisiting RISC in an age of risk
Found in: 2014 ACM/IEEE 41st International Symposium on Computer Architecture (ISCA)
By Jonathan Woodruff,Robert N. M. Watson,David Chisnall,Simon W. Moore,Jonathan Anderson,Brooks Davis,Ben Laurie,Peter G. Neumann,Robert Norton,Michael Roe
Issue Date:June 2014
pp. 457-468
Motivated by contemporary security challenges, we reevaluate and refine capability-based addressing for the RISC era. We present CHERI, a hybrid capability model that extends the 64-bit MIPS ISA with byte-granularity memory protection. We demonstrate that ...
   
The IEEE Symposium on Security and Privacy, in Retrospect
Found in: IEEE Security & Privacy
By Peter G. Neumann,Sean Peisert,Marvin Schaefer
Issue Date:May 2014
pp. 15-17
nullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnull...
 
Achieving Principled Assuredly Trustworthy Composable Systems and Networks
Found in: DARPA Information Survivability Conference and Exposition,
By Peter G. Neumann
Issue Date:April 2003
pp. 182
Huge challenges exist with systems and networks that must dependably satisfy stringent requirements for security, reliability, and other attributes of trustworthiness. Drawing on what we have learned over the past decades, our CHATs project seeks to establ...
 
W(h)ither research and education?
Found in: Communications of the ACM
By Peter G. Neumann, Peter J. Denning
Issue Date:January 1988
pp. 154
The online Risks Forum has long been a hotbed for discussions of the relative merits of openness relating to the dissemination of knowledge about security vulnerabilities. The debate has now been rekindled, and is summarized here.
     
More sight on foresight
Found in: Communications of the ACM
By Peter G. Neumann
Issue Date:February 2013
pp. 23-25
Reflecting on elections, natural disasters, and the future.
     
The foresight saga, redux
Found in: Communications of the ACM
By Peter G. Neumann
Issue Date:October 2012
pp. 26-29
Short-term thinking is the enemy of the long-term future.
     
Inside risksU.S. election after-math
Found in: Communications of the ACM
By Peter G. Neumann
Issue Date:February 2009
pp. 101-104
Recounting problems still associated with election integrity, transparency, and accountability.
     
Reflections on computer-related risks
Found in: Communications of the ACM
By Peter G. Neumann
Issue Date:January 2008
pp. 95-100
Tracing the history of exposing and elucidating the wide variety of system problems and associated social implications of uses and misuses of computing technology.
     
Widespread network failures
Found in: Communications of the ACM
By Peter G. Neumann
Issue Date:February 2007
pp. 112
Approaching IT security as an engineering and management problem.
     
System and network trustworthiness in perspective
Found in: Proceedings of the 13th ACM conference on Computer and communications security (CCS '06)
By Peter G. Neumann
Issue Date:October 2006
pp. 1-5
Characteristic problem areas experienced in the past are considered here, as well as some of the challenges that must be confronted in trying to achieve greater trustworthiness in computer systems and networks and in the overall environments in which they ...
     
The ultra challenge: software systems beyond big
Found in: Companion to the 21st ACM SIGPLAN conference on Object-oriented programming languages, systems, and applications (OOPSLA '06)
By Douglas Schmidt, Gregor Kiczales, Kevin Sullivan, Linda Northrop, Martin Rinard, Peter G. Neumann, Ricardo Lopez, Steven Fraser
Issue Date:October 2006
pp. 929-933
How can the ultra large systems (ULS) of the future be built if they will have the complexity of trillions of lines of code, maintain continuous 24x7 operations with no downtime, and live in a hostile environment with unpredictably changing requirements? T...
     
The foresight saga
Found in: Communications of the ACM
By Peter G. Neumann
Issue Date:September 2006
pp. 112
Dealing with the demands of escalating paper submissions is a daunting challenge for conference organizers and program chairs. ACM and IEEE have joined forces to create a forum for sharing ideas on the best ways to handle it all.
     
Risks of RFID
Found in: Communications of the ACM
By Lauren Weinstein, Peter G. Neumann
Issue Date:May 2006
pp. 136
A traditional style of software development can be just as productive as a more modern approach.
     
Trustworthy systems revisited
Found in: Communications of the ACM
By Peter G. Neumann
Issue Date:February 2006
pp. 152
The ACM Job Migration study was released last month, and it includes many recommendations for current and future computing professionals and educators.
     
Responsibilities of technologists
Found in: Communications of the ACM
By Peter G. Neumann
Issue Date:February 2005
pp. 128
It is imperative that online government services appreciate the navigational needs of an ever-growing segment of their constituency.
     
Introduction
Found in: Communications of the ACM
By Peter G. Neumann
Issue Date:October 2004
pp. 28-30
Considering the often overlapping perspectives in the software development realm.
     
The big picture
Found in: Communications of the ACM
By Peter G. Neumann
Issue Date:September 2004
pp. 112
In this column we provide a high-level overview of some of the most pressing problem areas associated with risks to the constructive use of information technology. Although this may seem repetitive to those of you who have seen particular problems discusse...
     
ICANN in Year 3
Found in: Proceedings of the 12th annual conference on Computers, freedom and privacy (CFP '02)
By Alan Davidson, Karl Auerbach, Peter G. Neumann, Susan Crawford
Issue Date:April 2002
pp. 10
ICANN was created 3 years ago as a unique experiment in Internetself-governance. Could a private, non-government, globalorganization coordinate critical Internet naming and numberingfunctions in a legitimate way? Increasingly, critics complain thatICANN ha...
     
Plenary Session #5: how to hack an election
Found in: Proceedings of the 12th annual conference on Computers, freedom and privacy (CFP '02)
By Andy Neff, Ernie Hawkins, Jason Dearen, Joe Taggard, Kim Alexander, Peter G. Neumann
Issue Date:April 2002
pp. 6
Free and fair elections are the foundation of democracy.Computers will revolutionize the way we vote. This panel willexamine the challenges that are introduced when people usecomputers or the Internet to vote, and whether adequate solutionsexist to meet th...
     
Risks in our information infrastructures
Found in: Ubiquity
By Peter G. Neumann
Issue Date:May 2000
pp. 1-es
Reputation in online economic systems is typically quantified using counters that specify positive and negative feedback from past transactions and/or some form of transaction network analysis that aims to quantify the likelihood that a network user will c...
     
Machanizing proof: computing, risk, and trust
Found in: Ubiquity
By Peter G. Neumann
Issue Date:February 2000
pp. 2
The Security Process Algebra (SPA) is a CCS-like specification languag e where actions belong to two different levels of confidentiality. It has been used to define several noninterference-like security properties whose verification has been automated by t...
     
Certitude and rectitude
Found in: Ubiquity
By Peter G. Neumann
Issue Date:February 2000
pp. 1-es
The Security Process Algebra (SPA) is a CCS-like specification languag e where actions belong to two different levels of confidentiality. It has been used to define several noninterference-like security properties whose verification has been automated by t...
     
Risks in our information infrastructures
Found in: Ubiquity
By Peter G. Neumann
Issue Date:February 2000
pp. 1-es
The Security Process Algebra (SPA) is a CCS-like specification languag e where actions belong to two different levels of confidentiality. It has been used to define several noninterference-like security properties whose verification has been automated by t...
     
Risks, responsibilities, and the future (abstract): walking the tightwire
Found in: Proceedings of the 1995 ACM 23rd annual conference on Computer science (CSC '95)
By Peter G. Neumann
Issue Date:February 1995
pp. 257
Can having a mentor influence the likelihood that a woman will succeed in establishing a career in computer science? A number of studies and reports suggest that an effective mentoring relationship can, indeed, make a difference in attracting women to acad...
     
The not-so-accidental holist
Found in: Communications of the ACM
By Peter G. Neumann
Issue Date:January 1988
pp. 122
We consider here the importance of an overall systems viewpoint in avoiding computer-related risks. According to Webster's, a system is a regularly interacting or interdependent group of items forming a unified whole. In computer systems, one person's comp...
     
Inside risks: some reflections on a telephone switching problem
Found in: Communications of the ACM
By Peter G. Neumann
Issue Date:January 1988
pp. 154-154
The object subclass hierarchy is a useful way of modeling property and behavior inheritance. It can be implemented on a relational DBMS using views.
     
Inside risks: insecurity about security?
Found in: Communications of the ACM
By Peter G. Neumann
Issue Date:January 1988
pp. 170-170
Background A few highly visible cases of computer system exploitations have raised general awareness of existing vulnerabilities and the considerable risks they entail.
     
E-epistemology and misinformation
Found in: Communications of the ACM
By Peter G. Neumann
Issue Date:January 1988
pp. 104
Techniques for choosing seeds for social and scientific applications of random number generators.
     
Gambling on system accountability
Found in: Communications of the ACM
By Peter G. Neumann
Issue Date:January 1988
pp. 120
Its potential sounds so appealing, but there are several challenges to overcome before true ubiquitous computing will garner global acceptance.
     
Risks of National Identity Cards
Found in: Communications of the ACM
By Lauren Weinstein, Peter G. Neumann
Issue Date:January 1988
pp. 176
Case study findings from several corporate environments suggest that successful virtualization does not depend on the degree of technological sophistication. It's how the tools are used that matters.
     
Inside Risks: Risks of panic
Found in: Communications of the ACM
By Lauren Weinstein, Peter G. Neumann
Issue Date:January 1988
pp. 152
The online Risks Forum has long been a hotbed for discussions of the relative merits of openness relating to the dissemination of knowledge about security vulnerabilities. The debate has now been rekindled, and is summarized here.
     
Inside risks: computers: boon or bane?
Found in: Communications of the ACM
By David L. Parnas, Peter G. Neumann
Issue Date:January 1988
pp. 168
Case study findings from several corporate environments suggest that successful virtualization does not depend on the degree of technological sophistication. It's how the tools are used that matters.
     
Inside risks: what to know about
Found in: Communications of the ACM
By Peter G. Neumann
Issue Date:January 1988
pp. 136
Case study findings from several corporate environments suggest that successful virtualization does not depend on the degree of technological sophistication. It's how the tools are used that matters.
     
Inside risks: system integrity revisited
Found in: Communications of the ACM
By Peter G. Neumann, Rebecca T. Mercuri
Issue Date:January 1988
pp. 160
The online Risks Forum has long been a hotbed for discussions of the relative merits of openness relating to the dissemination of knowledge about security vulnerabilities. The debate has now been rekindled, and is summarized here.
     
Inside Risks: Missile defense
Found in: Communications of the ACM
By Peter G. Neumann
Issue Date:January 1988
pp. 128
The online Risks Forum has long been a hotbed for discussions of the relative merits of openness relating to the dissemination of knowledge about security vulnerabilities. The debate has now been rekindled, and is summarized here.
     
Inside risks: risks in retrospect
Found in: Communications of the ACM
By Peter G. Neumann
Issue Date:January 1988
pp. 144
The online Risks Forum has long been a hotbed for discussions of the relative merits of openness relating to the dissemination of knowledge about security vulnerabilities. The debate has now been rekindled, and is summarized here.
     
Inside risks: Internet risks
Found in: Communications of the ACM
By Lauren Weinstein, Peter G. Neumann
Issue Date:January 1988
pp. 144
The online Risks Forum has long been a hotbed for discussions of the relative merits of openness relating to the dissemination of knowledge about security vulnerabilities. The debate has now been rekindled, and is summarized here.
     
 1  2 Next >>