Subject: Electronic CIPHER, Issue 7, June 30, 1995 _/_/_/_/ _/_/_/ _/_/_/_/ _/ _/ _/_/_/_/ _/_/_/_/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/_/_/_/ _/_/_/_/ _/_/ _/_/_/_/ _/ _/ _/ _/ _/ _/ _/ _/ _/_/_/_/ _/_/_/ _/ _/ _/ _/_/_/_/ _/ _/ ==================================================================== Newsletter of the IEEE Computer Society's TC on Security and Privacy Electronic Issue 7 June 30, 1995 Carl Landwehr, Editor ==================================================================== Contents: [1320 lines total] Letter from the Editor (new readers and new features) [line 36] Letter to the Editor (re SSE/CMM by Warren Monroe) [line 102] Security and Privacy News Briefs: [line 184] o WWW standards forecast by Mary Ellen Zurko o Post Office teams up on cryptography o Commercial market for "dirty word" checkers? o LISTWATCH: summary of Firewalls list by Kate Arndt Articles and Conference Reports: [line 247] o Security and Privacy Report by Willis Ware [line 308] o Computer Security Foundations Workshop by Trent Jaeger[line 531] o USENIX Unix Security Symposium by Dan McDonald [line 531] o SUMMERCON '95 by Vince Reed [line 639] Calls for Papers: SNDSS '96, ESORICS, SIGMOD/PODS [line 935] Reader's guide to recent security and privacy literature [line 968] Paper list from IFIP WG11.3 WC on Database Security [line 974] Relevant papers from recent journals and periodicals [line 1023] Calendar: [line 1057] Who's Where: recent address changes [line 1184] Interesting Links - 5 new places to surf [line 1205] Publications for sale -- 1995 S&P Proceedings available! [line 1236] TC officers [line 1272] Information for Subscribers and Contributers [line 1294] ____________________________________________________________________ Letter from the Editor ____________________________________________________________________ Dear Readers, First, welcome to our new readers this month. I have integrated the e-mail addresses from this year's Oakland Symposium and also the e-mail addresses contained in the Computer Society's database of TC on Security and Privacy members into the Cipher distribution list. This brings our total e-mail distribution list to about 750 addresses. I've tried to eliminate duplicates in this process, but if you find yourself receiving two copies of this issue, please let me know and I'll fix it. In this issue we have reports from three rather different kinds of conferences: a hacker's convention, a small but respected workshop, and a large Unix meeting, as well as a summary of recent security and privacy developments in the U.S. by Willis Ware. Quite a few megabits of net traffic were generated in May and June by people concerned that a "registration wizard" included with Microsoft's Windows 95 might convey to Microsoft information about their computer system's configuration, and perhaps about other computers connected via local networks, without the knowledge or consent of the system owner. Microsoft vigorously defended itself against any claims of improper practices, asserting that no information would be collected without the user's consent, that the information requested was needed to provide good service to the user, and that no information was collected about remote systems. This isn't the first time people have asserted that some commercial software has collected information from unwitting users and transmitted it back to the parent company. From a technical standpoint, the interesting thing about the whole discussion is how difficult it is for people to resolve the question. When the military demands systems that simultaneously handle sensitive data and also permit internet e-mail access, essentially the same problem arises -- how do you be sure there isn't a little something extra in the e-mail? Guard technology, an imperfect approach but one of the few available at present, was developed to try to get a handle on this problem. Is there a commercial application here? What alternative approaches would be useful to the average PC-at-home user? That is, what could Microsoft (or any other company) do to provide a technically-based assurance that they are not violating your privacy? When I posted the above paragraph to a particular mailing list last month, one of the most interesting replies I received was that there was a discussion underway on the Firewalls mailing list about Sun's Java/HotJava technology that raised similar issues. I immediately subscribed to the list, but after a few days of being flooded with traffic that was interesting, but too voluminous to keep up with, I decided to unsubscribe -- but this means I may miss other interesting items. There are just too many newsgroups and mailing lists where security and privacy technology issues may arise for any one person to read them all. So, I thought, wouldn't it be nice to find someone willing to read one particular list regularly and summarize, every month or so, items of interest to the Cipher audience? Thus, this issue introduces Cipher LISTWATCH: a column that will try to provide summaries of relevant lists. Kate Arndt of MITRE has volunteered to cover the Firewalls list (thanks!), and her first report appears below. If you would like to become a Cipher LISTWATCHer for some other list, please drop me a line. Carl Landwehr, Editor ______________________________________________________________________ Letter to the Editor: Re SSE/CMM at Oakland Symposium ______________________________________________________________________ To the CIPHER Editor, REALLY, THE SSE/CMM WAS THERE! To set the record straight, on the Monday, 8 May 1995 Poster Session at the 1995 IEEE Symposium on Security and Privacy, one of the four "poster" presentations was on the System Security Engineering Capability Maturity Model, SSE/CMM. This was a description of a DoD/security community project to develop a CMM to guide process improvement in the practices of security engineering throughout the life of a system. The model is based on a capability maturity model, CMM, developed by the Software Engineering Institute, SEI, at Carnegie Mellon University. It is a framework for evolving an organization from an ad hoc, less organized state to a highly structured and highly effective state. CMMs focus on process practice, improvement and measurement, *not* on process definition, description, or prescription. The major focus of this project is to develop a SSE/CMM and appraisal methods that will assist organizations in process capability improvement. Benefits to the security engineering community should be: Acquisition: o standardized ranking of bidders' security engineering capabilities o more predictable security engineering results and certifications Engineering o Security engineering uniformly structured as a discipline o Achievable process improvements through incremental steps End-Users o Cheaper, faster, better security in delivered systems and products The SSE/CMM Project is being accomplished through community-based participation by those involved in integration, development, products, acquisition, evaluation, certification and accreditation. The Project is enhanced by Government-sponsored facilitation, technical support and promotion. The Project is moving from a "conceptual" stage to a "developmental" stage; planned activities over the next year or so (depending on community support levels) include: o develop a draft model (a strawman was presented at the January workshop) o define methodology and plan use of the model o develop and implement a training program o conduct trials o develop and distribute the Version 1.0 model After the above activities have been completed, the Project will move to an O&M stage, supporting the use and updating of the model as appropriate. A "First Public Workshop" was held last January and was supported by over 60 organizations. A project structure was proposed and adopted at that meeting consisting of two working groups ("Author" and "Application") under the guidance of a steering group. Since then, the Steering Group has been meeting regularly as has the Author Working Group. The Application Working Group should be getting started this summer. A Second Public Workshop is planned for early 1996. Public release of the Model Description is currently slated for late 1996. Participation by the Security Engineering community is encouraged and eagerly sought after! Participation options include: membership in the Steering and Working Groups; "key" reviewers and "community" reviewers. If you're interested in participating, please contact one of the following: Rick Hefner, leader of Steering Group, (310) 812-7290, rhefner@beqm.stg.trw.com David Hsiao, leader of Author Working Group, (703) 506-5528, dhsiao@grci.com Warren Monroe, leader of Application Working Group, (714) 732-2887, warren@mls.hac.com Victoria Thompson, project infrastructure, (703) 734-5611, thompson@arca.va.com John Adams, government sponsor, (410) 684-7141, ja@romulus.ncsc.mil Thanks for letting me "set the record straight"! Warren Monroe (one of the above and presenter of the SSE/CMM poster session) ______________________________________________________________________ Security and Privacy News Briefs ______________________________________________________________________ o WWW standards forecast: partly cloudy, by Mary Ellen Zurko, OSF The Terisa announcement that the Terisa WWW toolkit will integrate both SHTTP and SSL has changed the terms of discussions from "SHTTP vs. SSL: who to choose?" to "SHTTP and SSL: how to integrate?". Even before this anouncement, several Web server developers were discussing putting both protocols in their servers, so as not to lose money by backing the wrong horse. Even the World-Wide Web Consortium (W3C) run by Tim Berners-Lee is interested in how those two security protocols (and other security protocols) will play together. So far, nobody seems to know the answer, and it's not even clear exactly who is working on the architecture. The simplist answer from Terisa's standpoint is that anyone who buys their toolkit gets both protocols through a simple-to-use API, so that browsers and servers built on the toolkit can interoperate with either SHTTP or SSL. W3C plans to put the integration of the protocols on the agenda of their member's security workshop in early July; more information may be available then. In the meantime, less flashy standards efforts proceed in the IETF working groups on HTTP and HTTP security, and at the W3C. The Digest Access Authentication proposal (ftp://ds.internic.net/internet-drafts/draft-ietf-http-digest-aa-01.txt) will halt the practice of passing passwords in (the moral equivalent of) cleartext. The Mediated Digest Authentication proposal (ftp://ds.internic.net/internet-drafts/draft-ietf-http-mda-00.txt) introduces structure for authentication servers to service multiple Web servers. o Post Office teams up on cryptography According to the Wall Street Journal (22 June, p.B7), the U.S. Postal Service is working with software firm Premenos Corp. to develop public key cryptography for verifying the identity of e-mail senders and the integrity of electronically transmitted documents. Meanwhile, Verisign Inc. is developing a rival system that not only checks the digital signature, but also scrambles the content of the message. A number of companies, including Visa International, Mitsubishi and Ameritech, have invested in Verisign's technology, and Apple Computer and Netscape Communications have signed on as customers. o Commercial market for "dirty word" checkers? Controversial legislation passed the U.S. Senate this month that would make it illegal to send material considered obscene or pornographic across electronic networks. This legislation is now now opposed by House Speaker Newt Gingrich, but whether these provisions are enacted into law or not, three software companies (Microsoft, Netscape Communications, and Progressive Networks) combined to respond to parental concerns about controlling children's access to inappropriate materials on the Internet. The three companies formed the "Information Highway Parental Empowerment Group" (for information contact IHPEG@prognet.com) and plan to issue a report by the end of 1995 analyzing issues associated with integrating parental lock-out capabilities into Internet access software. In the military context, so called "dirty word checkers" have been proposed to prevent sensitive information from leaking out of computer systems. These programs typically look at output streams for certain strings of characters (the so-called "dirty words" to confirm that message formats are as expected and don't contain strings they shouldn't. Perhaps such checkers will soon qualify as "dual-use" technology! ______________________________________________________________________ LISTWATCH: Firealls list items, summarized by Kate Arndt ______________________________________________________________________ The Firewalls mailing list started at the Firewalls BOF at the 1992 USENIX Security Symposium in Baltimore. It currently generates over 1000 messages per month. Topics of interest to the general security community will be summarized here periodically. Subscription information for the Firewalls mailing list is available via majordomo@greatcircle.com. HotJava Sun Microsystems, Inc., recently released a new programming language, named Java, and an alpha web browser, named HotJava. Java is an object oriented language, similar to C++. It allows the programmer to create small software programs, called applets, that can be retrieved by a "Java-aware" web browser and executed. Applets are compiled by the Java compiler into an intermediate form that can be executed on any machine to which the Java interpreter has been ported. Optionally, the intermediate language can be translated at runtime into machine code for the particular host's CPU. HotJava is Sun's new Java-aware web browser. HotJava builds on the Internet browsing techniques established by Mosaic(tm) and expands them by supporting dynamic applications instead of static data. Software to support the applications can be transparently transferred to the system on which HotJava resides. Not surprisingly, Java and Hot Java have generated a great deal of discussion throughout the computer security community. Members of the Firewalls newsgroup have engaged in lively discussions about the purported security features designed into Java and Hot Java. Primary among firewall administrator concerns is whether a Trojan horse or virus could be introduced to a host via an applet. Additional information on Java and Hot Java is available from the following URL: http://java.sun.com. Encrypted telnet Two papers on encrypted telnet implementations were presented in early June at the USENIX UNIX Security Symposium in Salt Lake City. The first implementation was developed by members of the Italian CERT. The other was developed at AT&T Bell Labs. Both implementations use Diffie-Hellman to negotiate a session key, and use Rivest and Shamir's Interlock Protocol (CACM, April '84) to defeat man-in-the-middle attacks. Neither uses traditional passwords for authentication. Both papers are published in the conference proceedings. New Sun Firewall Sun Microsystems, Inc., recently announced a new firewall product, called Sunscreen. The SunScreen box is basically a Sun Sparc5 running Solaris 2.3, and is configured with five (5) Ethernet interfaces. The le0 interface is the only one with an IP address, and is used strictly for administration. A personal computer, using a Sun-developed encryption technique, called SKIP, controls the configuration of the SunScreen boxes using an application which runs on the standard Microsoft Windows interface. In addition, the le0 interface could be attached to the network to allow for remote administration. ______________________________________________________________________ Recent security & privacy developments in the United States: May 1993 through May 1995 by Willis H. Ware ______________________________________________________________________ IFIP - International Federation of Information Processing - includes a number of technical committees. TC11 addresses the security of computer systems and networks, with emphasis on practical solutions to current problems, not research and development. Each country-member to IFIP/TC11 annual writes a summary report of security and privacy activity in the member's country; this is for the general information of TC11 which meets annually, usually in May. The following report was submitted this year by Willis H. Ware, the US representative to TC11. It is a once-over-lightly of relevant acitivities in the United States for a 2-year period commencing May, 1993. Dr. Ware is a Fellow of the IEEE, a member of the IEEE/CS, chairman of the CSSPAB (noted below), and widely known as an activist on both security and privacy issues at the national level. During my years as chairman of IFIP WG11.3, I had the privilege of reading some of Willis's past contributions and thought Cipher readers would enjoy his perspective; thanks to him for making this available. --CEL = = = = = = = = = = = = = = = = = = = = = May, 1995 Willis H. Ware Santa Monica, CA, USA Throughout the 1993-1995 period, there continued to be malicious software events against networks, as well as scattered but relatively frequent viral attacks against campuses, individuals, and occasionally companies. With respect to viruses, people and organizations have seemingly come to terms with the issue. There are many antiviral software products on the market; many mass-market software products come with antiviral protection features. Vendors are delivering machines with antiviral software already installed; installations and system administrators have learned the procedures for cleaning their systems. There is a well-established research community internationally [for example, at the University of Karlsruhe and the University of Hamburg in Germany, Carnegie-Mellon University and Purdue University in the United States, the University of Queensland in Australia, vendors in many countries such as McAfee in the United States and Skulasen International in Iceland]. The online digest VIRUS-L still publishes regularly with support from the United Department of Defense, still announces new or suspect viruses in most issues, and remains a forum for the exchange of information among researchers, systems operators, people in trouble, and the virus experts. The malicious software threat has increased somewhat in sophistication, and automated software attack tools are readily available on bulletin boards of the underground community. One of the more serious events was the so-called sniffer attack which surreptitiously installs a software package into susceptible hosts, and then monitors Internet traffic and collects account-name/password data. The take is periodically off-loaded to the penetrator's location from which it can be used by the perpetrator to enter the compromised systems. Another was the so-called protocol spoofer attack which attempts to capture an already established connection to some system by flooding it with bogus packets. When successful, the attack gives the penetrator immediate access to an account with whatever access privileges it might already have. As a result of the spoofer attack against a particular system, a security expert was able to identify the origin of the attack for law enforcement, and the well-known cracker Kevin Mitnick was taken into custody in early 1995. In each of these malicious software attacks, the Computer Event Response Team [CERT] at Carnegie-Mellon University and the corresponding Computer Incident Advisory Capability [CIAC] at the Lawrence Livermore National Laboratory promptly issue alert messages and promulgate subsequent preventive fixes for the particular events. Many government agencies also have individual mini-CERTs, as do some corporations or industries [for example, Motorola Corporation]. Collectively they are coordinated by the National Institute of Standards and Technology through a cooperative nicknamed FIRST, which has periodic information-exchange meetings. The statutory National Computer System Security and Privacy Advisory Board (CSSPAB), created under the "Computer Security Act of 1987" and which advises the Congress and other senior federal officials on latent computer/communications-related public policy issues, devoted five days of meetings during 1993 to hearings on the Clipper Initiative, the proposal by the U.S. Government to use escrowed-key encryption for secure telephony. In effect, the Board created the public record of private, corporate, and government views which collectively have documented the continuing debate on Clipper In spite of an overwhelming public opposition to the proposal, the Government nonetheless did proceed with the effort and is acquiring some 9,000 Clipper-equipped telephones for use within the government. Two federal agencies, one in the Department of the Treasury and one in the Department of Commerce, are acting as escrow agents for the keys. So far the Government has vigorously maintained that the use of Clipper is voluntary, both inside and outside of government. Interestingly, all Clipper activities to date have been taken within the Executive Branch by presidential order. This procedure does not require Congressional intervention or approval and does not require Congressionally approved funding. In spite of major opposition from the public and from the private corporate sector, the Government also adopted a standard for escrowed key encryption. Interestingly, the standard is incomplete in the sense that essential parts of it, such as the algorithm, are considered to be secret and are not included. Similarly, there was not good support for the Digital Signature Algorithm and the collateral Digital Signature Standard, but they were also adopted by the Government. The DSS provides only for signatures, and in that regard, differs from the commercial package from RSA. It was pointed out in the 1991-1993 United States country report [to TC11] that the most significant topic addressed by the CSSPAB in 1992 was that of cryptography for general public, industrial, business, and non-defense government use. The Board framed the policy issue in the following context: Cryptography in the largest sense is a unique public policy issue because it brings into conflict a large number of stakeholders, each of whom has a legitimate interest in the matter. Among them are government itself; defense government; civil government; business, commerce and industry; the private citizen; and the academic researcher. In March, 1992, the CSSPAB called for a national dialogue whose outcome would set the framework for a federal policy on the use of cryptography in the United States. The Board called for: "...a national level public review of the positive and negative implications of the widespread use of public secret key cryptography..." that "... must involve the national security, law enforcement, government ... and commercial communities..[including vendors and users from the private sector]." There has never been such a national debate on the issue, but the technology of computers and communications, overlaid by a need for security, now drives such a requirement. Congress, in 1993, mandated that such a study be done. It was commenced in October of 1994 under the auspices of the operating arm of the National Academy of Sciences/National Academy of Engineering; namely, the National Research Council. The study is expected to be complete and an unclassified report published in early 1996. As members of TC11 know, the original Trusted Computer System Evaluation Criteria (TCSEC - "The Orange Book") of some ten years ago has eventuated into an international effort known as the Common Criteria. The participants are the United States, Canada, and the four ITSEC countries. The present, not yet quite complete draft, is out for comment(version 0.9); and a final version 1.0 is expected for the first quarter of 1996. The fifth Computers, Freedom and Privacy conference has been held at the end of March, 1995 in San Francisco. This relatively new conference has been remarkably successful in bringing together an appropriate cross section of attendees to interact on and discuss issues arising from the interplay between society and communications/computer technology. At CFP95, the National Study Committee on Cryptography held an open session at which members of the public were invited to submit views and positions. As is known throughout the Internet world, the graphically-based browser known as MOSAIC, and a more recent commercial one called NETSCAPE, have captured the fancy of network users. Communications traffic on the network has increased sharply due to the amount of data moved around by MOSAIC or NETSCAPE sessions, and also due to the size of the files which are moved, many of which are graphical or images. Also, the growth of the Internet has continued to astound observers, but notably the largest growth spurt has been in commercial users who are beginning to see the Net as a means for the conduct of commerce and the sale of products. Interestingly, security weaknesses in the popular graphical browser -- MOSAIC -- have been discovered. [NOTE added in June, 1995: Recently security adjuncts for the graphical browsers have been announced, but there is a possible problem with MOSAIC's implementation because it technically permits use of a user-chosen cryptographic algorithm. This is counter to the present position and interests of the Government.] Under the present political administration in the United States, an effort nicknamed the National Information Infrastructure has been promoted, largely by publicity and exposure rather than with funds. Intra-government task groups are examining the policy implications of the NII, including those of security and privacy. Eventually as the NII evolves to the Global Information Infrastructure, many of the same policy issues will become ones of international concern and attention. There is little to be said about privacy in this period. Nothing has been done to control the widespread use of personal information for a broad variety of commercial purposes, and many observers feel that the government has taken actions to be more intrusive than ever. For example, in late 1994, the Digital Telephony Act was passed which requires that telecommunications providers design their systems with whatever technical features are necessary to assure that wire tapping by law enforcement continues to be feasible. The argument in behalf of this bill hinged partly on the growing technical complexity of modern telecommunications systems, but also on the view that criminals might use encrypted telephony for the planning and execution of crimes. However, there has been no publicly released data supporting such use of secure telephony. In the discussions leading to the final wording of the law, important privacy protections were in fact added to the bill through the participation of civil liberties' groups and privacy advocates. [NOTE added: As of June, 1995, the $500M provided for in the bill has not been authorized by Congress; moreover, private estimates of the cost run significantly higher.] >From the standpoint of privacy advocates, consumer-rights advocates, personal freedom advocates and civil libertarians, the deepest concern is that the digital telephony bill plus Clipper can not together assure that criminals will use only conventional unsecured telephony. Thus, they fear that the government may act to make Clipper mandatory or to outlaw any form of encryption other than government approved. There is a similar concern within the mass-market software industry. In the current 104th Congress, there has been introduced a very large number of legislative actions that will touch on privacy in one context or another; and that are likely, if enacted into law, to impact information technology and its use. [NOTE added June, 1995: Many of the bills are actively discussed on the Internet currently; organizations such as the ACLU, EFF, EPIC, CDT regularly publish summaries and solicit participation by net-participants.] ______________________________________________________________________ 5TH USENIX UNIX SECURITY SYMPOSIUM June 5-7,1995, Salt Lake City, Utah by Dan McDonald ______________________________________________________________________ In order for information to be truly secure, cryptography must be widespread, according to Stephen T. Walker, founder of Trusted Information Systems. Walker opened the Fifth USENIX UNIX Security Symposium, held June 5-7 in Salt Lake City, Utah, with a keynote entitled, "Why Are Our Systems Insecure? Must They Always Be?" Before a crowd of approximately 550 attendees, he pointed out why cryptography is not currently widespread, citing the failed Clipper effort and current export control laws. To remedy this situation, he proposed a key escrow system different from Clipper in that escrowed keys would be stored at a "data recovery center" that would only be licensed by the government and would be subject to the same protections as other private property (i.e. no warrantless searches would be permitted). This proposal balances privacy, law enforcement and national security concerns, and economic reality, he said. Those with privacy concerns need not use a data recovery center, but people who do use one can recover their data if they lose their keys. The technical sessions included 21 refereed papers, most dealing with network security, and three panels on integrity, implementation issues, and disaster recovery [ full list of paper titles and authors, in presentation order, was distributed in Cipher EI#6 -- Ed.]. Papers were presented in seven sessions of three papers. In the first session on Tuesday, the first paper warned against underestimating "social engineering" as a way to penetrate defenses. The authors reported quick success infiltrating an organization simply by asking for information. The second paper discussed a simple active attack on TCP involving redirecting the TCP stream. The third paper introduced Autohack, a tool that can attack large networks of machines. AutoHack was applied to machines on an internal network with considerable success (i.e. many machines were penetrated). This success may have been due in part to the fact that these systems were behind a firewall, and often such systems are weakly defended because they rely on the firewall to protect them. The second session concentrated on network-layer solutions. Leading off was a paper describing how Kerberos can be slightly modified to allow clocks to drift. Following that was an implementation paper of an IP-layer encryptor, which also proposed a lightweight session key management protocol. The final paper described a network randomization protocol. The final paper session on Tuesday focused on securing remote logins. The first paper discussed how to make the BSD rlogin protocol more secure by using an IP-layer encryptor. The second paper described a secure telnet implementation. The final paper also discussed a secure telnet, but described another approach, an encrypted session manager. The encrypted session manager allows sessions over application-level firewalls, and allows other sessions besides telnet. The first session on Wednesday opened with a description of a secure file sharing and collaboration system that introduced a concept of privacy-enhanced merging. The next paper discussed how to run X Window System programs across a firewall by using an X gateway. This gateway restricts X client behavior, among other features. The last paper in this group described a packet filtering architecture for an IP router. This architecture allows greater auditing capabilities, as well as allowing filters to be placed at multiple points along the path a packet takes through the router. The second session included two papers dealing with operating system security issues. The first of these described a domain and type enforcement UNIX prototype built on trusted Mach. The second described a policy control mechanism over Mach object operations by modifying the Mach port rights mechanism. The final paper in thes group demonstrated the joining of security realms of NetWare and Kerberos. The first two papers in the next session discussed one-time passwords. The first paper proposed "Independent One-Time Passwords" which solves many problems with one-time passwords, including dictionary attacks, and scaling. The second paper discussed experiences with an S/Key derivative. The final paper talked about how to improve the data obtained from trace files. The final paper session dealt with application-layer security for common Internet applications. The first paper presented, on Domain Name System weaknesses, was written in 1990, but was not published for five years. The author stressed that he (without any outside pressure) had held the paper back for five years because at the time he wrote it there was no feasible solution to the weakness it describes. In the second paper, one of the principal implementors of the Domain Name System discussed what is being done to secure DNS. The final paper described MIME Object Security Services, a method for securing Internet electronic mail. The conference also offered tutorials (held on Monday, prior to the technical sessions), including a Firewalls tutorial by consultant Tina Darmohray and Marcus Ranum of Trusted Information Systems, a management-oriented seminar entitled, "Information Security: Past, Present and Future," and an advanced UNIX security session taught by Gene Spafford of Purdue. USENIX, a group of professionals concerned with the practical uses of advanced computing systems, sponsored the meeting in cooperation with UniForum, the Computer Emergency Response Team (CERT) and IFIP Working Group 11.4. UniForum is the Internation Association of Open Systems Professionals, which emphasizes education and effective use of open systems. More information about USENIX is available at URL http://www.usenix.org. The next USENIX UNIX Security Symposium will be held in approximately 18 months. No exact date or location was announced. ________________________________________________________________________ 8th IEEE Computer Security Foundations Workshop, County Kerry, Ireland by Trent Jaeger [session 7 summary by Catherine Meadows] ________________________________________________________________________ This is my personal summary of the 8th IEEE Computer Security Foundations Workshop. Any misrepresentations are my own (although I'll try to minimize them). Changes to or questions about the summary can be directed to me at jaegert@eecs.umich.edu. The 8th CSFW conference met in Kenmare, County Kerry, Ireland, as opposed to its usual location, Franconia, New Hampshire. In addition to the traditional croquet tournament, the conference included of 7 technical sessions and 2 panel discussions. Technical Session 1 -- Composition ++++++++++++++++++++++++++++++++++ Simon Foley (UC, Cork, Ireland) chaired the session. Aris Zakinthinos (University of Toronto) presented two major results in "The Composability of Non-Interference" (co-authored with Stewart Lee, also of U. Toronto): (1) two non-interference secure components can be composed into a system that is non-interference secure if the system is feedback-free and (2) even a system with feedback can be non-interference secure if a delay is added to the feedback loop. Lars Wulf presented "Composing and Decomposing Systems under Security Properties" (Oxford University) co-authored by A. W. Roscoe. In the talk, Lars defined formal notions of separability of components that result in different non-interference security properties (called independence, invariance, and strong invariance). Also, he showed that independence and invariance converge when the process is deterministic. Alfred Maneki (Department of Defense) closed the session with "Algebraic Properties of System Composition in the LORAL, Ulysses, and McLean Trace Models." The goal of this work is to prove the algebraic properties of the three trace models in order to facilitate their comparison, particularly with respect to the study of security properties with respect to composition. Of primary interest are the associative laws for composition. Technical Session 2 -- Authentication Protocols +++++++++++++++++++++++++++++++++++++++++++++++ Michael Reiter of (AT&T Bell Labs) chaired the session. Li Gong (SRI) presented "The 10 Foundational Issues in Today's Computer Security" (his paper was entitled "Optimal Authentication Protocols Resistant to Password Guessing Attacks"). In his talk, he proposed 10 foundational areas of research for computer security: 1. Secure Initial Access (Authenticated Login) 2. High integrity and highly accessible random number generation 3. Highly available, non-tamperable global time on the Internet 4. Sensible placement of security mechanisms (i.e., in TCP, IP, ethernet layer) 5. Secure, dynamic distributed groups (i.e., along the lines of Rampart and Enclaves) 6. Provably secure protocols 7. Refinement of security properties and specs 8. Secure system composition 9. Secure system interoperation (e.g., obtaining, verifying, and executing code securely) 10. Sensible integration of security and fault tolerance Li claimed that the first five issues in the list are more easily achievable from the current state of the art than the last five issues. There was some disagreement on this claim, but overall the level of disagreement was moderate. Maybe it was because Li's talk was right after lunch. Liqun Chen (Royal Holloway, University of London) followed with a talk on "Key Distribution without Individual Trusted Authentication Servers" (co-authored with Dieter Gollmann and Chris Mitchell also of the Royal Holloway, University of London). She proposes two protocols (one "parallel" and one "cascaded") in which two participants can agree on a symmetric key if more than 1/2 of the authentication servers are trusted. The "parallel" algorithm is more resilient to denial-of-service attacks by one of the untrusted servers, and the "cascade" algorithm uses fewer messages. Technical Session 3 -- Analysis of Cryptographic Protocols ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Gene Tsudik of IBM Zurich chaired this session. First, Colin Boyd (University of Manchester) discussed his paper (and some extensions) entitled, "Towards a Classification of Key Agreement Protocols." The goal is to develop a set of classes for categorizing key agreement protocols and to define the implementation requirements for each class. The classes are defined by the amount of confidential information passed between the two parties. The classes then determine the requirements on the one-way function that generates the keys. Next, Wenbo Mao (HP labs, Bristol) spoke on "An Augmentation to BAN-like Logics." The goal of this work is to more formally define the task of idealization in BAN Logic. Operators and rules are added to BAN to convert protocol messages into BAN logic formulae. The focus of the new operators is to provide a means to establish that a key proposed in a message is in fact a "good secret." Panel Session 1 -- What Makes a Cryptographic Protocol Dependable? ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Catherine Meadows (U. S. Naval Research Lab) chaired the panel, which also included. The Michael Merritt (AT&T Bell Labs), Colin Boyd (University of Manchester), and Dieter Gollmann (Royal Holloway, University of London). Colin Boyd spoke first and advocated a top-down design approach to cryptographic protocols in which all requirements are stated, further refined, and checked as each succeeding level of detail is addressed. Dieter Gollmann also espoused top-down design, but he also argued for more formal definition of systems, even during the 'idealization' stage. Michael Merritt suggested that there are many difficult issues in specifying and implementing cryptographic protocols that make it difficult to verify their dependability. These issues must be better addressed before strong claims of dependability are possible. The succeeding audience discusssion centered on the issue of the semantics of dependability and how one ensures those semantics: (1) is the meaning of dependability based on user requirements? (2) is the meaning of dependability based on what you can empirically test? (3) dependability == bulletproof? Technical Session 4 -- Issues in Implementation +++++++++++++++++++++++++++++++++++++++++++++++ Jonathan Millen (MITRE Corporation) chaired the session. In the first talk, Riccardo Focardi (University of Bologna) described his work with his colleagues R. Gorreri and V. Panini on the development of a tool called the Security Checker. The Security Checker automatically verifies some information flow properties of systems specified in the authors' Security Process Algebra (SPA, an extension of Milner's CCS). The Security Checker verifies non-interference and bisimulation properties for finite-state SPA. Next, Trent Jaeger (University of Michigan, Ann Arbor) discussed "Implementation of a Discretionary Access Control Model for Script-based Systems" (co-authored with Atul Prakash, University of Michigan, Ann Arbor). The goal is to permit both the writer of the command script and the user that executes the command script to grant the appropriate set of access rights to command script programs (e.g., for mobile agent-style systems) and enforce these rights during command script execution. Implementations using Safe-Tcl to execute the command scripts and using authentication models Kerberos and Taos perform authorization were described. Jonathan Millen then presented a paper by John Janeri (MITRE Corporation), Daylan Baker, and Daniel Schnackenberg (both from Boeing Defense and Space Group) entitled, "Building Higher Resolution Synthetic Clocks for Signalling in Covert Timing Channels." A CPU scheduler is developed that limits the ability of untrusted processes to leak information using a covert channel by providing only a one second granularity interval clock. Not only is the throughput of the covert channel reduced, but the scheduler hides the actual amount of processing done by an untrusted process during that second. Technical Session 5 -- Models of Cryptographic Protocols ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Michael Merritt (AT&T Bell Labs) chaired the session. A. W. Roscoe (Oxford University) presented "Modeling and Verifying Key-Exchange Protocols Using CSP and FDR." The goal is to show that a process algebra (in this case CSP) can be a suitable means for specifying the actions of principals relevant to a cryptographic protocol. If this is possible, then the model-checking tool FDR can be applied to verify the specification. The author showed how attacker actions such as leak message and fake message can be modeled using CSP. John McLean (U.S. Naval Research Lab) presented "Using Temporal Logic to Specify and Verify Cryptographic Protocols," (co-authored with James Gray III of the Hong Kong University of Science and Technology). The goal of this work is to revise the NRL Protocol Analyzer such that it relies on only one formalism, Lamport's Raw Temporal Logic of Actions, while still verifying the protocol against the same threats. The authors claim that the use of only one formalism provides a cleaner formal model for specification and verification, so the verifiers are likely to commit fewer errors. Technical Session 6 -- Secure Systems +++++++++++++++++++++++++++++++++++++ John McLean chaired this session. In the first talk, Tom Keefe (Pennsylvania State University) presented "Concurrency Control for Federated Multilevel Secure Database Systems" (co-authored with I.E. Kang of GTE Labs). The goal of the protocol is to ensure global serializability while maintaining local autonomy and enforcing security constraints. A totally ordered security lattice is assumed for simplicity. Timestamps are used to serialize transactions. In the first protocol, a global transaction manager generates timestamps for all transactions. In the second protocol, the local transaction manager at the originating site of the transaction attaches a timestamp to the transaction. As long as the timestamp is within a timestamp "window" the transaction will be processed (although it may still be rolled-back). Jeremy Jacob (University of York) presented, "Specifying Security for CSCW Systems" (co-authored with Simon Foley of University College, Cork). The goal is to define an approach to the specification of computer-supported collaborative work (CSCW) systems and their security requirements. Systems are defined by their activities (potentially nested) and the principals in the activity. The access rights of the principals can be specified by the actions that a principal can undertake in an activity. Also, no information flow should be permitted between the start and finish of an activity. The authors were surprised to find that a number of examples could be specified effectively using their approach. Panel Session 2 -- Considering the Common Criteria ++++++++++++++++++++++++++++++++++++++++++++++++++ Jane Sinclair (Open University,U.K.) chaired the panel, which included Jon Millen, Jeremy Jacob, and Bronia Szczygiel (NPL, UK). Millen first gave an overview of his interpretation of the goals and method of the Common Criteria. The Common Criteria is being developed with both commercial and miltary secuirty needs in mind. The general method is to define a target of evaluation (TOE) and a set of security requirements for the TOE. The requirements are evaluated first followed by an evaluation of the TOE using the requirements. Jonathan expressed concern that technical guidance about how to perform requirement development and analysis are lacking from the Common Criteria. Jeremy Jacob presented his concerns that the Common Criteria is being developed: (1) without enough input from the security research community and (2) without a clear technical foundation for specification and evaluation which leaves many requirements to a subjective evaluation. He stated that the subjectivity in evaluation should be minimized. Bronia Szczygiel (NPL, UK) discussed the pros and cons she sees in the Common Criteria document. She claims that the Common Criteria document in its current state is very lengthy, but very sparse on details. Therefore, it will be difficult (i.e., expensive) to use. However, she stated that the efforts to generalize the security requirements of various parties and define an evaluation method are steps in the right direction. The succeeding discussion consisted of an expression of skepticism about the Common Criteria in its current state. For example, Dieter Gollmann argued that the Common Criteria will only be used for a commercial (i.e., marketing) advantage in the public sector. Technical Session 7 -- Information Flow +++++++++++++++++++++++++++++++++++++++ (summarized by Catherine Meadows, NRL) Joshua Guttman chaired the session. In the first talk, Paul Syverson (NRL, USA) presented "The Epistemic Representation of Information Flow Security in Probabilistic Systems," (coauthored with Jim Gray, Hong Kong University of Science and Technology). This paper extends the authors' earlier work on logics for reasoning about probabilistic multilevel security, in which account is taken of the fact that information can flow as the result of affecting the probability that an event can occur. In this paper, the authors recast the language and model of computation from their earlier work into the standard Halpern-Tuttle frameword for reasoning about knowledge and probability. As a result of this, the authors were able to develop an improved characterization of security which improves their previous characterizations in that it is theoretically provable but not unreasonably strong. William Young (Computational Logic, Inc, USA) next presented "Connection Policies and Controlled Interference," coauthored with William Bevier and Richard Cohen, also of Computational Logic. The authors develop a type of security policy called a connection policy, which specifies the channels along which permitted communication may occur between agents. This is more expressive than than traditional multilevel security policies (refered to as communication policies in this paper), which describe only which entities may or may not communicate. A system observes controlled interference when the connection policy is satisfied. Young presented a formal state-based model of controlled interference, and discussed its relation to Rushby's notion of separation and to type enforcement. The workshop wound up with the final matches of the traditional croquet tournament (this year's champion was Bill Roscoe, and the runner-up Aris Zakinthinos), held simultaneously with the business meeting. It was decided to hold the workshop at Dromquinna again for 1996. The conference chair will again be Simon Foley, and the program chair will be Michael Merritt. The conference proceedings are published as: "Proceedings of The Eighth IEEE Computer Security Foundations Workshop," IEEE Computer Society Press, Los Alamitos, CA, ISBN 0-8186-7033-9, ISSN 1063-6900. IEEE CS Press Catalog Number PR07033 In the US, copies are available from Joshua Guttman(guttman@mitre.org), MITRE, Mail Stop A118, 202 Burlington Rd., Bedford, MA 01730-1420 USA for $25; make your check to "Joshua Guttman for CSFW-8" (while his supply lasts! After that, it will be available from IEEE at a higher cost). Copies (for Europe/rest of world) are also available from Simon Foley, Department of Computer Science, University College, Cork, Ireland. Email: s.foley@cs.ucc.ie. Send a draft for IEP18.00 (must be in Irish Pounds, drawn on an Irish bank) to Simon Foley at the above address. This includes P&P. Stocks are limited, so requests will be dealt with on a first-come-first-served basis. ________________________________________________________________________ Calls for Papers (new listings since last issue only) ________________________________________________________________________ (see also Calendar) o Conferences Listed earliest deadline first. See also Cipher Calendar and NRL CHACS CFP list. Listed earliest deadline first o SNDSS '96: Internet Society 1996 Symposium on Network and Distributed System Security, 22-23 Feb 1996, San Diego, California. Technical papers (10-20 pp.) and panel proposals (2-4 pp.) of interest to builders of hardware and software to provide network and distributed system security services are solicited; focus is on actual system design and implementation, rather than theory. See full call for papers for details. Submissions preferred by e-mail (PostScript or ASCII); due to Clifford Neuman, USC-ISI, program chair (sndss96-submissions@isi.edu) by 14 August 1995. o ACM SIGMOD/PODS 96 Joint Conference, 3-6 June 1996, Montreal, Canada. Papers sought from practical through theoretical aspects of database systems. SIGMOD call includes (as first topic listed) database authorization and security and requests six copies of contributions up to 8000 words; PODS call includes integrity and security as topics of interest and requests 12 copies of contributions up to about 5000 words. All submissions are due 23 October 1995 to the appropriate program chair (SIGMOD: H.V. Jagadish, sigmod96@research.att.com; PODS: Richard Hull, hull@cs.colorado.edu). o 1996 European Symposium on Research in Computer Security (ESORICS-96), 25-27 September 1996, Rome, Italy. Papers solicited describing original ideas and new results on the foundations and applications of computer security, including theoretical foundations, operating systems security, network security, data and knowledge base security, secure systems development, security evaluation, security management, electronic commerce, internet security, etc. Submit six copies of papers (up to 6000 words) or panel proposals before March 15, 1996 to Prof. Elisa Bertino (bertino@hermes.mc.dsi.unimi.it). ________________________________________________________________________ Reader's Guide to Current Technical Literature in Security and Privacy Part 1: Conference Papers ________________________________________________________________________ Papers to be presented at the IFIP WG 11.3 Working Conference on Database Security, Rensselaerville, New York, August 13-16, 1995 ======================================================= o How Secure is Secure? Conference Chair's Opening Remarks T. C. Ting, University of Connecticut o Messages, Communications, Information Security: Protecting the User from the Data; J. E. Dobson and M. J. Martin, U. of Newcastle o Self-Protecting Objects in a Secure Federated Database M. S. Olivier, Rand Afrikaans University o Argos - A Configurable Access Control Subsystem Which Can Propagate Access Rights; D. Jonscher and K. R. Dittrich, U. Zurich o The Modulated Input Modulated Output Model I. S. Moskowitz and M. H. Kang, Naval Research Laboratory o User-Role Based Security Enforcement Mechanisms for Object-Oriented Systems and Applications; M.-Y. Hu, IBM; and T. A. Daggett, S. A. Demurjian, and T. C. Ting, University of Connecticut o A Formal Specification of an Authorization Model for Object-Oriented Databases; E.B. Fernandez, R.B.France and D.Wei, Florida Atlantic U. o Multilevel Data Model for the Trusted ONTOS Prototype M. Schaefer, R. Martel, T. Kanawati, and V. Lyons, ARCA o Modeling Mandatory Access Control in Role-Based Security Systems M. Nyanchama and S. L. Osborn, University of Western Ontario o Modeling a Multilevel Database with Temporal Downgrading Functionalities; F. Cuppens and A. Gabillon, ONERA-CERT o Towards a MAC Policy Framework X. Qian, SRI International; and T. F. Lunt, ARPA/CSTO o Locking Protocol for Multilevel Secure Databases Providing Support for Long Transactions; S. Pal, Pennsylvania State University o An Adaptive Policy for Improved Timeliness in Secure Database Systems S. H. Son and R. David, U. of Virginia; and B. Thuraisingham, MITRE o A Secure Concurrency Control Protocol for Real-Time Databases R. Mukkamala, Old Dominion U.; and S. H. Son, U. of Virginia o Providing Different Degrees of Recency Options to Transactions in Multilevel Secure Databases V. Atluri, Rutgers U.; E. Bertino, U. degli Studi di Milano; and S. Jajodia, George Mason University o Assured Discretionary Access Control for Trusted RDBMS M. Schaefer and G. Smith, ARCA Systems, Inc. o A Security Design Method for Information Exchange In and Between Organizations R. Holbein, S. Teufel, and K. Bauknecht, Universitat Zurich o Inference Analysis During Multilevel Database Design R. K. Burns, AGCS, Inc. o A Tool for Inference Detection and Knowledge Discovery in Databases S. Rath, D. Jones, J. Hale and S. Shenoi, University of Tulsa o ILIAD: An Integrated Laboratory for Inference Analysis and Detection T. H. Hinke, H.S. Delugach and R.P. Wolf, U. of Alabama in Huntsville o Storage Jamming J. McDermott and D. Goldschlag, Naval Research Laboratory o What Have We Learned? John Dobson, University of Newcastle ________________________________________________________________________ Reader's Guide to Current Technical Literature in Security and Privacy Part 2: Journal and Newsletter Articles, Book Chapters ________________________________________________________________________ o ACM SIGOPS Operating System Review, Vol. 29, No. 3 (July, 1995): J. Alves-Foss and S. Barbosa. Assessing computer security vulnerability. pp. 3-13. I-L. Kao and R. Chow. An efficient and secure authentication protocol using uncertified keys. pp. 14-21. M. Steiner, G. Tsudik, and M. Waidner. Refinement and extension of encrypted key exchange. pp. 22-30. o IEEE Trans. on Knowledge and Data Engineering, Vol. 7, No. 3 (June 1995): P. A. Bonatti, S. Kraus, and V. S. Subrahmanian. Foundations of secure deductive databases. pp. 406-422. o IEEE Trans. on Communications, Vol. 43, No. 5 (May 1995): T. Hwang and W.-C. Ku. Repairable key distribution protocols for Internet environments. pp. 1947-1949 (thanks to Anish Mathuria o Journal of Computer Security, Vol.3, No.1 (1994/1995)[received 5/95]: R. Focardi and R. Gorrieri. A classification of security properties for process algebras. pp. 5-34. J. K. Millen. Unwinding forward correctability. pp. 35-54. W. R. Bevier and W. D. Young. A state-based approach to noninterference. pp. 55-70. G. J. Simmons and C. Meadows. The role of trust in information integrity protocols. p. 71-84. ________________________________________________________________________ Reader's Guide to Current Technical Literature in Security and Privacy Part 3: Books ________________________________________________________________________ Nothing new to report this issue! ________________________________________________________________________ Calendar ________________________________________________________________________ The Internet Conference Calendar, URL: http://www.automatrix.com/conferences/ is also worth a look. Dates Event, Location Point of Contact/ more information ----- --------------- ---------------------------------- ==================================================================== See Calls for Papers section for details on many of these listings. ==================================================================== 7/ 1/95: CCS-3 papers due; gong@csl.sri.com or Jacques.Stern@ens.fr 7/ 3/95- 7/ 5/95: CPAC '95, Australia cpac@fit.qut.edu.au 7/ 7/95: COMAD 96 papers due [DEADLINE EXTENDED FROM 6/15]; anand@pspl.ernet.in or krishnam@hplabs.hp.com 7/15/95: IFIP/SEC '96 papers due; sec96@aegean.ariadne-t.gr 7/29/95- 8/ 4/95: SFTC-VI, Canela, Brazil; VISCTF@inf.ufrgs.br 7/31/95: 5th IMACCC papers due; colin.boyd@man.ac.uk 8/13/95- 8/16/95: IFIP WG11.3,New York(RPI); ting@eng2.uconn.edu 8/14/95: SNDSS '96, San Diego, submissions due; sndss96-submissions@isi.edu 8/22/95- 8/25/95: NSPW '95 San Diego (UCSD);meadows@itd.nrl.navy.mil 8/27/95- 8/31/95: Crypto'95 Santa Barbara; tavares@ee.queensu.ca 8/28/95- 8/30/95: MMDMS, Blue Mt. Lake, NY; nwosuck@harpo.wh.att.com 8/30/95- 8/31/95: "Doing Business Securely on the Information Highway", Montreal; conference@ediwi.ca 9/ 5/95- 9/ 6/95: MDS-95, York, England ; IMACRH@V-E.ANGLIA.AC.UK 9/13/95- 9/15/95: WDAG-9, Le Mont St. Michel,France; raynal@irisa.fr 9/17/95- 9/20/95; HPTS 95, Asilomar, CA; neowens@vnet.ibm.com 9/20/95- 9/21/95: IT-Sicherheit '95, Graz; rposch@iaik.tu-graz.ac.at 9/20/95- 9/23/95: IC3N '95, Las Vegas kia@unlv.edu 9/21/95- 9/22/95: ICI '95, Washington DC; denning@cs.georgetown.edu 9/27/95- 9/29/95: DCCA-5, Champaign, IL; no e-mail address available 10/ 2/95: JBCS spec issue on DBMS papers due; laender@dcc.ufmg.br 10/10/95-10/13/95: NISS-18, Baltimore, MD; NISS_Conference@Dockmaster.ncsc.mil 10/23/95: SIGMOD/PODS '96, Montreal, submissions due; SIGMOD: sigmod96@research.att.com; PODS: hull@cs.colorado.edu 11 1/95: IS iss. on disaster recov.; papers due; agrawal@cs.ucsb.edu 11/ 6/95-11/10/95: ICECCS '95, Fort Lauderdale; alex@vulcan.njit.edu 11/14/95-11/15/95: ACM MCN '95 Berkeley, CA; mcn95-submission@cs.columbia.edu 11/15/95: ICSSDBM '96, Stockholm, submissions due; pers@sto.foa.se 11/15/95-11/17/95: CISMOD '95 Bombay; bhalla@u-aizu.ac.jp 11/29/95-12/ 2/95: CIKM '95, Baltimore; nicholas@cs.umbc.edu 11/30/95: ACM Computer Security Day; computer_security_day@acm.org 12/ 4/95-12/ 7/95: DOOD '95, Singapore; mendel@db.toronto.edu 12/11/95-12/15/95: ACSAC '95, New Orleans; smith@arca.va.com 12/13/95-12/15/95: OOER '95, G.C., Australia; mikep@icis.qut.edu.au 12/18/95-12/20/95: 5th IMACCC, Cirencester, UK; colin.boyd@man.ac.uk 12/27/95-12/30/95: 7th COMAD, Pune, India; anand@pspl.ernet.in or krishnam@hplabs.hp.com 2/22/96- 2/23/96: SNDSS '96,San Diego; http://nii.isi.edu/info/sndss 2/23/96: VLDB '96 submissions due; nls@cse.iitb.ernet.in 2/26/96- 3/ 1/96: ICDE '96, New Orleans; icde96@cis.ufl.edu 3/14/96- 3/16/96: CCS-3, New Delhi; gong@csl.sri.com or Jacques.Stern@ens.fr 3/15/96: ESORICS'96, Rome, submissions due; bertino@hermes.mc.dsi.unimi.it 3/27/96- 3/30/96: CFP '96, Cambridge, MA; cfp96@mit.edu 4/30/96- 5/ 3/96: 8th CCSS, Ottawa; no e-mail address available 5/ 5/96- 5/ 8/96: IEEE S&P 96; no e-mail address available 5/21/96- 6/24/96: IFIP/SEC 96 - Greece; no e-mail address available 6/ 3/95- 6/ 6/95: SIGMOD/PODS '96, Montreal, Canada 9/3/96- 9/6/96: VLDB '96, Bombay, India; nls@cse.iitb.ernet.in 9/25/96- 9/27/96: ESORICS'96, Rome; bertino@hermes.mc.dsi.unimi.it 5/ 4/97- 5/ 7/97: IEEE S&P 97; Oakland no e-mail address available 5/13/97- 5/16/97: 9th CCSS, Ottawa; no e-mail address available 5/ 3/98- 5/ 6/98: IEEE S&P 98; Oakland no e-mail address available 5/12/98- 5/15/98: 10th CCSS, Ottawa; no e-mail address available 5/ 2/99- 5/ 5/99: IEEE S&P 99; Oakland no e-mail address available 5/11/99- 5/14/99: 11th CCSS, Ottawa; no e-mail address available 4/30/00- 5/ 3/00: IEEE S&P 00; Oakland no e-mail address available 5/16/00- 5/19/00: 12th CCSS, Ottawa; no e-mail address available Key: ==== ACSAC = Annual Computer Security Applications Conference CCS-3 = 3rd ACM Conference on Computer and Communications Security CCSS = Annual Canadian Computer Security Symposium CFP = Conference on Computers, Freedom, and Privacy CIKM = Int. Conf. on Information and Knowledge Management CISMOD = International Conf. on Information Systems and Management of Data COMAD = Seventh Int'l Conference on Management of Data (India) CPAC = Cryptography - Policy and Algorithms Conference CSFW = Computer Security Foundations Workshop DCCA = Dependable Computing for Critical Applications DOOD = Conference on Deductive and Object-Oriented Databases ESORICS = European Symposium on Research in Computer Security FISSEA = Federal Information Systems Security Educators' Association HPTS = Workshop on High Performance Transaction Systems IC3N = Int. Conference on Computer Communications and Networks ICDE = Int. Conf. on Data Engineering ICI = International Cryptography Institute ICECCS = Int. Conference on Engineering of Complex Computer Systems ICSSDBM = Int. Conf. on Scientific and Statistical Database Management IEEE S&P = IEEE Symposium on Security and Privacy IFIP/SEC = International Conference on Information Security (IFIP TC11) IFIP WG11.3 = IFIP WG11.3 9th Working Conference on Database Security IMACCC = IMA Conference on Cryptography and Coding INET = Internet Society Annual Conference IS = Information Systems (journal) ISOC-Symp = Internet Society Symposium on Network and Distributed System Security IT-Sicherheit '95 = Communications and Multimedia Security: Joint Working conference of IFIP TC-6 and TC-11 and Austrian Computer Soc. JBCS = Journal of the Brazilian Computer Society JCMS = Journal of Computer Mediated Communication MCN '95 = ACM Int. Conf. on Mobile Computing and Networking MDS '95 = Second Conference on the Mathematics of Dependable Systems MMDMS = First Int. Wkshop on Multi-Media Database Management Systems NCSC = National Computer Security Conference NISS = National Information Systems Security Conference NSPW = New Security Paradigms Workshop OOER = Fourteenth Int. Conf. on Object-Oriented and Entity Relationship Modelling SAC '95= 2nd Annual Workshop on Selected Areas of Cryptography SFTC-VI = Symposium on Fault Tolerant Computing - VI (Brazil) SIGMOD/PODS - ACM SIGMOD International Conference on Management of Data /ACM SIGACT SIGMOD-SIGART Symposium on Principles of Database Systems SNDSS = Symp. on Network and Distributed Sys. Sec. (Internet Society) USENIX Sec Symp = USENIX UNIX Security Symposium VLDB = Int'l Conf. on Very Large Databases WDAG-9 = Ninth Int. Workshop on Distributed Algorithms ________________________________________________________________________ Who's Where: recent address changes ________________________________________________________________________ Entered 19 June 1995: Charles N. Payne, Jr. Secure Computing Corporation 2675 Long Lake Road Roseville, MN 55113 Voice: (612) 628-2700/1594 (main office/ direct) Fax: (612) 628-2701 (fax) E-mail: cpayne@sctc.com LouAnna Notargiacomo Oracle Corporation 196 Van Buren Street Herndon, VA 22070 Voice: (703) 708-6740 Fax: (703) 708-7919 Email: lnotargi@us.oracle.com ________________________________________________________________________ Interesting Links [new entries only] ________________________________________________________________________ Format: Description (first lines) followed by URL (last line) Government sources/information: ------------------------------- National Security Agency joins the Web! http://www.nsa.gov:8080// Professional societies and organizations: ----------------------------------------- No new ones this issue! Other places for interesting research papers, announcements, assistance ----------------------------------------------------------------------- Following the Clipper debate? A draft contribution to the Pennsylvania Law Review by A. Michael Froomkin may be available at: http://acr.law.miami.edu/froomki.html An article by Dorothy Denning published in the MIT Technology Review issue for July is available at: http://web.mit.edu/techreview/www/articles/july95/Denning.html and see also: The Cryptography Project http://www.cosc.georgetown.edu/~denning/crypto/ CCER National Budget Simulation -- try your hand at balancing the budget: http://garnet.berkeley.edu:3333/budget/budget.html ________________________________________________________________________ TC Publications for Sale ________________________________________________________________________ Yes! The fresh, green Proceedings of the 1995 IEEE Symposium on Security and Privacy are now available, along with those old favorites in blue, orange, and pink. Yes! They are available for purchase by TC members at favorable rates. Current issues in stock and NEW LOW PRICES are as follows: Price by mail from TC IEEE CS Press IEEE CS Press Year TC members IEEE member price List Price ---- ---------- ----------------- ------------- 1992 $10 Only available from TC! 1993 $15 Only available from TC! 1994 $20 $30+$4 S&H $60+$5 S&H 1995 $25 $25+$4 S&H $50+$4 S&H For overseas delivery: -- by surface mail, please add $5 per order (3 volumes or fewer) -- by air mail, please add $10 per volume to the prices listed above. If you would like to place an order, please send a letter specifying o which issues you would like, o where to send them, and o a check in US dollars, payable to the 1995 IEEE Symposium on Security and Privacy to: Charles N. Payne Treasurer, IEEE TC on Security and Privacy Code 5542 Naval Research Laboratory Washington, DC 20375-5337 U S A Sorry, we are (still) not ready for electronic commerce! ________________________________________________________________________ TC Officer Roster ________________________________________________________________________ Chair: Vice Chair: Deborah Cooper Charles P. Pfleeger P.O. Box 17753 Trusted Information Systems(UK) Ltd. Arlington, VA 22216 41 Surbiton Road (703)908-9312 voice and fax Kingston upon Thames KT1 2HG dmcooper@ix.netcom.com ENGLAND pfleeger@tis.com Newsletter Editor: Chair, Subcommittee on Academic Affairs: Carl Landwehr Prof. Karl Levitt Code 5542 University of California, Davis Naval Research Laboratory Division of Computer Science Washington, DC 20375-5337 Davis CA 95611 (202)767-3381 (916)752-0832 landwehr@itd.nrl.navy.mil levitt@iris.ucdavis.edu Standards Subcommittee Chair: Nominations invited ________________________________________________________________________ Information for Subscribers and Contributors ________________________________________________________________________ SUBSCRIPTIONS: To subscribe, send e-mail to (which is NOT automated) with subject line "subscribe". To remove yourself from the subscription list, send e-mail to cipher-request@itd.nrl.navy.mil with subject line "unsubscribe". Those with access to hypertext browsers may prefer to read Cipher that way. It can be found at URL http://www.itd.nrl.navy.mil/ITD/5540/ieee/cipher CONTRIBUTIONS: to are invited. Cipher is a NEWSletter, not a bulletin board or forum. It has a fixed set of departments, defined by the Table of Contents. Please indicate in the subject line for which department your contribution is intended. For Calendar entries, please include an e-mail address for the point-of-contact. ALL CONTRIBUTIONS CONSIDERED AS PERSONAL COMMENTS; USUAL DISCLAIMERS APPLY. All reuses of Cipher material should respect stated copyright notices, and should cite the sources explicitly; as a courtesy, publications using Cipher material should obtain permission from the contributors. ARCHIVES: Available at URL http://www.itd.nrl.navy.mil/ITD/5540/ieee/cipher/cipher-archive.html ========end of Electronic Cipher Issue #7, 30 June 1995================