Seminar in Computer Security
Basics and Access Control (Sept 5 and 12)
M. Satyanarayanan, Integrating Security in Large Scale Distributed Systems,
ACM TOCS, August 1989. (Mustaque Ahamad)
R. J. Hayton, J. M. Bacon and K. Moody, Access Control in an Open Distributed
Environment, IEEE Symposium on Security and Privacy, 1998. Available
here. (Patrick Widener)
A. Herzberg, Y. Moss and J. Mihaeli, Access Control Meets Public Key Infrastructure,
IEEE Symposium on Security and Privacy 2000. Available
here. (Mustaque Ahamad)
R. Spencer, S. Smalley, P. Loscocco, M. Hibler, D. Andersen, and J. Lepreau,
Flask Security Architecture: System Support for Diverse Security Policies
The Eighth USENIX Security Symposium, August 1999, pp. 123-139. (??????)
Trust and Authentication (Sept 19) (Mike Covington)
V. Swarup and J. Fabrega, Trust: Benefits, Models and Mechanisms, Springer-Verlag
LNCS 1603, 1998.
M. Reiter and S. Stubblebine, Toward
Acceptable Metrics of Authentication, IEEE Symposium on Security and
Cryptography (Sept 26 and Oct 3) (Arnab Paul and Paul Judge)
P. Kocher, Timing
attacks on Implementations of Diffie-Hellman, RSA, DSS and Other Systems,
Advances in Cryptology - CRYPTO 96, pp 104-113, 1996
P. Kocher, J. Jaffe and B. Jun Differential
power analysis, Advances in Cryptology - CRYPTO 99, ed. M. Wiener,
R. J. Anderson and F. A. P. Petitcolas, On
the limits of steganography, IEEE Journal on Selected Areas in Communications
(J-SAC), Special Issue on Copyright & Privacy Protection, vol. 16 no.
4, pp 474-481, May 1998.
Security in Mobile Environments (Oct 10 and 17) (Venkat and Subbu)
C. Carroll, Y. Frankel and Y. Tsiounis, Efficient Key Distribution
for Slow Devices, IEEE Symposium on Security and Privacy, 1998.
T. Sanders and C. F. Tscudin, Towards Mobile Cryptography, IEEE Symposium
on Security and Privacy, 1998.
D. Malkhi, M. Reiter, and A. Rubin, Secure
Execution of Java Applets using a Remote Playground, Proc. IEEE Symposium
on Security and
Privacy, May 1998.
Secure Multicast (Oct 31) (JinLiang Fan)
C. K. Wong, M. Gouda and S. Lam, Secure Group Communication Using Key Graphs,
ACM SIGCOMM 1998.
Web Security (Nov 7 and 14)
D. Dean, E. W. Felten, and D S. Wallach Java
Security: From HotJava to Netscape and Beyond Proceedings of 1996 IEEE
Symposium on Security and Privacy, May 1996. (Vidya)
A. L. M. dos Santos, G. Vigna, R. A. Kemmerer Security
Testing of the Online Banking Service of a Large International Bank,
To be presented in the First Workshop on Security and Privacy in E-Commerce,
S. Bellovin, Cryptography
and the Internet, Proceedings of CRYPTO '98, August 1998, pp. 46-55.
Tamper Resistant Devices (Nov 21)
D. Boneh and N. Daswani, Experimenting
with electronic commerce on the PalmPilot, In proceedings of Financial
Cryptography '99, Lecture Notes in Computer Science, Vol. 1648, Springer-Verlag,
pp. 1--16, 1999.
R. Anderson and M. Kuhn, Tamper
Resistance - a Cautionary Note, The Second USENIX Workshop on Electronic
Commerce Proceedings, November 18-21, 1996
H. Gobioff, S. Smith, J. D. Tyger and B. Yee, Smart
cards in hostile environments, in Proceedings of the 2nd Usenix Workshop
on Electronic Commerce, November 1996, pages 23 - 28.
Dealing with Denial-of-Service Attacks (Nov 28, Dec 5 and 12)
JIM: PLEASE ADD THE PAPERS THAT YOU WOULD LIKE COVERED