Subject: Electronic CIPHER, Issue 44, September 15, 2001 _/_/_/_/ _/_/_/ _/_/_/_/ _/ _/ _/_/_/_/ _/_/_/_/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/_/_/_/ _/_/_/_/ _/_/ _/_/_/_/ _/ _/ _/ _/ _/ _/ _/ _/ _/_/_/_/ _/_/_/ _/ _/ _/ _/_/_/_/ _/ _/ ==================================================================== Newsletter of the IEEE Computer Society's TC on Security and Privacy Electronic Issue 44 September 15, 2001 Jim Davis, Editor Hilarie Orman, Assoc. Editor Bob Bruen, Book Review Editor Mary Ellen Zurko, Assoc. Editor Anish Mathuria, Reader's Guide ==================================================================== http://www.ieee-security.org/cipher.html Contents: * Letter from the Editor * Conference and Workshop Announcements o Upcoming calls-for-papers and events * News Briefs: o LISTWATCH by Mary Ellen Zurko o News Bits: correspondence and announcements * Commentary and Opinion o Robert Bruen's review of "The CERT Guide to System and Network Security Practices" by Julia Allen o Robert Bruen's reviews of "Hack Attacks Revealed" and "Hack Attacks Denied" by John Chirillo o Robert Bruen's review of "White Hat Security Arsenal, Tackling the Threats" by Aviel Rubin o Anish Mathuria's review of "Security Engineering: A Guide to Building Dependable Distributed Systems" by Ross Anderson o Review of the 14th Computer Security Foundations Workshop (CSFW 2000) by Geraint Price * Reader's guide to recent security and privacy literature, by Anish Mathuria * List of Computer Security Academic Positions, by Cynthia Irvine * Staying in Touch o Information for subscribers and contributors o Recent address changes * Interesting Links and New reports available via FTP and WWW * Links for the IEEE Computer Society TC on Security and Privacy o Becoming a member of the TC o TC Officers o TC publications for sale ==================================================================== Letter from the Editor ==================================================================== Dear Friends: This is one of those times when I wish I had the gift to translate feelings into words. I was with colleagues last Tuesday watching in disbelief as the despicable terrorist attacks were carried out in New York City and Washington, DC. Among our first thoughts was the now often-repeated realization that nothing would be the same again. In the span of a few short minutes, we lost friends, parents, siblings, and children. As we watched the horrific scenes of destruction, it gradually sunk in that we had also lost our innocence as a nation and we became increasingly aware of the sacrifices to be made as we move forward from here. The first step on our new path is undoubtedly quiet reflection to deal with personal loss and to attempt to make sense of this tragedy. I wish you all well on your journey. Best regards, Jim Davis 9/15/2001 ==================================================================== Conference and Workshop Announcements ==================================================================== ==================================================================== Upcoming Calls-For-Papers and Events ==================================================================== The complete Cipher Calls-for-Papers is located at www.ieee-security.org/cfp.html. The Cipher event Calendar is at www.cs.utah.edu/flux/cipher/cipher-hypercalendar.html ____________________________________________________________________ Cipher Event Calendar ____________________________________________________________________ Calendar of Security and Privacy Related Events maintained by Hilarie Orman Date (Month/Day/Year), Event, Locations, e-mail for more info. See also Cipher Calls for Papers file (www.ieee-security.org/cfp.html) for details on many of these listings. Also worth a look are the ICL calendar and the IACR site, and several others. 9/30/01-10/ 2/01: IWAN 2001, Philadelphia, Pennsylvania www.cis.upenn.edu/iwan01/ 10/09/01-10/12/01: SoftCOM 2001, Marko Polo cruise ship, www.fesb.hr/SoftCOM/2001/index.htm 10/10/01-10/12/01: RAID 2001, Davis, CA www.raid-symposium.org/Raid2001 10/27/01-10/29/01: TRPC 2001, Alexandria, Virginia; www.tprc.org/ 10/28/01-10/31/01: SRDS-20, New Orleans, Louisiana srds.cs.umn.edu 11/11/01-11/14/01: ICNP 2001, Riverside, California www.cis.udel.edu/icnp2001/ 11/11/01-11/14/01: ICNP2001, Riverside, California www.cis.udel.edu/icnp2001/ 11/13/01-11/16/01: ICICS, Xian, China homex.coolconnect.com/member2/icisa/icics2001.html 12/10/01-12/14/01: 17th ACSAC, New Orleans, Louisiana, www.acsac.org/2001/cfp/ 12/16/01-12/20/01: Indocrypt '2001, Chennai, India 5/13/02- 5/15/02: (tentative date) IEEE S&P 2002 ____________________________________________________________________ Journal, Conference and Workshop Calls-for-Papers ____________________________________________________________________ Computer Communications, Special issue on Network Security. Publication: spring 2002. Editors: Brian Neil Levine, University of Massachusetts, and Clay Shields, Purdue University. Submission deadline is October 5, 2001. Areas of interest include, but are not limited to: - Network privacy and anonymity - Multicast and group-communication security - Intrusion detection and response - Network traceback - Integrating security in Internet protocols - Security analysis of Internet protocols - Network performance evaluation of network security protocols; - Denial-of-service attacks and counter measures - Virtual private networks - Security for wireless networks and technologies Through the publication of this special issue, we wish to bring together researchers from the security and networking communities that have not previously had a common forum in which to share methodologies and techniques. Instructions for submitting a paper are given at signl.cs.umass.edu/comcom IEEE Journal on Selected Areas in Communications, Special issue on Design and Analysis Techniques for Security Assurance. Publication: 1st quarter 2003. Editors: Li Gong (SUN Microsystems), Joshua Guttman (The MITRE Corp), Peter Ryan (Carnegie Mellon University), and Steve Schneider (University of London). Submission deadline is March 1, 2002. Information security plays a dominant and increasingly critical role in society. It is therefore essential that we have effective tools and techniques to design and evaluate secure systems and demonstrate that they meet their security requirements. The application of rigorous methods to the specification, modeling, analysis, and design of security-critical systems has made considerable strides in recent years, and the field is rapidly gaining in maturity. The scope of this issue will range over all rigorous, mathematically well founded, approaches to all aspects of security system development. This issue is intended to gather together the leading edge approaches in this area. Papers are solicited in the following areas: * Security protocol analysis * Computer security models and policies * Information flow * Secure architectures * Mobility * Tools for security analysis * Languages * Logics * Static/typechecking techniques * Smartcards Original, unpublished contributions and invited articles will be considered for the issue. The paper should be no longer than 20 double-spaced pages, excluding illustrations and graphs and follow the IEEE J-SAC manuscript format described in the Information for Authors. Authors wishing to submit papers should send an electronic version (postscript or PDF files ONLY) to Steve Schneider at S.Schneider@rhul.ac.uk by March 1, 2002. --------  WITS'2001 Workshop on Issues in the Theory of Security (in conjunction with POPL'02),Portland, Oregon, USA, January 14-15, 2002. (submissions due September 21, 2001) The IFIP WG 1.7 on "Theoretical Foundations of Security Analysis and Design" was established to investigate the theoretical foundations of security. It aims to discover and promote new ways to apply theoretical techniques in computer security, and to support the systematic use of formal techniques in the development of security related applications. Extended abstracts of work presented at the Workshop will be collected before the workshop and distributed to the participants. As in 2000, there will be no formally published proceedings of this year's workshop; however, selected papers will be invited for submission to a special issue of the Journal of Computer Security based on the Workshop. Researchers are invited to submit extended abstracts of original work on topics in the spirit of the workshop. Possible topics for submitted papers include, but are not limited to: formal definitions for the various aspects of security, and verification methods for them. They include confidentiality, privacy, integrity, authentication and availability; new theoretically-based techniques for analysis and design of cryptographic protocols and their manifold applications (e.g., electronic commerce); relationships between cryptographic and non-cryptographic theories of security; information flow modeling and its application to the theory of confidentiality policies, composition of systems, and covert channel analysis; formal techniques for the analysis and verification of mobile code; theory of privacy and anonymity; formal analysis and design for prevention of denial of service. Additional information can be found on the conference web page at www.dsi.unive.it/IFIPWG1_7/wits2002.html. PKC'2002 International Workshop on the Practice and Theory of Public Key Cryptography, Paris, France, February 12-14, 2002. (submissions due September 22, 2001) PKC2002, the fourth conference in the International workshop series on the practice and theory in public key cryptography, is soliciting original research papers pertaining to all aspects of public key encryption and signatures. Submissions may present theory, techniques, applications and practical experience on topics of interest. See the conference web page at at www.novamedia.fr/conferences/conferences/confpkc.html. FC'2002 Financial Cryptography, Southhampton, Bermuda, March 11-14, 2002. (submissions due November 4, 2001) Original papers are solicited on all aspects of financial data security and digital commerce for submission to the Sixth Annual Conference on Financial Cryptography. FC '02 brings together researchers in the financial, legal, cryptologic, and data security fields to foster cooperation and exchange of ideas. A list of topics of interest is given on the conference web page at www.crypto.com/papers/fc02cfp.html WWW2001 The Eleventh International World Wide Web Conference, Sheraton Waikiki Hotel, Honolulu, Hawaii, USA, May 7-11, 2002. (submissions due November 13, 2001) Beginning with the first International WWW Conference in 1994, this prestigious series of the International World Wide Web Conference Committee (IW3C2) also provides a public forum for the WWW Consortium (W3C) through the annual W3C track. The conference will consist of a three-day technical program, preceded by a day of tutorials and workshops and followed by a "Developers Day." Developers Day will be devoted to in-depth technical sessions designed specifically for web developers. The technical program will include refereed paper presentations, peer-reviewed presentations, plenary sessions, panels and poster sessions describing current work. See the web page for areas of interest at www2002.org (or email info@www2002.org). FIRST The 14th Annual Computer Security Incident Handling Conference, Hilton Waikoloa Village, Hawaii, USA, June 24-28, 2002. (submissions due November 16, 2001) The Forum of Incident Response and Security Teams is a global organization whose aim is to facilitate the sharing of security-related information and to foster cooperation in the effective prevention, detection, and recovery from computer security incidents. Its members are CSIRTs (Computer Security Incident Response Teams) from government, commercial, academic, and other environments. The FIRST conference (www.first.org/conference/2002/) brings together IT managers, system and network administrators, security specialists, academics, security solutions vendors, CSIRT personnel and anyone interested in - the most advanced techniques in detecting and responding to computer security incidents - the latest improvements in computer security tools, methodologies, and practice - sharing their views and experiences with those in the computer security incident response field The Call For Papers is at: www.first.org/conference/2002/cfp.html DSN2002 The International Conference on Dependable Systems and Networks, Bethesda, Maryland, USA, June 23-26, 2002. (submissions due November 19, 2001) The International Conference on Dependable Systems and Networks 2002(DSN-2002) announces its Call for Contributions for full papers, practical experience reports, workshop proposals, tutorials, student forum, and fast abstracts. Full papers are due November 19th, 2001. Please see www.dsn.org for submission information. Contributions are invited in, but are not limited to: - Analytical and Simulation Techniques for Performance and Dependability Assessment - Architectures for Dependable Computer Systems - Dependability Benchmarking - Dependability of High-Speed Networks and Protocols - Dependability Modeling and Prediction - Dependability in VLSI - E-commerce Dependability - Fault Tolerance in Transaction Processing - Fault Tolerance in Distributed & Real-Time Systems - Fault Tolerance in Multimedia Systems - Fault Tolerance in Mobile Systems - Information Assurance and Survivability - Internet Dependability and Quality of Service - Intrusion Tolerant Systems - Measurement Techniques for Performance and Dependability Assessment - Safety-Critical Systems - Software Testing, Validation, and Verification - Software Reliability - Tools for Performance and Dependability Assessment PET2002 Workshop on Privacy Enhancing Technologies, San Francisco, CA, USA, April 14-15, 2002. (submissions due December 10, 2001) Privacy and anonymity are increasingly important in the online world. Corporations and governments are starting to realize their power to track users and their behavior, and restrict the ability to publish or retrieve documents. Approaches to protecting individuals, groups, and even companies and governments from such profiling and censorship have included decentralization, encryption, and distributed trust. The workshop seeks submissions from academia and industry presenting novel research on all theoretical and practical aspects of privacy technologies, as well as experimental studies of fielded systems. We encourage submissions from other communities such as law and business that present these communities' perspectives on technological issues. We will publish accepted papers in proceedings in the Springer Lecture Notes in Computer Science (LNCS) series. Suggested topics include but are not restricted to: * Efficient realization of privacy services * Techniques for and against traffic analysis * Attacks on anonymity systems * New concepts for anonymity systems * Novel relations of payment mechanisms and anonymity * Models for anonymity and unobservability * Models for threats to privacy * Techniques for censorship resistance * Resource management in anonymous systems * Pseudonyms, linkability, and trust * Policy and human rights -- anonymous systems in practice * Fielded systems and privacy enhancement techniques for existing systems * Frameworks for new systems developers More information can be found on the workshop web page at www.pet2002.org. NCISSE'2002 The 6th National Colloquium for Information Systems Security Education, Redmond, Washington, USA, June 3-7, 2002. (submissions due January 15, 2002) The colloquium solicits papers from practitioners, students, educators, and researchers. The papers should discuss course or lab development, INFOSEC curricula, standards, best practices, existing or emerging programs, trends, and future vision, as well as related issues. We are especially interested in novel approaches to teaching information security as well as what should be taught. This includes the following general topics: - Assessment of need (e.g. how many information security workers/researchers/faculty are needed?) - Integrating information assurance topics in existing graduate or undergraduate curricula - Experiences with course or laboratory development - Alignment of curriculum with existing information assurance education standards - Emerging programs or centers in information assurance - Late breaking topics - Best practices - Vision for the future Papers reporting work in progress are also welcomed, especially if enough information to evaluate the work will be available at the time of the colloquium. Please see the NCISSE web site at www.ncisse.org for details on submitting a paper. ==================================================================== Conferences and Workshops (the call for papers deadline has passed) ==================================================================== InfoSecu01 java.sun.com/people/gong/conf/shanghai2001/cfp.txt ACM International Conference on Information Security, Shanghai, China, September 24-26, 2001. ISSE 2001 www.eema.org/isse. Information Security Solutions Europe Conference, QEII Conference Centre, London, UK, September 26-28, 2001. ISC'2001 Information Security Conference, Malaga, Spain, October 1-3, 2001. www.isconference.org. I3E www.ifi.unizh.ch/I3E-conference First IFIP Conference on e-commerce, e-business, e-Government, Zurich, Switzerland, October 4-5, 2001. RAID'2001 www.raid-symposium.org/Raid2001/ Fourth International Symposium on the Recent Advances in Intrusion Detection, Davis, California, USA. October 10-12, 2001. TPRC2001 www.tprc.org/TPRC01/2001.HTM The 29th Research Conference on Communication, Information and Internet Policy, Alexandria, Virginia, USA, October 27-29, 2001. NordSec 2001 www.imm.dtu.dk/~nordsec Nordic Workshop on Secure IT-Systems, Copenhagen, Denmark, November 1-2, 2001. SRDS-20 srds.cs.umn.edu 20th IEEE Symposium on Reliable Distributed Systems, New Orleans, USA, November 4-7, 2001. CCS-8 www.bell-labs.com/user/reiter/ccs8/ Eighth ACM Conference on Computer and Communications Security, Philadelphia, Pennsylvania, USA, November 6-8, 2001. Workshop on Security and Privacy in Digital Rights Management (part of the 8th ACM Conference on Computer Security Nov 6-8, 2001), Philadelphia, PA, USA, November 5, 2001. www.star-lab.com/sander/spdrm/. SPDRM'2001 www.star-lab.com/sander/spdrm/ Workshop on Security and Privacy in Digital Rights Management (part of the 8th ACM Conference on Computer Security Nov 6-8, 2001), Philadelphia PA, USA, November 5, 2001. Workshop on Data Mining for Security Applications (part of the 8th ACM Conference on Computer Security Nov 6-8, 2001), Philadelphia, PA, USA, November 8, 2001. www.bell-labs.com/user/reiter/ccs8/ ICICS'2001 Web: homex.coolconnect.com/member2/icisa/icics2001.html Third International Conference on Information and Communications Security, Xian, China, November 13-16, 2001. IW2001 www.we-bcentre.com/iw2001/ 2nd Australian Information Warfare and Security Conference, Scarborough, Perth, Western Australia, November 29-30, 2001. Yuforic'01 yuforic.upv.es Youth Forum in Computer Science and Engineering, Valencia, Spain, November 29-30, 2001. ACSAC'2001, 17th Annual Computer Security Applications Conference, New Orleans, USA, December 10-14, 2001. www.acsac.org/2001/cfp. Indocrypt'2001 www.cs.iitm.ernet.in/indocrypt Second International Conference on Cryptology in India, Chennai, India, December 16-20, 2001. FAST 2002 File and Storage Technologies Conference, Monterey, CA, USA, January 28-29, 2002. www.usenix.org/events/fast/cfp/ Cryptographer's Track at the RSA 2002 Conference, San Jose, California, USA, February 18-22, 2002. www.rsaconference.com/rsa2002/cryptotrack.html. ==================================================================== News Briefs ==================================================================== News briefs from past issues of Cipher are archived at www.ieee-security.org/Cipher/NewsBriefs.html ____________________________________________________________________ LISTWATCH: items from security-related mailing lists (September 7, 2001) by Mary Ellen Zurko (mzurko@iris.com) ____________________________________________________________________ This issue's highlights are from Privacy Forum Digest, ACM TechNews, dcsb, and Risks. ____________________ Fact Squad , set up by People for Internet Responsibility (PFIR) is set up to provide jargon free information about technology and its effects on society. Topics currently listed include Privacy and Digital Copyright and other Rights Issues. ____________________ The title of the article ("In a Dangerous World, Internet Security Cannot Be Left to Technologists Alone", http://specials.ft.com/ftit/FT34WRFC6RC.html) is dopey and self serving (consultants say that they should be called in more). But the first part is an interesting read for those of us interested in the continuing debate of PKI's place in the universe. Are current problems from the economic slowdown, an architecture over hyped as a solution, over centralization, lack of consultants, lack of applications integration, or lack of web services standards? I've been hearing all these and more lately. ____________________ DMCA tidbits: The DMCA can be used to shut down any web site for at least 10 days < http://www.salon.com/tech/log/2001/08/31/dmca_animals/index.html>. A British medical research firm shut down an animal-rights group that has been protesting the firm's treatment of animals by sending a letter claiming that the protest site violates the DMCA to the ISP. The ISP can be cleared of any legal responsibility if they shut down the site, and don't bring it up until they're provided with a counter-notification swearing under penalty of perjury that the person accused of violating DMCA believes the site not to be a copyright violation. After the ISP waits 10 days. A US cryptography expert has broken Microsoft's e-book encryption, to get around it's 2 persona limit, but is staying anonymous and not publishing how to do it . Russia warned its computer experts of the dangers of visiting the US, since Sklyarov was arrested while visiting a hackers' convention in the United States. < http://dailynews.yahoo.com/htx/nm/20010831/tc/tech_russia_usa_dc_1.html> The US Copyright Office says the DMCA is just fine (in part because its early days), though the law should be amended to allow backups and archiving < http://www.washingtonpost.com/wp-dyn/articles/A16744-2001Aug29.html >. Dimitri Sklyarov and his employer ElcomSoft of Moscow pleaded not guilty to the charges of conspiracy and trafficking in technology for use in copyright circumvention. < http://www.nytimes.com/2001/08/31/technology/31HACK.html?todaysheadlines =&pagewanted=print> The EFF has been gathering stories about the lawful use of the program. At the USENIX security symposium, one student asked the SDMI panel, "Can I get in trouble with the DMCA for summarizing this session for my thesis advisor?" The panel unanimously agreed, "Yes" because the SDMI group only authorized presentation of Felten's paper at USENIX. No where else. Fred Cohen is cancelling the aspects of his research covered by DMCA and has withdrawn his forensic products from the market. His products were previously sold to law enforcement. He is discussing whether he needs to cancel classes that teach forensics and cryptanalysis. A Risks reader posited that a blind person could sue the publisher under the Americans with Disabilities Act. Matt Blaze's declaration regarding the Felton DMCA case is a good, straightforward read that makes a compelling case . ____________________ >From pgp-users: "A vulnerability in PGP's display of key validity has been discovered that could allow an attacker to fool users into thinking that a valid signature was created by what is actually an invalid user ID. If the attacker can obtain a signature on their key from a trusted third party, they can then add a second user ID to their key which is unsigned. The attacker must then switch the unsigned false user ID to primary and convince the victim to place the key on their keyring. In such a case, some of the displays in PGP do not properly identify the false user ID as invalid [unsigned? Mez] because the second user ID is fully valid. Whenever PGP displays validity information on a per-user ID basis [a different display mode? Mez], the display is correct. Thus, attentive users who examine the user IDs of all public keys which they import to their keyrings will immediately notice this problem before it could have any impact [and how easy/likely is that to happen? Mez]." http://www.bluering.nl/pgp/ has the thesis and a picture of the exploit, though I can't quite match the picture to the description. Am I supposed to be looking at the "Unsigned" toggle as opposed to the nice green ball under "Validity" or the nice date under "Signed"? ____________________ Legal scholars say that lawsuits suing the companies and network providers of vandalized web sites for damages may be coming < http://partners.nytimes.com/2001/08/24/technology/24CYBERLAW.html>. ____________________ Cross scripting techniques were used to demonstrate breaking Hotmail and stealing Passport IDs and credit card data. < http://www.usatoday.com/life/cyber/tech/2001-08-31-hotmail-security.htm> ____________________ Surveys sez: A Computer Security Institute study reports a large increase in cybercrime reports. The increase is attributed to the tightening economy and the lack of resources to pursue these breaks. There is also a claim of greater cooperation between private companies and law enforcement agencies . The Confederation of British Industry (CBI) survey said that 2/3 of the companies responding had fallen victim to cybercrime in the past year. 69 percent said the financial loss was negligible. The companies still fear their reputations could be tarnished. 53 percent of businesses felt safe trading online with other businesses, but confidence dropped to 32 percent when it came to dealing with consumers via the web. < http://www.siliconvalley.com/docs/news/reuters_wire/1444131l.htm> ____________________ Sitting in the Morristown (N.J.) Memorial Hospital, AT&T Labs' Avi Rubin noticed that his laptop wireless connection card was blinking, and then discovered that the hospital's wireless network was open to his laptop, using 802.11b (Wi-Fi) and automatically granting him access. My favorite quote from Avi: "Fortunately, I'm married to a lawyer, who advised me against looking [at the hospital traffic]." When he alerted the hospital, they said that it was a "temporary situation" during an overhaul. < http://www.nytimes.com/2001/08/19/technology/19WIRE.html> ____________________ Almost a month after the SirCam virus was first spotted, the virus is still pouring into e-mail inboxes. According to Sophos, an antiviral software company, SirCam accounted for a whopping 65 percent of all reported virus infections in July, a record unmatched by any other virus since Sophos started tracking them in 1998. I got more copies of this virus than any other, and most I viruses I never even saw a copy of. For others, they were caught at our routers and support notified me that I been the target recipient of one (usually through the cypherpunks mailing list :-). < http://www.wired.com/news/technology/0,1282,46087,00.html> I also felt the effects of the variants of Code Red for several days while I and others had various web based services disabled. I was shocked to see claims of over-hype targeted at the virus, since it had been many virus iterations since one disrupted my work life. Maybe it struck enterprises the hardest. ____________________ Pompiliu Donescu, Virgil D. Gligor, and David Wagner, in ``A Note on NSA's Dual Counter Mode of Encryption,'' show that both variants of the Dual Counter Mode of encryption (DCM) submitted for consideration as an AES mode of operation to NIST by NSA staffers are insecure with respect to both secrecy and integrity in the face of chosen-plaintext attacks. ___________________ ____________________________________________________________________ News Bits ____________________________________________________________________ The final program and registration information for the IEEE 20th Symposium on Reliable Distributed Systems (SRDS'01) is available at srds.cs.umn.edu">srds.cs.umn.edu. Advanced registration ends September 28, 2001. The symposium will be held October 28-31, 2001 in New Orleans, LA, USA. Here's the final program: Sunday October 28, 2001 9:00-5:00 Workshop 1: Reliable and Secure Applications in Mobile Environments 9:00-5:00 Workshop 2: Reliability in Embedded Systems Monday October 29, 2001 9:00-10:00 Keynote Lecture: Dr. Ambuj Goyal General Manager, Solutions and Strategy IBM Software Group 10:00 10:30 Coffee break 10:30-12:00 Session 1: Replication Session Chair: Lorenzo Alvisi, University of Texas at Austin, USA Optimizing File Availability in a Secure Serverless Distributed File System John R. Douceur Roger P. Wattenhofer Primary-backup replication: From a time-free protocol to a time-based implementation Rui Oliveira, JosÈ Pereira, AndrÈ Schiper How to Select a Replication Protocol According to Scalability, Availability, and Communication Overhead R. Jimenez-Peris, M. Patino-Martinez, B. Kemme, and G. Alonso 2:00-3:30 Session 2: Recovery Session Chair: Gilles Muller, INRIA Rennes, France Quantifying Rollback Propagation in Distributed Checkpointing Adnan Agbaria and Hagit Attiya and Roy Friedman and Roman Vitenberg Continental Pronto Svend Frolund and Fernando Pedone Compiler-Assited Heterogeneous Checkpointing Feras Karablieh, Margaret Hicks, and Rida Bazzi 3:30 -4:00 Coffee break 4:00-5:30 Panel Session "Reliability and Security in Distributed and Mobile Systems" Moderator: Bharat Bhargava, Purdue University Panelists: Joseph Betser, Aerospace Corporation Kevin Kiat, US Airforce Rome Lab Kane Kim, University of California Irvine Catherine Meadows, Naval Research Lab Mukesh Singhal, University of Kentucky 6:00-7:00 Reception Tuesday October 30, 2001 8:30-10:00 Session 3: Security Session Chair: Catherine Meadows, Naval Research Labs, USA Detecting Heap Smashing Attacks Through Fault Containment Wrappers Christof Fetzer, Zhen Xiao Efficient Update Diffusion inByzantine Environments Dahlia Malkhi, Ohad Rodeh, Michael K. Reiter , Yaron Sella An Analytical Framework for Reasoning About Intrusions Shambhu Upadhyaya, Ramkumar Chinchani and Kevin Kwiat 10:00-10:30 Coffee break 10:30-12:00 Session 4: Agreement Protocols Session Chair: Suresh Rai, Lousiana State University, USA Optimistic Validation of Electronic Tickets Fernando Pedone A Consensus Protocol Based on a Weak FailureDetector and a Sliding Round Window Michel Hurfin, Raimundo Macedo,Achour Mostefaoui, and Michel Raynal Polynomial Time Synthesis of Byzantine Agreement Sandeep S. Kulkarni, Anish Arora, Arun Chippada 2:00-3:30 Session 5: Application Level Fault Tolerance Session Chair: Luca Simoncini, University of Pisa & CNR, Italy Looking Ahead in Atomic Actions with Exception Handling Alexander Romanovsky Assessing Inter-Modular Error Propagation In Distributed Software Arshad Jhumka, Martin Hiller, Neeraj Suri Designing a Robust Namespace for Distributed File Services Zheng Zhang, Christos Karamanolis 3:30 -4:00 Coffee break 4:00-5:30 Panel Session "Building Reliable Systems out of COTS Components" Moderator: Farokh Bastani, University of Texas, Dallas Panelists: Savio Chau, Nasa JPL Matthew Chiramal, Nuclear Regulatory Commission David Hislop, Army Research Office Jeffrey M. Voas, Reliable System Technology Mladen Vouk, Univ.of South Carolina 7:30-9:00 Banquet Wednesday October 31, 2001 8:30-10:00 Session 6: Concise Contributions Session Chair: Jie Xu, Durham University, UK Message Logging Optimization for Wireless Networks B. Yao and W. Kent Fuchs Reducing Noise in Gossip-Based Reliable Broadcast P.Kouznetsov, R.Guerraoui, S.B.Handurukande, A.-M.Kermarrec Chasing the FLP Impossibility Result in a LAN or How Robust Can a Fault Tolerant Server Be? Peter Urban and Xavier Defago and Andre Schiper Consensus with Written Messages Under Link Faults Bettina Weiss, Ulrich Schmid An Efficient TDMA Synchronization Approach for Distributed Embedded Systems Vilgot Claesson, Henrik L–nn, Neeraj Suri Efficient Recovery Information Management Schemes for the Fault Tolerant Mobile Computing Systems Taesoon Park, Namyoon Woo and Heon Y. Yeom 10:00-10:30 Coffee break 10:30-12:00 Session 7: QoS and Real-Time Systems Session Chair: Gerhard Fohler, Malardalen University, Sweden Using the Timely Computing Base for Dependable QoS Adaptation AntÛnio Casimiro and Paulo VerÌssimo A Microkernel Middleware Architecture for Distributed Embedded Real-Time Systems U. Brinkschulte, A. Bechina, F. Picioroaga, E. Schneider Th. Ungerer, J.Kreuzinger, M. Pfeffer Performance Analysis of the CORBA Notification Service Srinivasan Ramani, , Kishor S. Trivedi, and Balakrishnan Dasarathy 1:30-3:00 Session 8: Mobile Systems Session Chair: Nian-Feng Tzeng, University of Louisiana, USA Reliable Real-Time Cooperation of Mobile Autonomous Systems Stefan Schemmer, Edgar Nett, Michael Mock On the Effectiveness of A Counter-Based Cache Invalidation Scheme and Its Resiliency to Failures in Mobile Environments Guohong Cao and Chita Das Comparison-Based System-Level Fault Diagnosis in Ad-Hoc Networks Stefano Chessa and Paolo Santi ____________________ The final program and registration information for the 8th ACM Conference on Computer and Communications Security (CCS-8) is available at seclab.crema.unimi.it/~ccs8/. Advanced registration ends October 1, 2001. The conference will be held November 5-8, 2001 in Philadelphia, PA, USA. TUTORIALS ON NOV. 5 -- WORKSHOPS ON NOV. 5 and NOV. 8 PRELIMINARY CONFERENCE PROGRAM TUESDAY NOV. 6 9:00 - 9:15 OPENING REMARKS BY CHAIRS Mike Reiter (Bell Labs, Lucent Technologies, USA) Pierangela Samarati (Universita` di Milano, Italy) 9:15-10:30 INVITED TALK Brian Snow (Technical Director, Information Assurance Directorate, National Security Agency, USA) 10:30- 11:00 - COFFEE BREAK 11:00-13:00 PASSWORD MANAGEMENT AND DIGITAL SIGNATURES Error Tolerant Password Recovery Niklas Frykholm, Ari Juels (RSA Laboratories, USA) Delegation of Cryptographic Servers for Capture-Resilient Devices Philip MacKenzie, Michael K. Reiter (Bell Labs, Lucent Technologies, USA) Twin Signatures: An Alternative to the Hash-and-Sign Paradigm David Naccache, David Pointcheval, Jacques Stern (Ecole Normale Superieure, France) BiBa: A New Signature Scheme for Broadcast Authentication Adrian Perrig (UC Berkeley, USA) 14:00-15:30 ACCESS CONTROL Policy Algebras for Access Control - The Propositional Case Duminda Wijesekera, Sushil Jajodia (George Mason University, USA) A Chinese Wall Security Model for Decentralized Workflow Systems Vijayalakshmi Atluri, Soon Ae Chun, Pietro Mazzoleni (Rutgers University, USA) Design and Implementation of a Flexible RBAC-Service in an Object-Oriented Scripting Language Gustaf Neumann, Mark Strembeck (Vienna University of Economics and BA, Austria) 15:30-16:00 COFFEE BREAK 16:00-17:30 MOBILE CODE AND DISTRIBUTED SYSTEMS An Efficient Security Verification Method for Programs with Stack Inspection Naoya Nitta, Yoshiaki Takata, Hiroyuki Seki (Nara Institute of Science and Technology, Japan) The Performance of Public Key-Enabled Kerberos Authentication in Mobile Computing Applications Alan Harbitter, Daniel A. Menasce` (PEC Solutions Inc., USA - George Mason University, USA) A New Approach to DNS Security (DNSSEC) Giuseppe Ateniese, Stefan Mangard (The Johns Hopkins University, USA) 19:00 - RECEPTION WEDNESDAY NOV. 7 9:00-10:30 PROTOCOLS Events in Security Protocols Federico Crazzolara, Glynn Winskel (University of Cambridge, England) On the Relationship between Strand Spaces and Multi-Agent Systems Joseph Y. Halpern, Riccardo Pucella (Cornell University, USA) Verifiable, Secret Shuffles of ElGamal Encrypted Data for Secure Multi-Authority Elections C. Andrew Neff (VoteHere Inc., USA) 11:00-13:00 SECURE DATA PUBLISHING AND CERTIFICATE MANAGEMENT Tangler - A Censorship Resistant Publishing System Based On Document Entanglements Marc Waldman, David Mazieres (New York University, USA) Flexible Authentication of XML documents Prem Devanbu, Michael Gertz, April Kwong, Chip Martel, Glen Nuckolls, Stuart G. Stubblebine (UC Davis, USA and Stubblebine Consulting, USA) Interoperable Strategies in Automated Trust Negotiation Ting Yu, Marianne Winslett, Kent Seamons (University of Illinois at Urbana-Champaign, USA, and Brigham Young Univeristy, USA) Distributed Credential Chain Discovery in Trust Management Ninghui Li, William H. Winsborough, John C. Mitchell (Stanford University, USA, and NAI Labs, USA) 13:00-14:00 LUNCH 14:00-15:30 PROTOCOL ANALYSIS Bounded-Process Cryptographic Protocol Analysis Jonathan Millen, Vitaly Shmatikov (SRI International, USA) On the Abuse-Freeness of the Garay-Jakobsson-MacKenzie Two-Party Protocol Rohit Chadha, Max Kanovich, Andre Scedrov (University of Pennsylvania, USA) The Faithfulness of Abstract Encryption Joshua D. Guttman, F. Javier Thayer Fabrega, Lenore D. Zuck (MITRE, USA - New York University, USA) 15:30-16:00 COFFEE BREAK 16:00-17:30 PANEL (TBA) THURSDAY NOV. 8 8:30-10:00 CRYPTOSYSTEMS OCB: An Authenticated-Encryption Mode for Emerging Cryptographic Standards Phillip Rogaway, Mihir Bellare, John Black, Ted Krovetz (UC Davis, USA - UC San Diego, USA - University of Nevada, USA) Paillier's Cryptosystem Revisited Dario Catalano, Rosario Gennaro, Nick Howgrave-Graham, Phong Q. Nguyen (Universita` di Catania, Italy - IBM Research Yorktown Heights, USA - Ecole Normale Superieure, France) Securely Combining Public-Key Cryptosystems Stuart Haber, Benny Pinkas (InterTrust STAR Lab, USA) 10:00-10:30 COFFEE BREAK 11:00-12:30 GROUP KEY MANAGEMENT AND SIGNATURES Formalizing GDOI Group Key Management Requirements in NPATRL Catherine Meadows, Paul Syverson, Iliano Cervesato (Naval Research Laboratory, USA) Accountable-Subgroup Multisignatures Silvio Micali, Kazuo Ohta, Leonid Reyzin (MIT, USA - University of Electoro-Communications, Japan) Provably Authenticated Group Diffie-Hellman Key Exchange Emmanuel Bresson, Olivier Chevassut, David Pointcheval, Jean-Jacques Quisquater (Ecole Normale Superieure, France - Lawrence Berkeley National Laboratory, USA - Microelectronic laboratory, Belgium) A Practical Forward Secure Group Signature Scheme Dawn Song (UC Berkeley, USA) 12:30 CLOSING TUTORIALS AND WORKSHOPS MONDAY NOV. 5 TUTORIAL 1: TOPICS IN INTRUSION DETECTION: CORRELATION AND NETWORK-BASED APPROACHES (Vern Paxson and Stuart Staniford) TUTORIAL 2: SECURITY AND SOFTWARE ENGINEERING (Stuart Stubblebine and Prem Devanbu) WORKSHOP: SECURITY AND PRIVACY IN DIGITAL RIGHTS MANAGEMENT (http://www.star-lab.com/sander/spdrm) THURSDAY NOV. 8 (13:30-18:30) WORKSHOP: DATA MINING FOR SECURITY APPLICATIONS (http://www.bell-labs.com/user/reiter/ccs8/mining-program.html) ____________________ Here is the preliminary program for the RSA Conference 2002 Cryptographers' Track (RSA-CT '02). Ciphers with Arbitrary Finite Domains John Black, University of Nevada at Reno, USA Phillip Rogaway, University of California at Davis, USA and Chiang Mai University, Thailand Known Plaintext Correlation Attack Against RC5 Atsuko Miyaji, Japan Advanced Institute of Science and Technology Masao Nonaka, Japan Advanced Institute of Science and Technology Yoshinori Takii, Japan Air Self Defense Force The Representation Problem Based on Factoring Marc Fischlin, Roger Fischlin University of Frankfurt, Germany On the Impossibility of Constructing Non-Interactive Statistically-Secret Protocols from any Trapdoor One-Way Function Marc Fischlin, University of Frankfurt, Germany Observability Analysis: Detecting when Improved Cryptosystems Fail M. Joye, Gemplus, France J.-J. Quisquater, Universite Catholique de Louvain, Belgium S.-M. Yen, National Central University, Taiwan M. Yung, Certco, USA Generic Chosen-Ciphertext Secure Encryption J.-S. Coron, Gemplus, France H. Handschuh, Gemplus, France M. Joye, Gemplus, France P. Paillier, Gemplus, France D. Pointcheval, Ecole Normale Superieure, France C. Tymen, Gemplus, France Security of Encryption + Proof of Knowledge in the Random Oracle Model Masayuki ABE, NTT Information Sharing Platform Laboratories, Japan RSA-based Undeniable Signatures For General Moduli Steven D. Galbraith, University of Bristol, UK Wenbo Mao, Hewlett-Packard Laboratories, Bristol, UK Kenneth G. Paterson, Royal Holloway, University of London, UK On Hash Function Firewalls in Signature Schemes Burt Kaliski, RSA Laboratories, USA Homomorphic Signature Schemes Robert Johnson, David Molnar, Dawn Song, David Wagner University of California at Berkeley, USA Transitive Signature Schemes Silvio Micali, Ron L. Rivest MIT, USA Co-operatively Formed Group Signatures Greg Maitland, Colin Boyd Queensland University of Technology, Australia Stateless-Recipient Certified E-mail System based on Verifiable Encryption Giuseppe Ateniese, Cristina Nita-Rotaru The Johns Hopkins University, USA Secure Key Evolving Protocols for Discrete Logarithm Schemes Cheng-Fen Lu, Shiuh-Pyng Shieh National Chiao-Tung University, Taiwan Proprietary Certificates Markus Jakobsson, RSA Laboratories, USA Ari Juels, RSA Laboratories, USA Phong Nguyen, Ecole Normale Superieure, France Nonuniform Polynomial Time Algorithm to Solve Decisional Diffie-Hellman Problem in Finite Fields under Conjecture Qi Cheng, Shigenori Uchiyama University of Southern California, USA An ASIC implementation of the AES SBoxes Johannes Wolkerstorfer, Elisabeth Oswald, Mario Lamberger Graz University of Technology, Austria Montgomery in Practice: How to Do It More Efficiently in Hardware Lejla Batina, Geeke Muurling Securealink bv., The Netherlands Precise Bounds for Montgomery Modular Multiplication and Some Potentially Insecure RSA Moduli Colin D. Walter, UMIST, UK Mist: An Efficient, Randomized Exponentiation Algorithm for Resisting Power Analysis Colin D. Walter, UMIST, UK Fast Software Implementation of Multiplication in GF(2^m) Using Normal Bases Sang Gyoo Sim, Dong Jin Park, Pil Joong Lee Pohang University of Science & Technology (POSTECH), Korea Invited talks: Ron L. Rivest, MIT, USA Micropayments Revisited (joint work with Silvio Micali) Victor Shoup, IBM Research, Zurich title to be announced ____________________ Call for Participation: ACM State-of-the-Art Summer School on Foundations of Internet Security September 16-23, 2001, Duszniki Zdrój, Poland For BASIC INFORMATION see http://www.ii.uni.wroc.pl/school/ Lecturers: Verification of cryptographic protocols: Catherine A. Meadows, Naval Research Laboratory, USA Andrew D. Gordon, Microsoft Research, USA Practical cryptography: Bart Preneel, Katholieke Universiteit Leuven, Belgium Phillip Rogaway, University of California, Davis, USA Intrusion detection: Peter Stephenson, Netigy Corporation, USA Information flow: Peter Ryan, Carnegie Mellon University, USA Language based security: Fritz Henglein, IT University, Glentevej, Denmark Dexter Kozen, Cornell University, USA David Walker, Carnegie Mellon University, USA Dan Wallach, Rice University, USA Role-based access control: Ravi Sandhu, George Mason University, USA Program Committee: Fritz Henglein, IT University, Glentevej, Denmark Catherine A. Meadows, Naval Research Laboratory, USA Leszek Pacholski (chair), University of Wroclaw, Poland Bart Preneel, Katholieke Universiteit Leuven, Belgium Fees: regular - 500 US dollars students and young faculty - 200 US dollars accompanying person - 180 US dollars Fees include full board accommodation (in triple or double room) (single room for participants paying regular fee) and school materials. A limited number of grants will be available. Address Summer School FIS'01 Institute of Computer Science University of Wrocaw ul. Przesmyckiego 20 51-151 Wroclaw, Poland school@ii.uni.wroc.pl} phone (+48) 71-3247344 fax (+48) 71-3251271 The goal of the meeting is to bring state-of-the art knowledge on the theory and tools that can be applied to enhance the security of the Internet. The program of the school will include cryptography, design of secure (cryptographic) network protocols, crypto protocol verification, intrusion detection, security of distributed computing, and security of mobile code, including proof carrying code and byte-code verification. The focus of the school will be intentionally broad so that students can acquire, not only information about particular topics they may be interested in working on, but awareness of security in all its different aspects. We shall concentrate primarily on the theoretical basis of network and distributed systems security, but we will also emphasize the connection with applications. Thus our lecturers will include not only prominent researchers in the theory of computer security, but those with practical experience who can give insight into applying this theory to real-world problems. We thus expect that participants in the school will gain knowledge that will help them both to carry on research in this area and to build tools applicable in practice.

News Bits contains correspondence, interesting links, non-commercial announcements and other snippets of information the editor thought that Cipher readers might find interesting.  And, like a UCITA protected product, by reading the above page you have already agreed to not hold the editor accountable for the correctness of its contents.

_______________________ News Bits contains correspondence, interesting links, non-commercial announcements and other snippets of information the editor thought that Cipher readers might find interesting. And, like a UCITA protected product, by reading the above page you have already agreed to not hold the editor accountable for the correctness of its contents. ==================================================================== Commentary and Opinion ==================================================================== Book reviews from past issues of Cipher are archived at www.ieee-security.org/Cipher/BookReviews.html, and conference reports are archived at www.ieee-security.org/Cipher/ConfReports.html. ____________________________________________________________________ Book Review by Robert Bruen September 12, 2001 ____________________________________________________________________ The CERT Guide to System and Network Security Practices. by Julia Allen. Addison-Wesley, 2001. 447 pages. Index, two appendices, bibliography and abbreviations list. $39.99 softcover. ISBN 0-201-73723-X When it comes to figuring out how to protect your computers and networks there are a number of approaches that can be taken. There are also a large number of books that offer help. When you are not sure which way to turn and there are lots of choices, it is difficult to decide what should be done first. The CERT Guide is a good place to start because unlike many of the other books (many of which are good), it uses the step by step approach with complete (as is possible) coverage. It is not written from a hackers viewpoint, but instead from defensive viewpoint, starting with hardening of your network. The focus is on procedures and policy in addition to technical matters. Each chapter has a well done checklist referencing the section within the chapter itself. The chapters and checklists are orderly, first do this, next do that, etc. The steps are explained in the chapter sections, but not in the detail that a hard core techie might like. For example, SSL, SSH and SET are covered in just a few pages. Each is described with enough information to allow the reader to decide whether or not it is appropriate to seek further information and where to go for it. There are sections that do cover technical detail, for example, the process to obtain, install, run and understand Tripwire, Snort, TCPDump and other software packages. A number of alternative packages are given as well. The well organized approach breaks out each one of the concepts of security with the appropriate software listed for each concept in chart form. This book is is aimed at the implementation of security, not looking at code to see how to attack networks. It is also a level headed approach that does use hyperbole as a tool. The first several chapters cover securing computers: servers, user workstations and web servers in particular. There is a chapter on firewalls. The rest of the chapters focus on Intrusion Detection from setting up to responding to an intrusion. Most security books are not written with the goal of serving as a textbook for an academic course in computer and network security, but this one is close. It does not have the necessary problems and exercises, but the organization and presentation meets many of the other requirements. It is highly structured with small sections, numbered to three levels.This makes it a good choice for learning about security, somewhat reflecting CERT's approach to security. The CERT Guide is easy to read, with good instructions and good information. It is a useful book to have, especially if you need to communicate with an upper management that understands only policy as standard operating procedure. It also has its basis in CERT's database of security incidents, so if you follow everything in it, you will be in good shape. Well, at least until the next sunrise development from the crackers. It is recommended as part of the growing book collection intended to help the people who just want to keep their networks up and running. ____________________________________________________________________ Book Review by Robert Bruen September 12, 2001 ____________________________________________________________________ John Chirillo. Hack Attacks Revealed. John Wiley & Sons. 2001. 944 pages. Index, seven appendices including glossary, references, CD-ROM. $59.99 Softcover. ISBN 0-471-41624-X. John Chirillo. Hack Attacks Denied John Wiley & Sons. 2001. 491 pages. Index, three appendices, glossary, references, CD-ROM. $54.99. Softcover. ISBN 0-471-41625-8. When I first read through these two books, I was at a bit of a loss to figure out why hackers were mentioned at all. The information presented here is how networks work, how ports works, how to do systems administration, in short, a pretty complete set of the technical things one need to know to really understand how it all works. Then it dawned on me, that is what hackers need to know and what many systems people do not know. Many of the great secrets are secrets because they are not known, not because they are hidden. What is needed is a terrific, single source, like this Hack Attack set. It is a good as any textbook I have seen when it comes to describing the practical side of networking. The Revealed volume gives one of the best explanation of an IP address at the bit level, which include how masks work. Ethernet is presented in easy to understand charts that cover the older and newer flavors, (read thick wire through 100Mb), along with descriptions of frames for all sorts of useful protocols, without going deeper than necessary. It is a comprehensive quick-start. The next large section in Revealed is the Hacker Coding Fundamentals, actually a brief introduction to C, which I would not recommend as a method to learn C. Its value is the code that follows it. If you already know another language well and do not know C, it is helpful as you read the hacking code to be able to refer back to introduction to C. The hacking code has examples of flooding using echo and ping, tunneling and keystroke logging (let's hope this does not violate national security). The Denied volume puts on the white hat to help in the struggle against the Revealed volume. There is some natural overlap, but the tools presented range from intrusion detection, both commercial and homegrown, through policy making to help in protecting your network. The log file examples are little excessive at times, but the code examples are interesting and useful, such as the source code for scanning your own ports. The CDs included contain lots of code, some of it old, some almost recent, but the age should not matter if you are merely trying to learn about it. Much of the software is not on the CD, but instead there is a large list of links to the places where the code resides. There are lots of pages in these two books, some of it detailed, but worth the effort to get through it all. I recommend this set because it covers a broad range of technical material which any systems or network administrator ought to know. It also has real code that could be used, for example, to port scan or ping flood, which I believe is necessary for admins to know. Dealing with attacks require an understanding of how they are done, especially since it is an ongoing process. It is not enough to know about a particular attack or vulnerability, because new ones are being created almost daily. What is important is to understand the underlying principles that will be utilized for attack and defense. A grasp of the foundations make it a bit easier to notice and respond to novel attacks. ____________________________________________________________________ Book Review by Robert Bruen September 12, 2001 ____________________________________________________________________ White Hat Security Arsenal, Tackling the Threats. by Aviel Rubin. Addison-Wesley 2001. 330 pages. Index,Glossary and Bibliography. $44.99 softcover. ISBN 0-201-71114-1. In the security world, there are white hats, black hats and grey hats, perhaps even a few without a hat. Over the past decade or so people interested in security issues have migrated into several camps, some of them driven by morality, some driven by profit (legal or illegal) and some driven simply by their job. Many of the white hat folks simply want to be able to get through a week at work without some new security problem causing them to lose sleep trying to respond and recover to somebody's idea of a good time. If they experienced such a week, they would probably be happy to spend it reading Rubin's new book, White Hat Security Arsenal. The first section presents the threat, just in case you has not noticed lately, which includes one of the better history of worms and viruses from Morris to the Love Bug with clear, understandable explanations of how and why each of them worked, with source code. The white hats need to know how the black hat creations function. Rubin also covers how the recovery process proceeded. Secure data storage is a topic usually left out of security books probably because it is not as sexy as the virus de jour, but it is needed in the practical world. The three area presented are file systems, remote storage and backups, although we all know a backup does not count as much as a restore. The file systems is mainly protected by encryption, although that is not enough. For example, passwords to protect files are critical. He has a nice explanation of how graphical passwords work. NFS, the Network File System, is discussed. I have never believed the secure and NFS belong in the same sentence, nevertheless, the issues are important, and there are methods available to decrease the risks associated with NFS so that the conveniences can be enjoyed. Backups over a network is certainly one of the conveniences that system administrators enjoy. There are a number of useful tips in the this chapters, such as compressing the files, encrypting them, then backing the up over the network to prevent sniffing as the files traverse the network. A number of commercial products are described as well. The section on transferring information securely on networks is where the issues on public keys, authentication and identify will be found. These topics are covered in numerous security books, but sometimes the coverage is better than in other places. White Hats Security Arsenal tackles the difficult task of explaining technical details in a clear fashion very well. The next section, protecting against network threats, naturally involves firewalls to control what comes into your network and defending against the black hats with tools that make up for what firewalls cannot do. The last section deals with on line commerce and privacy. One of the important uses of the net is for business transactions. Unless users feel confident that their purchases are secure, business use will stall. One of the approaches to this problem is Microsoft's Passport. Rubin shows how it is supposed to work along with some of its vulnerabilities. This book is well written, easy to understand and has a good scope of coverage. It is a helpful book supplemented with lots of short, good case studies and lots of relevant web sites references. I am happy to recommend this book to hats of any color. ____________________________________________________________________ Book Review by Anish Mathuria September 12, 2001 ____________________________________________________________________ Security Engineering: A Guide to Building Dependable Distributed Systems. by Ross Anderson. Wiley 2001. ISBN 0-471-38922-6. This book is for everyone who wants to design and build secure systems. It fills a void in the literature on security engineering. A central theme throughout the book is that in order to design secure systems, you have to grasp the fundamentals of crypto and access control, but at the same time you need to understand why security often fails in the real world. Readers will find entertaining and accessible discussions on a variety of topics including banking security, security protocols, tamper resistance, security policy models, monitoring systems, and copyright protection (to name a few). Each chapter ends with thought-provoking questions on the subject as well as suggestions for further reading. The bibliography has over 800 references from the academic and popular literature on security. It is available online from the book's website, http://www.ross-anderson.com. ____________________________________________________________________ Conference Report on CSFW 2001 by Geraint Price ____________________________________________________________________ 14th Computer Security Foundations Workshop CSFW 2001 Cape Breton, Nova Scotia, Canada, 11-13 June 2001 by Geraint Price The fourteenth Computer Security Foundation Workshop (CSFW 2001) was held in an idyllic location at Keltic Lodge on Cape Breton in Nova Scotia. Although the travel was lengthy the location and isolation led to a definite closed community feel to the workshop, which is very much in keeping with the goals of the steering committee. The isolation of the hotel and its surrounding facilities lent itself naturally to the feeling that you had come away from it all to get to grips with the workshop. Every session was well attended, with the lawn outside the conference room providing excellent opportunity to converge during the coffee breaks, discuss the work, and also bask in the fortunately clement weather with which we were provided. The first session was based on Information Flow theory. Sylvan Pinsky: Noninterference Equations for Nondeterministic Systems: This talk was well presented and was based on the notion that deterministic and nondeterministic finite state machines are in fact equivalent. There was comment from the floor that similar work had been started in past research, but that one difficulty posed by using the state machine approach in these scenarios was the speed at which state space explosion became a problem. Steve Zdancewic: Robust Declassification: The basic premise of this paper was to make a distinction between intentional and unintentional information flow. The author's intention was to demonstrate that declassification of sensitive material was an intentional leakage of information. The overriding claim made was the implicit connection between the integrity of a data object and its confidentiality, the notion being that a surreptitious disruption of the integrity of an object could compromise the confidentiality of the object as an unintentional effect. A few questions were raised with regards to the usage of a log-in password mechanism as a vehicle for demonstrating the concept, but on the whole the basis for discussion had merit. The second session was based around Access Control. Ajay Chander: A State-transition Model of Trust Management and Access Control: This talk provided a novel modeling of different types of trust management. They specifically model and derive the relationships between (i) Access Control Lists (ii) Capability based methods (iii) Localized Trust Management - such as those developed in the KeyNote system developed by Blaze et al. The state based system they use is expressive in abstracting the relations between client and object away from the details of each category. A small set of slides where the results - and hence the relationships - were shown in graphical form made it very easy to follow the result (and with the title "A picture paints...", it drew a laugh from the audience). A novel piece of work that clears up the equivalence between ACL and capabilities. Asa Hagstrom: Revocations - a Classification: The outline of this talk was to study the temporal difference between what they term positive and negative access permissions. Their re-calculation of permission chains in the light of new rights close to the source of the chain provides us with an easy means of letting revocation percolate throughout the system. There was concern from the floor about the absolute nature of the negative rights represented in the paper, and that their model lacks the expressiveness for such things as a hierarchy of users. Joseph Halpern: A logical reconstruction of SPKI: This talk presented a formal analysis of the SPKI/SDSI system of public key certificates put forward by Rivest and Lampson. There was some confusion as to whether this was an extension of the SPKI/SDSI environment, but the speaker cleared up that it was purely an analysis. The authors extend some of their earlier analyses to include expiry in the certificates. Their analysis of reduction rules in SPKI concludes that they need to be enhanced to allow for more complete reasoning about certificates. The third session was based on Protocols. Olivier Pereira: A Security Analysis of the Cliques Protocol Suites: This paper presents the outline of a model for analysis of Diffie-Hellman based group key-agreement protocols, and demonstrates this by using it to analyse the Cliques protocols. An interesting topic of discussion due to the analysis of the protocol when players are added or deleted to the group. This itself presents a major headache when it comes to analysing the forward secrecy properties of the protocols. Bruno Blanchet: An Efficient Cryptographic Protocol Verifier Based on Prolog Rules: As noted in the title, the speaker presents a new protocol analyser based on Prolog rules. While a few of these have appeared in the literature before, the main advancement put forward was a new solving algorithm that limits the number of runs in a protocol. They presented a list of run times to demonstrate that this made their analyser very efficient in its search time - although comment from the floor questioned the need for program run times in a conference on theory, the answer was an honest: "Because all other automated model checking papers have them!". Veronique Cortier: Proving secrecy is easy enough: This talk introduced a state-based analysis of security aimed at proving the secrecy of the protocol. They encapsulate the notion of secrecy in terms of "occultness" which they present as a means of deciding if states can be generated that reveal secrets. They noted that under the assumptions they use that they might not be able to prove a protocol secure in some cases where it is actually secure. The fourth session was a panel discussion entitled "Relating Cryptography and Cryptographic Protocols": This panel brought together a nice mix of theory and practical experience. The final panel line up was slightly different to that presented in the proceedings, with the panel consisting of David Wagner, Martin Abadi, Ran Canetti and Joshua Guttman. The overall discussion focussed on the gap that exists between analysis of protocols in theoretical models and their use for analysis by real world implementors of security systems. The main conclusion drawn was that there was much scope for work on building tools that made secure protocol analysis more accessible to those who really need to use it. The highlight of this sales pitch in my opinion came from David Wagner of U.C. Berkeley. Starting off by apologising for any flaws in protocol analysis he made due to not being an expert, he went on to present three independent protocol designs which while standing on their own were child's play for picking holes in, and each individually raised a laugh from the audience. He concluded by demonstrating how these flaws in combination made it possible for him and others at Berkeley to break the IEEE 802.11 WEP protocol. The fifth session was the interaction of Information Flow and Type Systems. Geoffrey Smith: A New Type System for Secure Information Flow: The morning of the second day started with an interesting talk on type systems in multi-threaded programs. The basis for the talk was analysis of information leakage within the scheduler of a multi-threaded program which contains high and low variables. The analysis is not of the scheduler itself but of possible interactions between threads if we assume a fair scheduler. The analysis comes down to the guards used in loops, and whether they are high or low variables. He demonstrates that for probabilistic noninterference to be guaranteed, threads that are contaminated with a high while loop need to be separated from other threads from that point onwards. Andrei Sabelfeld: A Generic Approach to the Security of Multi-Threaded Programs: This talk gave an overview of the integration between security properties of programming languages and abstract level properties of information flow. The model used for the information flow properties is the one that the co-author (Heiko Mantel) presented at CSFW 2000. Offering this integration between communicating processing in the distributed sense along with local information sharing in the programming sense provided an interesting overview of how models of different security properties could be combined to increase the relative power of their analysis. The sixth session was a second look at Protocols. Alan Jeffrey: Authenticity by Typing for Security Protocols: This talk looked at using type based language checking as a means of analysing the security of protocols after they had been represented using the Spi calculus (itself developed by Andy Gordon, a co-author on the paper). The method used for typing provided a very neat means of encapsulating the safety property usually associated with the use of nonces. Marcelo Fiore: Computing Symbolic Models for Verifying Cryptographic Protocols: The presentation overviewed the use of symbolic techniques to tackle the problem of infinite-state systems that arise when trying to analyse even seemingly most simple cryptographic protocols. This seems an interesting avenue for exploration, due to the problems of state explosion faced by many methods for analysing cryptographic protocols. Michael Rusinowitch: Protocol Insecurity with Finite Number of Sessions is NP-complete: This talk gave a view of the complexity of deciding the analysis of checking various modes of cryptographic protocols. Even when limiting the number of sessions they were able to demonstrate NP-Completeness of the result. The seventh session covered Intrusion Detection. Francesco Parisi-Presicce: Multi-Phase Damage Confinement in Database Systems for Intrusion Tolerance: Unfortunately the speaker on this occasion was not one of the authors of the paper. The session chair gave note after the talk that he was thus at liberty not to answer any of the questions. The overall model of the system aimed to highlight the difficulty in maintaining availability and safety in a database system which had a known compromise. Reducing the set of possible damaged elements is the key to increasing availability. They note that assessment latency was a key factor in determining which parts of the database were potentially compromised. The means of building their recovery tree is based on a multi-phase recovery process where parts of the database are unconfined early depending on the type of the objects in the database, thus aiming to reduce the latency in relaxing the recovery set, and hence increase availability. A novel idea, and it was slightly unfortunate that the authors were not present to elucidate further, even though an excellent job had been done in presenting this from scratch. Somesh Jha: Markov Chains, Classifiers, and Intrusion Detection: This talk started off with an interesting overview of different methods of Intrusion Detection highlighting the difference between pattern based (rule based) intrusion detection, and statistical based intrusion detection. After highlighting the usual downfall characteristics of pattern based variants they proposed a novel use of Markov Chain models in order to detect potentially anomalous behaviour. Their model uses an intuitively satisfying pattern checking method within the Markov model for raising alarms. Muriel Roger: Log Auditing through Model-Checking: The speaker presented a means of analyzing intrusion detection logs by using a model checker to check signature patterns independently of implementation details. The eighth session was a panel discussion entitled "Non-interference: Who Needs It?": This was by far and away the most eagerly anticipated session of the Workshop. Peter Ryan appeared to have come up with an ideal topic to throw the discussion into hostile territory. Unfortunately this session failed to live up to its billing. Although this was not a waste of time at all and the speakers - John McLean, Jon Millen and Virgil Gligor - put forward some very persuasive arguments, the sting in the tail was missing. Paul Syverson tried to provide a voice of objection, but failed to get a bite. The overall tone of the panel was summed up efficiently by McLean's assertion that only by understanding the fundamental principles of security such as non-interference could we then hope to move on and make proper and complete analysis of security systems. The ninth session was based on logics for protocol verification. Nancy Durgin: A compositional logic for protocol correctness: What was presented here was an extension to a BAN-like analysis, by adding a means for inference rules to be described in order to capture the actions in a protocol. Cathy Meadows asked why this tool should be used above others. The answer was succinct, in that the method put forward here aims to take the sting out of the protocol idealization phase, with its notorious pitfalls. Eijiro Sumii: Logical relations for Encryption: This presentation demonstrates another means of assessing security protocols based on type mechanisms rather than the message passing semantics (as used in the Spi-calculus). The final session was based on Secrecy & Privacy. Unfortunately due to travel constraints I had to cut short this session, getting a lift back across country to the airport. The papers at Cape Breton presented a mix of the old and the new. Comments were made about the links between topics that had come up in some of the first CSFW meetings, along with people bringing in new ideas from areas such as language based systems. It was - as last year - an interesting place to talk through ideas, with plenty of opportunity to spark up questions during the intervals. I was party to a discussion between some of the organising committee during the first evening, where concern was expressed over the rapid growth of the workshop. From my point of view bringing in new blood seems important to make sure that the lessons learned in these workshops trickle out to the wider audience, but I do agree that moving to enlarge the conference too much could hamper with the very open attitude to discussion experienced in what was a very thought provoking few days. Good luck to those next year in achieving the same balance. Those interested in the workshop further can find copies of the program, slides of most of the talks, some picture, etc., at the following URL: http://www.csl.sri.com/programs/security/csfw/csfw14/ Finally, the croquet tournament was better this year for the lack of rain! ==================================================================== Reader's Guide to Current Technical Literature in Security and Privacy, by Anish Mathuria ==================================================================== The Reader's Guide from Past issues of Cipher is archived at www.ieee-security.org/Cipher/ReadersGuide.html ____________________________________________________________________ Conference Entries ____________________________________________________________________ Post-CAV Workshop on Logical Aspects of Cryptographic Protocol Verification, July 23, 2001, Paris, France: [Thanks to Rafael Accorsi for this entry] Towards an awareness-based semantics for the analysis of security protocols R. Accorsi, D. Basin, and L. Viganò Abstract interpretation for proving secrecy properties in security protocols K. Adi and M. Debbabi Models for an adversary-centric protocol logic P. Selinger Attacking fair-exchange protocols: parallel models vs trace models L. Carlucci Aiello and F. Massacci Information based reasoning about security protocols R. Ramanujan and S. P. Suresh. 10th USENIX Security Symposium, August 13-17, 2001, Washington, D.C., USA: Using Client Puzzles to Protect TLS D. Dean and A. Stubblefield Inferring Internet Denial-of-Service Activity D. Moore, G. Voelker and S. Savage MULTOPS: A Data-Structure for Bandwidth Attack Detection T. Gil and M. Poletto Data Remanence in Semiconductor Devices P. Gutmann StackGhost: Hardware Facilitated Stack Protection M. Frantzen and M. Shuey Improving DES Coprocessor Throughput for Short Operations M. Lindemann and S. Smith Architecting the Lumeta Firewall Analyzer A. Wool Transient Addressing for Related Processes: Improved Firewalling by Using IPV6 and Multiple Addresses per Host P. Gleitz and S. Bellovin Network Intrusion Detection: Evasion, Traffic Normalization, and End-to-End Protocol Semantics M. Handley, V. Paxson and C. Kreibich Reading Between the Lines: Lessons from the SDMI Challenge S. Craver, M. Wu, B. Liu, A. Stubblefield, B. Swartzlander, D. Wallach, D. Dean and E. Felten Security Analysis of the Palm Operating System and its Weaknesses Against Malicious Code Threats Kingpin and Mudge Secure Data Deletion for Linux File Systems S. Bauer and N. Priyantha RaceGuard: Kernel Protection From Temporary File Race Vulnerabilities C. Cowan, S. Beattie, C. Wright, and G. Kroah-Hartman Statically Detecting Likely Buffer Overflow Vulnerabilities D. Larochelle and D. Evans FormatGuard: Automatic Protection From printf Format String Vulnerabilities C. Cowan, M. Barringer, S. Beattie, G. Kroah-Hartman, M. Frantzen, and Jamie Lokier Detecting Format String Vulnerabilities with Type Qualifiers U. Shankar, K. Talwar, J. Foster, and D. Wagner Capability File Names: Separating Authorisation From User Management in an Internet File System J. Regan and C. Jensen Kerberized Credential Translation: A Solution to Web Access Control O. Kornievskaia, P. Honeyman, B. Doster, and K. Coffman The Dos and Don'ts of Client Authentication on the Web K. Fu, E. Sit, K. Smith, and N. Feamster SC-CFS: Smartcard Secured Cryptographic File System N. Itoi Secure Distribution of Events in Content-Based Publish Subscribe Systems L. Opyrchal and A. Prakash A Method for Fast Revocation of Public Key Certificates and Security Capabilities D. Boneh, X. Ding, G. Tsudik, and C. Wong PDM: A New Strong Password-Based Protocol C. Kaufman and R. Perlman Defending Against Statistical Steganalysis N. Provos Timing Analysis of Keystrokes and Timing Attacks on SSH D. Song, D. Wagner and X. Tian 12th International Conference on Concurrency Theory, August 21-24, 2001, Aalborg, Denmark: [Security-related papers only] A Game-Based Verification of Non-Repudiation and Fair Exchange Protocols S. Kremer and J.-F. Raskin Probabilistic Information Flow in a Process Algebra A. Aldini Reasoning About Security in Mobile Ambients M. Bugliesi, G. Castagna, and S. Crafa 20th ACM Symposium on Principles of Distributed Computing, August 26-29, 2001, Rhode Island, USA: [Security-related papers only] Selective Private Function Evaluation with Application to Private Satistics R. Canetti, Y. Ishai, R. Kumar, M. Reiter, R. Rubinfeld, and R. Wright An Optimally Robust Hybrid Mix Network M. Jakobsson and A. Juels Practical Multi-Candidate Election System O. Baudron, P.-A. Fouque, D. Pointcheval, G. Poupard, and J. Stern ACM SIGCOMM 2001, August 27-31, 2001, San Diego, California: [Security-related papers only] Hash-Based IP Traceback A. Snoeren, C. Partridge, L. Sanchez, C. Jones, F. Tchakountio, S. Kent, and W. Strayer On the Effectiveness of Route-Based Packet Filtering for Distributed DoS Attack Prevention in Power-Law Internets Kihong Park and Heejo Lee Reliable Group Rekeying: A Performance Analysis R. Yang, X. Zhang, X. Li, and S. Lam ==================================================================== Staying in Touch ==================================================================== ____________________________________________________________________ Information for Subscribers and Contributors ____________________________________________________________________ SUBSCRIPTIONS: Two options: 1. To receive the full ascii CIPHER issues as e-mail, send e-mail to (which is NOT automated) with subject line "subscribe". 2. To receive a short e-mail note announcing when a new issue of CIPHER is available for Web browsing send e-mail to (which is NOT automated) with subject line "subscribe postcard". To remove yourself from the subscription list, send e-mail to cipher@issl.iastate.edu with subject line "unsubscribe". Those with access to hypertext browsers may prefer to read Cipher that way. It can be found at URL www.ieee-security.org/cipher.html CONTRIBUTIONS: to cipher@issl.iastate.edu are invited. Cipher is a NEWSletter, not a bulletin board or forum. It has a fixed set of departments, defined by the Table of Contents. Please indicate in the subject line for which department your contribution is intended. For Calendar entries, please include a URL and/or e-mail address for the point-of-contact. For Calls for Papers, please submit a one paragraph summary. See this and past issues for examples. ALL CONTRIBUTIONS CONSIDERED AS PERSONAL COMMENTS; USUAL DISCLAIMERS APPLY. All reuses of Cipher material should respect stated copyright notices, and should cite the sources explicitly; as a courtesy, publications using Cipher material should obtain permission from the contributors. ____________________________________________________________________ Recent Address Changes ____________________________________________________________________ Address changes from past issues of Cipher are archived at www.ieee-security.org/Cipher/AddressChanges.html ==================================================================== Interesting Links and Reports Available via FTP and WWW ==================================================================== "Reports Available" links from previous issues of Cipher are archived at www.ieee-security.org/Cipher/NewReports.html and www.ieee-security.org/Cipher/InterestingLinks.html ==================================================================== Listing of academic positions available by Cynthia Irvine ==================================================================== [9/15/01: Editor's note: the link to the job archive is temporarily down and thus, there is no new information here. Please visit the Cipher web page periodically to test the link] This job listing is maintained as a service to the academic community. If you have an academic position in computer security and would like to have in it included on this page, send the following information : Institution, City, State, Position title, date position announcement closes, and URL of position description to: irvine@cs.nps.navy.mil ==================================================================== Information on the Technical Committee on Security and Privacy ==================================================================== ______________________________________________________________________ How to become <> a member of the IEEE Computer Society's TC on Security and Privacy ________________________________________________________________________ You do NOT have to join either IEEE or the IEEE Computer Society to join the TC, and there is no cost to join the TC. All you need to do is fill out an application form and mail or fax it to the IEEE Computer Society. A copy of the form is included below (to simplify things, only the TC on Security and Privacy is included, and is marked for you). Members of the IEEE Computer Society may join the TC via an https link. The full and complete form is available on the IEEE Computer Society's Web Server by following the application form hyperlink at the URL: computer.org/tcsignup/ IF YOU USE THE FORM BELOW, PLEASE NOTE THAT THE IT IS TO BE RETURNED (BY MAIL OR FAX) TO THE IEEE COMPUTER SOCIETY, >>NOT<< TO CIPHER. --------- IEEE Computer Society Technical Committee Membership Application ----------------------------------------------------------- Please print clearly or type. ----------------------------------------------------------- Last Name First Name Middle Initial ___________________________________________________________ Company/Organization ___________________________________________________________ Office Street Address (Please use street addresses over P.O.) ___________________________________________________________ City State ___________________________________________________________ Country Postal Code ___________________________________________________________ Office Phone Fax ___________________________________________________________ Email Address (Internet accessible) ___________________________________________________________ Home Address (optional) ___________________________________________________________ Home Phone ___________________________________________________________ [ ] I am a member of the Computer Society IMPORTANT: IEEE Member/Affiliate/Computer Society Number: ____________________ [ ] I am not a member of the Computer Society* Please Note: In some TCs only current Computer Society members are eligible to receive Technical Committee newsletters. Please select up to four Technical Committees/Technical Councils of interest. TECHNICAL COMMITTEES [ X ] T27 Security and Privacy Please Return Form To: IEEE Computer Society 1730 Massachusetts Ave, NW Washington, DC 20036-1992 Phone: (202) 371-0101 FAX: (202) 728-9614 _____________________________________________________________ TC Publications for Sale _____________________________________________________________ TC Publications for Sale Proceedings of the IEEE CS Symposium on Security and Privacy The Technical Committee on Security and Privacy has copies of its publications available for sale directly to you. You may pay for Proceedings by credit card or check. Proceedings of the IEEE Symposium on Security and Privacy Year(s) Format Price 2001 Hardcopy $25.00* 2000 Hardcopy $15.00* 1999 Hardcopy SOLD OUT 1998 Hardcopy $10.00* 2000-2001 CD-ROM $25.00* * Plus shipping charges Payment by Check Please specify the items and quantities that you wish to receive, your shipping address, and the method of shipping (for overseas orders). Mail your order request and a check, payable to the 2001 IEEE Symposium on Security and Privacy to: Brian J. Loe Treasurer, IEEE Security and Privacy c/o Secure Computing Corp. 2675 Long Lake Rd. Roseville, MN 55113 U S A Please include the appropriate amount to cover shipping charges as noted in the table below. Shipping Charges for Mail Orders Domestic shipping: $4.00 per order for 3 volumes or fewer Overseas surface mail: $6.00 per order for 3 volumes or fewer Overseas air mail: $12.00 per volume Credit Card Orders For a limited time, the TC on Security and Privacy can charge orders to your credit card. Send your order by mail to the address above or send email to brian.loe@computer.org specifying the items and quantities that you wish to receive, your shipping address, method of shipping (surface or air for overseas orders) along with the name of the cardholder, credit card number, and the expiration date. Exact shipping charges will be charged to your credit card and included in your receipt. Shipping charges may approximated from the table above. You may use the following PGP public key to encrypt any information that you're not comfortable sending as cleartext. -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 4.0 Business Edition mQCNAy+T6TkAAAEEAN/fnVu7VCPtcmBQhXFhJbejSoZJkEmWNUYvx13yRwl/gyir 61ae+GUjgWjWs9O06C6dugRGrjFZpBhMosu7sgGJMz54hvKbBNrYBSHpH0yex6e/ +c2mzbCbh40naARgPAaAki2rCkV2ryETj2Z6w98/k5fMgOZDnEy6WVOs56vlAAUR tBtCcmlhbiBKLiBMb2UgPGxvZUBzY3RjLmNvbT6JARUDBRA5FvlSehjn4trNNnMB AVulCAC/cqeBfMVohQqSZSHsaBudKUaKRCbH9PoKB0xr2SkmI/XYTzm6X7Cc+CXb hfcO/t++p1IscnB9Ne7Qa/MYqTD3zzgp/x/xor0bHnLSLGlVCN3XoRr3oxWuGOE9 Bul85Jse5V3FqMjsnGzm3PFRnYEJ9EPfTbWLnmmPteNSCwzFJe0z2nSAWbW+X4BQ W6qN/5SHFWQ/0xcpSWte7TD98BDpZl12ow3W+NY1P01AYfby0IthvuPL7PMrcOgV cGz8sBflkF4QbL/CJW42oPjztvj+Ks+I2b1W9oSJgX5fPeU9hcsPg3wVO5o3/Mdb lEtBSrdQfnbfOpiEm16/CK3OGr3NiQB1AwUQL5UPKjVOHVCprfxtAQG2tgMAruPD qtQzxJVdegzUG+0r0AMEDxmGDN84PUU9AMhXl2owR2/TthpDpmovMq8ibeLd0PGk NgXJFlLHJNvU09jP1O4TqwvoSTzG84qm8OY7kfdOqY7PTsz0keT7WgFuuglKiQCV AwUQL5UOenp25Pxx+Z6ZAQH5MAP/c1SngCYf1+Ks1M2Cbf8PR4t5hQAM5tGFHA8J zS5L/3NZNyoNAD4fgRm62xr8trFWtT4BSmZboXgqklTvwbQKWn90EsoKEtdfJNtJ swVNkLF/SjLyes/J6HEgllPUaKVIq5PM8AIrKsAKvHZoDcDbDH8QypnQsdxYhOOh a0pxCpaJAJUDBRAvlCiXTLpZU6znq+UBAdmiA/9eq6niZHHykR/27P9chkqhYLuq /E1CirA+aYP73OdbfXeV+vwDxr9Zzv2iTra/DUNyJzU7JelWRFlov+k7yiO6Pr7j bWeqms0WYsQV30jIelBs6w34A4CC1bnuHxt6gKxd63EZCqhVsZV+GN3pGfL2CQBc mraYYRb4Q1+gSocsAIkAdQMFEDXRyzCbYv3kpAuW2QEBv+AC/jDstmZP0UTTwixB htVd50TqxE0vU/g6YC6sKg1wyHNlYEvwP0xRsM1P+Qs1603SV6TarP8q5AQVMuwg 1qQxxuThCAG/hXcsI5t/5pbMTQSAMUkZQHittS69sSQtNSd+R7QlQnJpYW4gSi4g TG9lIDxicmlhbi5sb2VAY29tcHV0ZXIub3JnPrQmQnJpYW4gSi4gTG9lIDxsb2VA c2VjdXJlY29tcHV0aW5nLmNvbT4= =PUX1 -----END PGP PUBLIC KEY BLOCK----- IEEE CS Press You may also order some back issues from IEEE CS Press at www.computer.org/cspress/catalog/proc9.htm. Proceedings of the IEEE CS Computer Security Foundations Workshop The most recent Computer Security Foundation Workshop (CSFW13) took place the 3rd through 5th of July 2000 in Cambridge, UK. Topics included formal specification of security protocols, protocol engineering, distributed systems, information flow, and security policies. Copies of the proceedings are available from the publications chair for $25 each. Copies of earlier proceedings starting with year 5 are available at $10. Photocopy versions of year 1 are also $10. Checks payable to Joshua Guttman for CSFW may be sent to: Joshua Guttman, MS A150 The MITRE Corporation 202 Burlington Rd. Bedford, MA 01730-1420 USA guttman@mitre.org ________________________________________________________________________ TC Officer Roster ________________________________________________________________________ Chair: Past Chair: Thomas A. Berson Charles P. Pfleeger Anagram Laboratories Arca Systems, Inc. P.O. Box 791 8229 Boone Blvd, Suite 750 Palo Alto, CA 94301 Vienna VA 22182-2623 (650) 324-0100 (voice) (703) 734-5611 (voice) berson@anagram.com (703) 790-0385 (fax) c.pfleeger@computer.org Vice Chair: Chair,Subcommittee on Academic Affairs: Michael Reiter Prof. Cynthia Irvine Bell Laboratories U.S. Naval Postgraduate School 600 Mountain Ave., Room 2A-342 Computer Science Department Murray Hill, NJ 07974 USA Code CS/IC Monterey CA 93943-5118 (908) 582-4328 (voice) (408) 656-2461 (voice) (908) 582-1239 (fax) irvine@cs.nps.navy.mil reiter@research.bell-labs.com Newsletter Editor: Jim Davis Department of Electrical and Computer Engineering 2413 Coover Hall Iowa State University Ames, Iowa 50011 (515) 294-0659 (voice) davis@iastate.edu Chair, Subcommittee on Standards: Chair,Subcomm.on Security Conferences: David Aucsmith Jonathan Millen Intel Corporation SRI International EL233 JF2-74 Computer Science Laboratory 2111 N.E. 25th Ave 333 Ravenswood Ave. Hillsboro OR 97124 Menlo Park, CA 94025 (503) 264-5562 (voice) (650) 859-2358 (voice) (503) 264-6225 (fax) (650) 859-2844 (fax) awk@ibeam.intel.com millen@csl.sri.com BACK ISSUES: Cipher is archived at: www.ieee-security.org/cipher.html ========end of Electronic Cipher Issue #44, September 15, 2001===========