The Community for Technology Leaders
Computer Security Applications Conference, Annual (2002)
San Diego California
Dec. 9, 2002 to Dec. 13, 2002
ISSN: 1063-9527
ISBN: 0-7695-1828-1
TABLE OF CONTENTS

Reviewers (PDF)

pp. xviii
Distinguished Practitioner
Track A: Network Security I - Chair: C. Schuba, Sun Microsystems, Inc., Germany

Composable Tools For Network Discovery and Security Analysis (Abstract)

Fredrik Valeur , University of California Santa Barbara
Giovanni Vigna , University of California Santa Barbara
Richard A. Kemmerer , University of California Santa Barbara
Jingyu Zhou , University of California Santa Barbara
pp. 14

Representing TCP/IP Connectivity For Topological Analysis of Network Security (Abstract)

Ronald Ritchey , George Mason University
Steven Noel , George Mason University
Brian O?Berry , George Mason University
pp. 25
Track B: Electronic Commerce - Chair: A. Friedman, National Security Agency, USA

Protecting Web Usage of Credit Cards Using One-Time Pad Cookie Encryption (Abstract)

Andre Dos Santos , Georgia Institute of Technology
Chenghuai Lu , Georgia Institute of Technology
Donghua Xu , Georgia Institute of Technology
pp. 51
Track A: Mobile Security - Chair: M. Abrams, The MITRE Corporation, USA

Enforcing Resource Bound Safety for Mobile SNMP Agents (Abstract)

Aloysius K. Mok , University of Texas at Austin
Weijiang Yu , University of Texas at Austin
pp. 69

Security of Internet Location Management (Abstract)

Michael Roe , Microsoft Research
Tuomas Aura , Microsoft Research
Jari Arkko , Ericsson Research NomadicLab
pp. 78
Track B: Forum - Chair: D. Johnson, The MITRE Corporation, USA
Track A: Classic Papers - Chair: D. Thomsen, Secure Computing Corporation, USA

LOCK : An Historical Perspective (Abstract)

O. Sami Saydjari , Cyber Defense Agency
pp. 96

Thirty Years Later: Lessons from the Multics Security Evaluation (Abstract)

Roger R. Schell , Aesec Corporation
Paul A. Karger , IBM Corp., T. J. Watson Research Center
pp. 119
Track B: Security Architecture - Chair: J. Heaney, The MITRE Corporation, USA

Controlled Physical Random Functions (Abstract)

Marten van Dijk , Massachusetts Institute of Technology
Blaise Gassend , Massachusetts Institute of Technology
Srinivas Devadas , Massachusetts Institute of Technology
Dwaine Clarke , Massachusetts Institute of Technology
pp. 149

A Security Architecture for Object-Based Distributed Systems (Abstract)

Maarten van Steen , Vrije Universiteit
Bogdan C. Popescu , Vrije Universiteit
Andrew S. Tanenbaum , Vrije Universiteit
pp. 161

A Secure Directory Service based on Exclusive Encryption (Abstract)

Atul Adya , Microsoft Research
Josh Benaloh , Microsoft Research
John R. Douceur , Microsoft Research
Gideon Yuval , Microsoft Research
William J. Bolosky , Microsoft Research
pp. 172
Invited Essayist Plenary

Penetration Testing: A Duet (Abstract)

Daniel Geer , @Stake
pp. 185
Track A: Protection against Malicious Software - Chair: J. McHugh, Carnegie Mellon University, USA

Protecting Data from Malicious Software (Abstract)

Frank Hill , Cigital, Inc.
Matthew Schmid , Cigital, Inc.
pp. 199

Safe Virtual Execution Using Software Dynamic Translation (Abstract)

Kevin Scott , University of Virginia
Jack Davidson , University of Virginia
pp. 209

Digging For Worms, Fishing For Answers (Abstract)

F. Buchholz , Purdue University
R. Gopalakrishna , Purdue University
A. Schroll , Purdue University
S. Nystrom , Purdue University
J. Early , Purdue University
T. Daniels , Purdue University
A. Smith , Purdue University
B. Kuperman , Purdue University
R. Gorman , Purdue University
pp. 219
Track B: Access Control - Chair: R. Sandhu, SingleSignOn.Net, Inc. and George Mason University, USA

A Framework for Organisational Control Principles (Abstract)

Andreas Schaad , University of York
Jonathan D. Moffett , University of York
pp. 229

Reusable Components for Developing Security-Aware Applications (Abstract)

Wolfgang Essmayr , Software Competence Center Hagenberg
Stefan Probst , Software Competence Center Hagenberg
Edgar Weippl , Software Competence Center Hagenberg
pp. 239

A Context-Aware Security Architecture for Emerging Applications (Abstract)

Prahlad Fogla , Georgia Institute of Technology
Michael J. Covington , Georgia Institute of Technology
Zhiyuan Zhan , Georgia Institute of Technology
Mustaque Ahamad , Georgia Institute of Technology
pp. 249
Track A: Network Security II - Chair: G. Caronni, Sun Microsystems Laboratories, USA

Voice over IPsec: Analysis and Solutions (Abstract)

Roberto Barbieri , Universit? degli Studi di Milano
Emilia Rosti , Universit? degli Studi di Milano
Danilo Bruschi , Universit? degli Studi di Milano
pp. 261

Gender-Preferential Text Mining of E-mail Discourse (Abstract)

Malcolm Corney , Queensland University of Technology
Alison Anderson , Queensland University of Technology
Olivier de Vel , Defence Science and Technology Organisation
George Mohay , Queensland University of Technology
pp. 282
Track B: Forum - Chair: J. Heaney, The MITRE Corporation, USA
Track A: Forum - Chair: C. Serban, AT&T Labs and O.S. Saydjari, SRI Computer Science Laboratory
Track B: Intrusion Detection - Chair: S. Weinberg, Mitretek Systems, USA

Evaluating the Impact of Automated Intrusion Response Mechanisms (Abstract)

Christopher Kruegel , Technical University Vienna
Thomas Toth , Technical University Vienna
pp. 301

Architectures for Intrusion Tolerant Database Systems (Abstract)

Peng Liu , Pennsylvania State University
pp. 311

Detecting and Defending against Web-Server Fingerprinting (Abstract)

Calvin Ko , Network Associates, Inc.
Jeff Rowe , University of California, Davis
Karl Levitt , University of California, Davis
Dustin Lee , University of California, Davis
pp. 321
Track A: Role-Based Access Control - Chair: J. Kahn, The MITRE Corporation, USA

Advanced Features for Enterprise-Wide Role-Based Access Control (Abstract)

Axel Kern , Systor Security Solutions GmbH
pp. 333

Access Control for Active Spaces (Abstract)

Geetanjali Sampemane , University of Illinois at Urbana-Champaign
Roy H. Campbell , University of Illinois at Urbana-Champaign
Prasad Naldurg , University of Illinois at Urbana-Champaign
pp. 343

A Model for Attribute-Based User-Role Assignment (Abstract)

Mohammad A. Al-Kahtani , George Mason University
Ravi Sandhu , SingleSignOn.net, Inc. and George Mason University
pp. 353
Track B: Forum - Chair: K. Levitt, University of California, Davis, USA

Intrusion Detection: Current Capabilities and Future Directions (Abstract)

Karl Levitt , University of California, Davis
pp. 365
Track A: Experience Reports - Chair: K. Eggers, CygnaCom Solutions - an Entrust company, USA

Security Architecture of the Austrian Citizen Card Concept (Abstract)

Reinhard Posch , Federal CIO Office
Arno Hollosi , Federal CIO Office
Herbert Leitold , Austria A-SIT
pp. 391
Track B: Detection - Chair: J. Epstein, webMethods, Inc., USA

Malicious Code Detection for Open Firmware (Abstract)

Dexter Kozen , Cornell University
Frank Adelstein , ATC- NY
Matt Stillerman , ATC- NY
pp. 403

Beyond the Perimeter: the Need for Early Detection of Denial of Service Attacks (Abstract)

Qi Shi , Liverpool John Moores University
John Haggerty , Liverpool John Moores University
Madjid Merabti , Liverpool John Moores University
pp. 413

A Toolkit for Detecting and Analyzing Malicious Software (Abstract)

David Geyer , George Mason University
Matthew Schmid , Cigital, Inc.
Michael Schatz , Cigital, Inc.
Michael Weber , Cigital, Inc.
pp. 423
82 ms
(Ver )