Search For:

Displaying 1-8 out of 8 total
Lessons from VAX/SVS for High-Assurance VM Systems
Found in: IEEE Security & Privacy
By Steve Lipner,Trent Jaeger,Mary Ellen Zurko
Issue Date:November 2012
pp. 26-35
The authors take a look back at VAX/SVS, a high-assurance virtual machine monitor (VMM) project from the 1980s, extracting its most pertinent lessons, including reference monitor architectural principles, approaches to verifiable and tamperproof access con...
Crossing the Great Divide: Transferring Security Technology from Research to the Market
Found in: IEEE Security & Privacy
By Terry V. Benzel,Steve Lipner
Issue Date:March 2013
pp. 12-13
The challenges of transferring cybersecurity technologies are varied and span a wide range from detailed technical issues to market, sales, and production issues. It often seems that there is an art to successfully crossing the great divide. Are there cybe...
In Memoriam: Paul Karger
Found in: IEEE Security and Privacy
By Roger Schell, Steve Lipner, Mary Ellen Zurko, Elaine R. Palmer, David Safford, Charles C. Palmer, Carl E. Landwehr
Issue Date:November 2010
pp. 5
Paul Karger, a great friend to all and a thought leader in security, passed away in September 2010.
Information Assurance Technology Forecast 2005
Found in: IEEE Security and Privacy
By Virgil D. Gligor, Tom Haigh, Dick Kemmerer, Carl Landwehr, Steve Lipner, John McLean
Issue Date:January 2006
pp. 62-69
Ice hockey legend Wayne Gretsky once pointed out that the key to the game isn't in being where the puck is, but where the puck is going. We assembled some of the most distinguished information assurance experts and asked them to take the risk of predicting...
Inside the Windows Security Push
Found in: IEEE Security and Privacy
By Michael Howard, Steve Lipner
Issue Date:January 2003
pp. 57-61
<p>The Microsoft Windows development team spent two months in 2002 analyzing product design, code, and documentation to fix security issues. The results of this security push include a new process and several lessons learned for future projects.</...
Twenty Years of Evaluation Criteria and Commercial Technology
Found in: Security and Privacy, IEEE Symposium on
By Steve Lipner
Issue Date:May 1999
pp. 0111
The major source of progress in computer security products during the last twenty years has been the Internet revolution of the mid-nineties. Evaluation criteria and processes have provided users with some characterization of the security attributes of ope...
The Trustworthy Computing Security Development Lifecycle
Found in: Computer Security Applications Conference, Annual
By Steve Lipner
Issue Date:December 2004
pp. 2-13
This paper discusses the Trustworthy Computing Security Development Lifecycle (or simply the SDL), a process that Microsoft has adopted for the development of software that needs to withstand malicious attack. The process encompasses the addition of a seri...
The Journey Toward Secure Systems: Achieving Assurance
Found in: Requirements Engineering, IEEE International Conference on
By Steve Lipner
Issue Date:September 2003
pp. 5
No summary available.