IEEE Symposium on Security and Privacy

List of Sessions and Papers

Session: Authorization and Authentication

Toward Acceptable Metrics of Authentication

Michael K. Reiter and Stuart G. Stubblebine (AT&T Labs--Research)

An Authorization Scheme for Distributed Object Systems

V. Nicomette and Y. Deswarte (LAAS-CNRS & INRIA, France)

A Logical Language for Expressing Authorizations

Sushil Jajodia (George Mason University), Pierangela Samarati (Universita' di Milano) and V. S. Subrahmanian (University of Maryland)

Session: Applications

Anonymous Connections and Onion Routing

Paul F. Syverson, David M. Goldschlag and Michael G. Reed (Naval Research Labs)

The Design and Implementation of a Multilevel Secure Log Manager

Vikram R. Pesati, Thomas F. Keefe and Shankar Pal (Penn State University)

A Secure and Reliable Bootstrap Architecture

A. Arbaugh and David J. Farber and Jonathan M. Smith (University of Pennsylvania)

An MBone Proxy for a Firewall Toolkit

Kelly Djahandari and Dan Sterne (Trusted Information Systems)

Session: Security Theory

Secure Software Architectures

Mark Moriconi, Xiaolei Qian, R. A. Riemenschneider (SRI) and Li Gong (JavaSoft)

A General Theory of Security Properties and Secure Composition

A. Zakinthinos and E.S. Lee (Cambridge University, U.K.)

Analyzing Consistency of Security Policies

Laurence Cholvy and Frederic Cuppens (ONERA CERT, France)

Session: Architectures

Packet Filtering: Local Enforcement for Global Policies

Joshua D. Guttman (MITRE)

Providing Flexibility in Information Flow Control for Object-Oriented Systems

Elena Ferrari, Pierangela Samarati and Elisa Bertino (Universita' di Milano) and Sushil Jajodia (George Mason University)

Automated Analysis of Cryptographic Protocols

J. Mitchell, M. Mitchell, and U. Stern (Stanford University)

Session: Intrusion Detection and Beyond

How to Systematically Classify Computer Security Intrusions

Ulf Lindqvist and Erland Jonsson (Chalmers University of Technology, Sweden)

Surviving Information Warfare Attacks on Databases

Paul Ammann and Sushil Jajodia (George Mason Univeristy), Catherine D. McCollum and Barbara T. Blaustein (MITRE)

Execution Monitoring of Security-Critical Programs in a Distributed System: A Specification-based Approach

Calvin Ko (Trusted Information Systems), Manfred Ruschitzka and Karl Levitt (University of California Davis)

Catalytic Inference Analysis: Detecting Inference Threats due to Knowledge Discovery

John Hale and Sujeet Shenoi (University of Tulsa)

Session: System Vulnerabilities

Analysis of a Denial of Service Attack on TCP

Christoph L. Schuba, Ivan V. Krsuland, Markus G. Kuhn, Eugene H. Spafford, Aurobindo Sundaram and Diego Zambon (Purdue University)

Deniable Password Snatching: On the Possibility of Evasive Electronic Espionage

A. Young and M. Yung (Columbia University)

Number Theoretic Attacks On Secure Password Schemes

Sarvar Patel (Bellcore)