[biblio01entry01] 1. , “Explicit Communication Revisited: Two New Attacks on Authentication Protocols,” IEEE Transactions on Software Engineering (3), pp. 185–186 (Mar. 1997).
[biblio01entry02] 2. and , “Prudent Engineering Practice for Cryptographic Protocols,” Proceedings of the 1994 IEEE Symposium on Research in Security and Privacy, pp. 122–136 (May 1994).
[biblio01entry03] 3. and , “Security Analysis and Enhancements of Computer Operating Systems,” Technical Report NBSIR 76–1041, ICET, National Bureau of Standards, Washington, DC 20234 (Apr. 1976).
[biblio01entry04] 4. and , “Abstraction and Refinement of Layered Security Policy,” in Information Security: An Integrated Collection of Essays [6], pp. 126–136.
[biblio01entry05] 5. and , “Application of the Common Criteria to a System: A Real-World Example,” Computer Security Journal (2), pp. 11–21 (Spring 2000).
[biblio01entry06] 6. M.Abrams, S.Jajodia, and H.Podell (eds.), Information Security: An Integrated Collection of Essays, IEEE Computer Society Press, Los Alamitos, CA (<year>1975</year>).
[biblio01entry07] 7. and , Understanding the Public-Key Infrastructure, Macmillan, New York, NY (<year>1999</year>).
[biblio01entry08] 8. and , “Dbxtool: A Window-Based Symbolic Debugger for Sun Workstations,” Software—Practice and Experience (7), pp. 653–669 (July 1986).
[biblio01entry09] 9. , “An Abstract Theory of Computer Viruses,” Advances in Cryptology—Proceedings of CRYPTO '88 (<year>1988</year>).
[biblio01entry10] 10. and , “On Distinguishing Prime Numbers from Composite Numbers,” Annals of Mathematics (1), pp. 173–206 (1983).
[biblio01entry11] 11. , PostScript Language Reference, 3rd Edition, Addison-Wesley, Reading, MA (<year>1999</year>).
[biblio01entry12] 12. , “Random Sources for Cryptographic Systems,” Advances in Cryptology—Proceedings of EUROCRYPT '87, pp. 77–81 (<year>1988</year>).
[biblio01entry15] 15. , The CERT® Guide to System and Network Security Practices, Addison-Wesley, Boston, MA (<year>2001</year>).
[biblio01entry16] 16. , “A Comparison of Non-Interference and Non-Deducibility Using CSP,” Proceedings of the Computer Security Foundations Workshop IV, pp. 43–54 (June 1991).
[biblio01entry17] 17. and , “Applying the TCSEC Guidelines to a Real-Time Embedded System Environment,” Proceedings of the 19th National Information Systems Security Conference, pp. 89–97 (Oct. 1996).
[biblio01entry18] 18. and , “A Specification-Based Coverage Metric to Evaluate Test Sets,” Proceedings of the 4th IEEE International Symposium on High-Assurance Systems Engineering, pp. 239–248 (Nov. 1999).
[biblio01entry19] 19. and , “Expressive Power of the Schematic Protection Model (Extended Abstract),” Proceedings of the Computer Security Foundations Workshop, MITRE Technical Report M88-37 MITRE Corporation, Bedford, MA, pp. 188–193 (June 1988).
[biblio01entry20] 20. and , “The Extended Schematic Protection Model,” Journal of Computer Security (3, 4), pp. 335–385 (1992).
[biblio01entry21] 21. and , “The Expressive Power of Multi-Parent Creation in Monotonic Access Control Models,” Journal of Computer Security (2, 3), pp. 149–166 (Dec. 1996).
[biblio01entry23] 23. and , “Towards an Approach to Measuring Software Trust,” Proceedings of the 1991 IEEE Symposium on Research in Security and Privacy, pp. 198–218 (May 1991).
[biblio01entry24] 24. and , “A Flexible Security Model for Using Internet Content,” Proceedings of the 16th Symposium on Reliable Distributed Systems, pp. 89–96 (Oct. 1997).
[biblio01entry25] 25. , “Information Security in a Multi-User Computer Environment,” in MorrisRubinoff (ed.), Advances in Computers , Academic Press, New York, NY (1972).
[biblio01entry26] 26. , “Computer Security Technology Planning Study,” Technical Report ESD-TR-73–51, Electronic Systems Division, Hanscom Air Force Base, Hanscom, MA (1974).
[biblio01entry27] 27. , “Computer Security Threat Monitoring and Surveillance,” James P. Anderson Co., Fort Washington, PA (<year>1980</year>).
[biblio01entry28] 28. , “On the Feasibility of Connecting RECON to an External Network,” James P. Anderson Co., Fort Washington, PA (1981).
[biblio01entry29] 29. , “UEPS—A Second Generation Electronic Wallet,” Proceedings of the 2nd European Symposium on Research in Computer Security, pp. 411–418 (Nov. 1992).
[biblio01entry30] 30. , “A Security Policy Model for Clinical Information Systems,” Proceedings of the 1996 IEEE Symposium on Security and Privacy, pp. 34–48 (May 1996).
[biblio01entry31] 31. and , UNIX® Unleashed, 4th Edition, SAMS Publishing, Indianapolis, IN (<year>2002</year>).
[biblio01entry32] 32. and , “Robustness Principles for Public Key Protocols,” Advances in Cryptology—Proceedings of CRYPTO '95, pp. 236–247 (<year>1995</year>).
[biblio01entry33] 33. , “A Standard for Assuring/Monitoring Telephony Switching Real Time Performance,” Proceedings of the 1990 IEEE Global Telecommunications Conference and Exhibition, pp. 237–240 (Dec. 1990).
[biblio01entry34] 34. and , “An Axiomatic Approach to Information Flow in Parallel Programs,” ACM Transactions on Programming Languages (1), pp. 56–76 (Jan. 1980).
[biblio01entry35] 35. and , “A Semantic Model of Types and Machine Instructions for Proof-Carrying Code,” Proceedings of the 27th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pp. 243–253 (Jan. 2000).
[biblio01entry36] 36. and , “Extending Mandatory Access Controls to a Networked MLS Environment,” Proceedings of the 12th National Computer Security Conference, pp. 286–295 (Oct. 1990).
[biblio01entry37] 37. and , “A Framework for Evaluating Specification Methods for Reactive Systems Experience Report,” IEEE Transactions on Software Engineering (6), pp. 378–389 (June 1996).
[biblio01entry38] 38. , “Analysis Requirements for Low Assurance Evaluations,” Proceedings of the 18th National Information Systems Security Conference, pp. 356–365 (Oct. 1995).
[biblio01entry39] 39. , UNIX Security: A Practical Tutorial, McGraw-Hill, New York, NY (<year>1993</year>).
[biblio01entry40] 40. and , “Protection Profiles for Certificate Issuing and Management Systems,” Proceedings of the 22nd National Information Systems Security Conference, pp. 189–199 (Oct. 1999).
[biblio01entry42] 42. , “A Taxonomy of Security Faults in the UNIX Operating System,” Master's Thesis, Department of Computer Sciences, Purdue University, West Lafayette, IN (1995).
[biblio01entry43] 43. and , “Use of a Taxonomy of Security Faults,” Proceedings of the 19th National Information Systems Security Conference, pp. 551–560 (Oct. 1996).
[biblio01entry44] 44. and , “A Modular Approach to Key Safeguarding,” IEEE Transactions on Information Theory (2), pp. 208–210 (Mar. 1983).
[biblio01entry45] 45. and , “Transformational vs. Reactive Refinement in Real-Time Systems,” Information Processing Letters (4), pp. 201–210 (Apr. 1995).
[biblio01entry46] 46. and , “Achieving Stricter Correctness Requirements in Multilevel Secure Databases,” Proceedings of the 1993 Symposium on Research in Security and Privacy, pp. 135–147 (May 1993).
[biblio01entry48] 48. , “The N-Version Approach to Fault-Tolerant Software,” IEEE Transactions on Software Engineering (12), pp. 1491–1501 (Dec. 1985).
[biblio01entry49] 49. , “The Base-Rate Fallacy and the Difficulty of Intrusion Detection,” ACM Transactions on Information and System Security (3), pp. 186–205 (Aug. 2000).
[biblio01entry50] 50. , The Computer Privacy Handbook, Peachpit Press, Berkeley, CA (<year>1995</year>).
[biblio01entry51] 51. , “Anonymous Remailer FAQ” (Nov. 1999); available at http://www.andrebacard.com/remail.html.
[biblio01entry52] 52. , Intrusion Detection, Macmillan Technical Publishing, Indianapolis, IN (<year>2000</year>).
[biblio01entry53] 53. , “Information Security: From Reference Monitors to Wrappers,” IEEE Aerospace and Electronic Systems Magazine (3), pp. 32–34 (Mar. 1998).
[biblio01entry54] 54. and , “A Domain and Type Enforcement UNIX Prototype,” Computing Systems (1), pp. 47–83 (Winter 1996).
[biblio01entry55] 55. , “A Philosophy of Security Management,” in Information Security: An Integrated Collection of Essays [6], pp. 98–110.
[biblio01entry56] 56. and , “An Architecture for Intrusion Detection Using Autonomous Agents,” Proceedings of the 14th Annual Computer Security Applications Conference, pp. 13–24 (Dec. 1998).
[biblio01entry57] 57. and , “ISAKMP Key Recovery Extensions,” Computers and Security (1), pp. 91–99 (Jan./Feb. 2000).
[biblio01entry58] 58. and , “WindowBox: A Simple Security Model for the Connected Desktop,” Proceedings of the 4th USENIX Windows Systems Symposium (Aug. 2000).
[biblio01entry59] 59. , Web Psychos, Stalkers, and Pranksters: How to Protect Yourself in Cyberspace, The Coriolis Group (<year>1997</year>).
[biblio01entry60] 60. and , “Auditing of Distributed Systems,” Proceedings of the 14th National Computer Security Conference, pp. 59–68 (Oct. 1991).
[biblio01entry61] 61. , Bandits on the Information Superhighway (What You Need to Know), O'Reilly and Associates (<year>1996</year>).
[biblio01entry63] 63. , “Unclassified Summary: Involvement of NSA in the Development of the Data Encryption Standard (United States Senate Select Committee on Intelligence),” IEEE Communications Society Magazine (6), pp. 53–55 (1978).
[biblio01entry64] 64. , “Concerning 'Modeling' of Computer Security,” Proceedings of the 1988 IEEE Symposium on Security and Privacy, pp. 8–13 (Apr. 1988).
[biblio01entry66] 66. and , Cipher Systems: The Protection of Communications, Northwood Books, London, UK (<year>1982</year>).
[biblio01entry67] 67. and , “Secure Computer Systems: Mathematical Foundations,” Technical Report MTR-2547, , MITRE Corporation, Bedford, MA (Mar. 1973).
[biblio01entry68] 68. and , “Secure Computer System: Unified Exposition and Multics Interpretation,” Technical Report MTR-2997 Rev. , MITRE Corporation, Bedford, MA (Mar. 1975).
[biblio01entry69] 69. and , “Keyed Hash Functions and Message Authentication,” Advances in Cryptology—Proceedings of CRYPTO '96, pp. 1–15 (<year>1996</year>).
[biblio01entry70] 70. and , “Non-Interactive Oblivious Transfer and Applications,” Advances in Cryptology—Proceedings of CRYPTO '89, pp. 547–559 (<year>1989</year>).
[biblio01entry71] 71. and , “Translucent Cryptography—An Alternative to Key Escrow, and Its Implementation via Fractional Oblivious Transfer,” Journal of Cryptology (2), pp. 117–139 (Spring 1999).
[biblio01entry72] 72. , “Security Problems in the TCP/IP Protocol Suite,” Computer Communication Review (2), pp. 32–48 (Apr. 1989).
[biblio01entry73] 73. , “Using the Domain Name System for System Break-Ins,” Proceedings of the 5th USENIX UNIX Security Symposium, pp. 199–208 (June 1995).
[biblio01entry74] 74. , “Probable Plaintext Cryptanalysis of the IP Security Protocols,” Proceedings of the 1997 Symposium on Network and Distributed System Security, pp. 52–59 (Feb. 1997).
[biblio01entry75] 75. and , Firewalls and Internet Security: Repelling the Wily Hacker, Addison-Wesley, Reading, MA (<year>1994</year>).
[biblio01entry76] 76. and , “Limitations of the Kerberos Protocol,” Proceedings of the 1991 Winter USENIX Conference, pp. 253–267 (Jan. 1991).
[biblio01entry77] 77. and , “Encrypted Key Exchange: Password-Based Protocols Secure Against Dictionary Attacks,” Proceedings of the 1992 IEEE Symposium on Research in Security and Privacy, pp. 74–82 (May 1992).
[biblio01entry78] 78. and , “Design Analysis in Evaluations Against the TCSEC C2 Criteria,” Proceedings of the 19th National Information Systems Security Conference, pp. 67–75 (Oct. 1996).
[biblio01entry79] 79. , “Analysis of the Encryption in Word Perfect,” Cryptologia (4), pp. 206–210 (Oct. 1987).
[biblio01entry80] 80. and , “SyMP: The User's Guide,” Computer Science Dept., Carnegie Mellon University (Dec. 2000); available at http://www-2.cs.cmu.edu/~modelcheck/symp.
[biblio01entry81] 81. and , “Proactive Password Checking with Decision Trees,” Proceedings of the 4th ACM Conference on Computer and Communications Security, pp. 67–77 (Nov. 1998).
[biblio01entry82] 82. and , “High Dictionary Compression for Proactive Password Checking,” ACM Transactions on Information and System Security (1), pp. 3–25 (Apr. 1997).
[biblio01entry83] 83. and , “File Security in WordPerfect 5.0,” Cryptologia (1), pp. 57–66 (Jan. 1991).
[biblio01entry84] 84. , “Analysis of Programs for Parallel Processing,” IEEE Transactions on Computers (5), pp. 757–762 (Oct. 1966).
[biblio01entry85] 85. and , All the President's Men, Simon and Schuster, New York, NY (<year>1974</year>).
[biblio01entry87] 87. and , “Syncookies Mailing List Archive” (Oct. 1996); available at http://cr.yp.to/syncookies.html.
[biblio01entry88] 88. and , “Watchdogs: Extending the UNIX File System,” Proceedings of the 1988 Winter USENIX Conference, pp. 267–276 (Feb. 1988).
[biblio01entry89] 89. and , “Extensibility, Safety, and Performance in the SPIN Operating System,” Proceedings of the 15th Symposium on Operating Systems Principles, pp. 267–284 (Dec. 1995).
[biblio01entry90] 90. , Software Engineering with Abstractions, Addison-Wesley, Reading, MA (<year>1991</year>).
[biblio01entry91] 91. and , “Towards Acceptable Key Escrow Systems,” Proceedings of the 2nd ACM Conference on Computer and Communications Security, pp. 51–58 (Nov. 1994).
[biblio01entry92] 92. and , “A State-Based Approach to Noninterference,” Journal of Computer Security (1), pp. 55–70 (1994/1995).
[biblio01entry93] 93. and , “Developing High Assurance Avionics Systems with the SCR Requirements Method,” Proceedings of the 19th Digital Avionics Systems Conference, pp. 1D1/1–8 (Oct. 2000).
[biblio01entry94] 94. , “Integrity Considerations for Secure Computer Systems,” Technical Report MTR-3153, MITRE Corporation, Bedford, MA (Apr. 1977).
[biblio01entry95] 95. and , “Differential Cryptanalysis of Snefru, Khafre, REDOC-II, LOKI, and Lucifer,” Advances in Cryptology—Proceedings of CRYPTO '91, pp. 156–171 (Aug. 1991).
[biblio01entry96] 96. and , “Differential Cryptanalysis of DES-Like Cryptosystems,” Journal of Cryptology (1), pp. 3–72 (1991).
[biblio01entry97] 97. and , “Differential Cryptanalysis of the Full 16-Round DES,” Advances in Cryptology—Proceedings of CRYPTO '92, pp. 487–496 (<year>1992</year>).
[biblio01entry98] 98. and , Differential Cryptanalysis of the Data Encryption Standard, Springer-Verlag, New York, NY (<year>1993</year>).
[biblio01entry99] 99. and , “Secure Access to Data Over the Internet,” Proceedings of the 3rd International Conference on Parallel and Distributed Information Systems, pp. 99–102 (Sep. 1984).
[biblio01entry100] 100. and , Linux Kernel 2.4.9 Networking Source Code, directory linux/net/ipv4 (Aug. 2001).
[biblio01entry101] 101. and , “Protection Analysis: Final Report,” Technical Report ISI/SR-78–13, University of Southern California Information Sciences Institute, Marina Del Rey, CA (May 1978).
[biblio01entry102] 102. and , “Protection Errors in Operating Systems: Inconsistency of a Single Data Value Over Time,” Technical Report ISI/SR-75–4, University of Southern California Information Sciences Institute, Marina Del Rey, CA (Dec. 1975).
[biblio01entry103] 103. , “Security Problems with the UNIX Operating System” (unpublished) (Jan. 1981).
[biblio01entry104] 104. , “Sendmail Wizardry,” Research Memo 86.3, Research Institute for Advanced Computer Science, NASA Ames Research Center, Moffett Field, CA (Jan. 1986).
[biblio01entry105] 105. , “The RIACS Intelligent Auditing and Checking System,” Technical Report 86.3, Research Institute for Advanced Computer Science, NASA Ames Research Center, Moffett Field, CA (June 1986).
[biblio01entry106] 106. , “Analyzing the Security of an Existing Computer System,” Proceedings of the 1986 Fall Joint Computer Conference, pp. 1115–1119 (Nov. 1986).
[biblio01entry108] 108. , “Profiling Under UNIX by Patching,” Software—Practice and Experience (10), pp. 729–739 (Oct. 1987).
[biblio01entry109] 109. , “An Application of a Fast Data Encryption Standard Implementation,” Computing Systems (3), pp. 221–254 (Summer 1988).
[biblio01entry110] 110. , “Auditing Files on a Network of UNIX Machines,” Proceedings of the USENIX UNIX Security Workshop, pp. 51–52 (Aug. 1988).
[biblio01entry111] 111. , “Collaboration Using Roles,” Software—Practice and Experience (5), pp. 485–497 (May 1990).
[biblio01entry112] 112. , “A Security Analysis of the NTP Protocol Version 2,” Proceedings of the 6th Annual Computer Security Applications Conference, pp. 20–29 (Dec. 1990).
[biblio01entry113] 113. , “Password Management,” Proceedings of COMPCON '91, pp. 167–169 (Feb. 1991).
[biblio01entry114] 114. , “A Proactive Password Checker,” in Information Security, D.T.Lindsay and W.L.Price (eds.), North-Holland, New York, NY, pp. 169–180 (May 1991).
[biblio01entry115] 115. , “Anatomy of a Proactive Password Changer,” Proceedings of the 3rd USENIX Security Symposium, pp. 171–184 (Sep. 1992).
[biblio01entry116] 116. and , “A Critical Analysis of Vulnerability Taxonomies,” Technical Report CSE-96–11, Department of Computer Science, University of California, Davis, CA (Sep. 1996).
[biblio01entry117] 117. and , “Checking for Race Conditions in File Accesses,” Computing Systems (2), pp. 131–152 (Spring 1996).
[biblio01entry118] 118. and , “Improving System Security via Proactive Password Checking,” Computers and Security (3), pp. 233–249 (Apr. 1995).
[biblio01entry119] 119. , “Some Variants of the Take-Grant Protection Model,” Information Processing Letters (3), pp. 151–156 (Mar. 1984).
[biblio01entry120] 120. and , “Transaction-Based Pseudonyms in Audit Data for Privacy Respecting Intrusion Detection,” Proceedings of the 3rd International Workshop on Recent Advances in Intrusion Detection, pp. 28–48 (Oct. 2000).
[biblio01entry121] 121. , “Safeguarding Cryptographic Keys,” 1979 National Computer Conference, AFIPS Conference Proceedings , pp. 313–317 (Nov. 1979).
[biblio01entry122] 122. , “One-Time Pads are Key Safeguarding Schemes, Not Cryptosystems: Fast Key Safeguarding Schemes (Threshold Schemes) Exist,” Proceedings of the 1980 IEEE Symposium on Security and Privacy, pp. 108–113 (Apr. 1980).
[biblio01entry123] 123. , “Protocol Failure in the Escrowed Encryption Standard,” Proceedings of the 2nd ACM Conference on Computer and Communications Security, pp. 59–67 (Nov. 1994).
[biblio01entry124] 124. , “On the Inability of an Unmodified Capability Machine to Enforce the *-Property,” Proceedings of the 7th DOD/NBS Computer Security Conference, pp. 291–293 (Sep. 1984).
[biblio01entry125] 125. and , “A Partial Solution to the Discretionary Trojan Horse Problem,” Proceedings of the 8th National Computer Security Conference, pp. 245–253 (Sep. 1985).
[biblio01entry126] 126. and , “A Practical Alternative to Hierarchical Integrity Policies,” Proceedings of the 8th National Computer Security Conference, p. 18 (Oct. 1985).
[biblio01entry127] 127. and , “Secure Ada Target: Issues, System Design, and Verification,” Proceedings of the 1985 IEEE Symposium on Security and Privacy, pp. 176–183 (Apr. 1985).
[biblio01entry128] 128. and , “Formal Methods in Context: Security and Java Card,” Proceedings of the 1st International Workshop on Java on Smart Cards: Programming and Security, pp. 1–5 (Sep. 2000).
[biblio01entry129] 129. and , “Introduction to the ISO Specification Language LOTOS,” Computer Networks (1), pp. 25–59 (Jan. 1988).
[biblio01entry130] 130. and , “The ESPRIT Project CAFE—High Security Digital Payment Systems,” Proceedings of the 3rd European Symposium on Research in Computer Security, pp. 217–229 (Nov. 1994).
[biblio01entry131] 131. and , “The KeyKOS Nanokernel Architecture,” Proceedings of the USENIX Workshop on Micro-Kernels and Other Kernel Architectures, pp. 95–112 (Apr. 1992).
[biblio01entry132] 132. , “The Role of a Well-Defined Auditing Process in the Enforcement of Privacy Policy and Data Security,” Proceedings of the 1981 IEEE Symposium on Security and Privacy, pp. 19–26 (<year>1981</year>).
[biblio01entry133] 133. , “The Use of Architectural Principles in the Design of Certifiably Secure Systems,” Computers and Security (2), pp. 153–162 (June 1983).
[biblio01entry134] 134. , “A Perspective of Evaluation in the UK Versus the US,” Proceedings of the 18th National Information Systems Security Conference, pp. 322–334 (Oct. 1995).
[biblio01entry135] 135. and , “A Framework for Assessing the Use of Third-Party Software Quality Assurance Standards to Meet FDA Medical Device Software Process Control Guidelines,” IEEE Transactions on Engineering Management (4), pp. 465–478 (Nov. 2001).
[biblio01entry136] 136. and , “Ten Commandments of Formal Methods,” IEEE Computer (4), pp. 56–63 (Apr. 1995).
[biblio01entry137] 137. and , “Seven More Myths of Formal Methods,” IEEE Software (4), pp. 34–41 (July 1995).
[biblio01entry138] 138. and , Apache Server Unleashed, SAMS Publishing, Indianapolis, IN (<year>2000</year>).
[biblio01entry139] 139. , “Inferring Sequences Produced by Pseudo-Random Number Generators,” Journal of the ACM (1), pp. 129–141 (Jan. 1989).
[biblio01entry140] 140. , “Inferring Sequences Produced by a Linear Congruential Generator Missing Low-Order Bits,” Journal of Cryptology (3), pp. 177–184 (1989).
[biblio01entry141] 141. and , “Proving Theorems About LISP Functions,” Journal of the ACM (1), pp. 129–144 (Jan. 1975).
[biblio01entry142] 142. and , “CAPSL Interface for the NRL Protocol Analyzer,” Proceedings of the 1999 IEEE Symposium on Application-Specific Systems and Software Engineering and Technology, pp. 64–73 (Mar. 1999).
[biblio01entry143] 143. , “Integrating B2 Security into a UNIX System,” Proceedings of the 14th National Computer Security Conference, pp. 338–346 (Oct. 1991).
[biblio01entry144] 144. , “Electronic Cash on the Internet,” Proceedings of the 1995 Symposium on Network and Distributed System Security, pp. 64–84 (Feb. 1995).
[biblio01entry145] 145. , UNIX™ System Security Essentials, Addison-Wesley, Reading, MA (<year>1995</year>).
[biblio01entry146] 146. and , “The Chinese Wall Security Policy,” Proceedings of the 1989 IEEE Symposium on Security and Privacy, pp. 206–214 (May 1989).
[biblio01entry147] 147. and , “The Detection of Cheaters in Threshold Schemes,” Advances in Cryptology—Proceedings of CRYPTO '88 pp. 564–577 (Aug. 1988).
[biblio01entry148] 148. , Operating System Principles, Prentice-Hall, Englewood Cliffs, NJ (<year>1973</year>).
[biblio01entry149] 149. , The Mythical Man-Month: Essays on Software Engineering, Anniversary Edition, Addison-Wesley, Reading, MA (<year>1995</year>).
[biblio01entry150] 150. and , “LOKI: A Cryptographic Primitive for Authentication and Secrecy Applications,” Advances in Cryptology—Proceedings of AUSCRYPT '90, pp. 229–236 (Jan. 1990).
[biblio01entry151] 151. and , “Improving Resistance to Differential Cryptanalysis and the Redesign of LOKI,” Advances in Cryptology—Proceedings of ASIACRYPT '91, pp. 36–50 (<year>1991</year>).
[biblio01entry152] 152. and , “User Identification via Keystroke Characteristics of Typed Names Using Neural Networks,” International Journal of Man-Machine Studies (6), pp. 999–1014 (1993).
[biblio01entry153] 153. , “Mode Security: An Infrastructure for Covert Channel Suppression,” Proceedings of the 1994 Symposium on Research In Privacy and Security, pp. 39–45 (May 1994).
[biblio01entry154] 154. , “Safety in Grammatical Protection Systems,” International Journal of Computer and Information Sciences (6), pp. 413–431 (1983).
[biblio01entry155] 155. and , “Towards Security in an Open Systems Federation,” Proceedings of the 2nd European Symposium on Research in Computer Security, pp. 3–20 (Nov. 1992).
[biblio01entry156] 156. and , “An Assertion Mapping Approach to Software Test Design,” Proceedings of the 13th National Computer Security Conference, pp. 266–276 (Oct. 1990).
[biblio01entry157] 157. and , “Symbolic Model Checking for Sequential Circuit Verification,” IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, (4), pp. 401–424 (Apr. 1994).
[biblio01entry158] 158. and , “Symbolic Model Checking: 1020 States and Beyond,” Information and Computation (2), pp. 142–170 (June 1992).
[biblio01entry159] 159. , “A Site Configuration Engine,” Computing Systems (1), pp. 309–324 (Winter 1995).
[biblio01entry160] 160. , “Automated System Administration with Feedback Regulation,” Software—Practice and Experience (14), pp. 1519–1530 (Dec. 1998).
[biblio01entry161] 161. , “Theoretical System Administration,” Proceedings of the 14th Systems Administration Conference (LISA 2000), pp. 1–13 (Dec. 2000).
[biblio01entry162] 162. and , “Equitable Key Escrow with Limited Time Span (Or, How to Enforce Time Expiration Cryptographically),” Advances in Cryptology—Proceedings of ASIACRYPT '98, pp. 380–391 (Oct. 1998).
[biblio01entry163] 163. and , “A Logic of Authentication,” ACM Transactions on Computer Systems (1), pp. 18–36 (Feb. 1990).
[biblio01entry164] 164. , The Pentagon Wars: Reformers Challenge the Old Guard, Naval Institute Press, Annapolis, MD (<year>1993</year>).
[biblio01entry165] 165. and , “An Evaluation of HP-UX (UNIX) for Database Protection Using the European ITSEC,” Computers and Security (5), pp. 463–479 (Sep. 1992).
[biblio01entry168] 168. and , “INSERT: a COTS-Based Solution for Building High-Assurance Applications,” Proceedings of the 18th Digital Avionics Systems Conference, pp. 2.D.6–8 (Oct. 1999).
[biblio01entry169] 169. , “Speaker Recognition: A Tutorial,” Proceedings of the IEEE (9), pp. 1437–1462 (Sep. 1997).
[biblio01entry170] 170. and the Tutorial Team, The Java™ Tutorial Continued: The Rest of the JDK™, Addison-Wesley, Reading, MA (<year>1999</year>).
[biblio01entry171] 171. and , “Verus: A Tool for Quantitative Analysis of Finite-State Real-Time Systems,” Proceedings of the ACM SIGPLAN 1995 Workshop on Languages, Compilers, and Tools for Real-Time Systems, pp. 70–78 (Nov. 1995).
[biblio01entry172] 172. and , “Symbolic Techniques for Formally Verifying Industrial Systems,” Science of Computer Programming (1–2), pp. 79–98 (July 1997).
[biblio01entry173] 173. , The Canadian Trusted Computer Product Evaluation Criteria, Version 3.0e (Jan. 1993).
[biblio01entry174] 174. , “Quality Assurance in the ATC System,” Proceedings of the 44th Annual Air Traffic Control Association Conference, pp. 151–153 (Sep. 1999).
[biblio01entry175] 175. and , “Virtual Enterprise Networks: the Next Generation of Secure Enterprise Networking,” Proceedings of the 16th Annual Computer Security Applications Conference, pp. 42–51 (Dec. 2000).
[biblio01entry176] 176. , The Annotated Alice, New American Library, New York, NY (<year>1960</year>).
[biblio01entry177] 177. , “An Analysis of the Differences Between the Computer Security Practices in the Military and Private Sector,” Proceedings of the 1986 IEEE Symposium on Privacy and Security, pp. 71–74 (Apr. 1986).
[biblio01entry178] 178. , “Implementation of Multiple Access Control Policies Within a CORBASEC Framework,” Proceedings of the 22nd National Information Systems Security Conference, pp. 112–130 (Oct. 1999).
[biblio01entry179] 179. and , “Distributed Snapshots: Determining Global States of Distributed Systems,” ACM Transactions on Computer Systems (1), pp. 63–75 (Feb. 1985).
[biblio01entry180] 180. and , “User-Level Resource-Constrained Sandboxing,” Proceedings of the 4th USENIX Windows Systems Symposium, pp. 25–35 (Aug. 2000).
[biblio01entry181] 181. , “Network (In)security Through IP Packet Filtering,” Proceedings of the 3rd USENIX UNIX Security Symposium, pp. 63–76 (Sep. 1992).
[biblio01entry182] 182. , Developing Secure Applications with Visual Basic, Microsoft Press, Redmond, WA (<year>2000</year>).
[biblio01entry183] 183. and , “Trusted Systems: Applying the Theory in a Commercial Firm,” Proceedings of the 13th National Computer Security Conference, pp. 283–291 (Sep. 1993).
[biblio01entry184] 184. , “Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms,” Communications of the ACM (2), pp. 84–88 (Feb. 1981).
[biblio01entry185] 185. , “Security Without Identification: Transaction Systems to Make Big Brother Obsolete,” Communications of the ACM (10), pp. 1030–1044 (Oct. 1985).
[biblio01entry186] 186. , “The Dining Cryptographers Problem: Unconditional Sender and Receiver Untraceability,” Journal of Cryptology (1), pp. 65–75 (1988).
[biblio01entry187] 187. , “Online Cash Checks,” Advances in Cryptology—Proceedings of EUROCRYPT '89, pp. 288–293 (Aug. 1989).
[biblio01entry188] 188. , “Numbers Can Be a Better Form of Cash than Paper,” Selected Papers from the 2nd International Smart Card 2000 Conference, pp. 151–156 (Oct. 1989).
[biblio01entry189] 189. and , “Efficient Offline Electronic Checks,” Advances in Cryptology—Proceedings of EUROCRYPT '89, pp. 294–301 (Aug. 1989).
[biblio01entry190] 190. and , “Wallet Databases with Observers,” Advances in Cryptology—Proceedings of CRYPTO '92, pp. 89–105 (Aug. 1992).
[biblio01entry192] 192. , “An Evening with Berferd, in Which a Cracker Is Lured, Endured, and Studied,” Proceedings of the 1992 Winter USENIX Conference, pp. 163–173 (Jan. 1992).
[biblio01entry193] 193. , “Trusted Products Evaluation,” Communications of the ACM (7), pp. 64–76 (July 1992).
[biblio01entry194] 194. and , “Analyzing Consistency of Security Policies,” Proceedings of the 1997 IEEE Symposium on Security and Privacy, pp. 103–112 (May 1997).
[biblio01entry195] 195. and , “The Development of a Common Vulnerabilities and Exposures List,” Proceedings of the 2nd International Workshop on Recent Advances in Intrusion Detection (Sep. 1999).
[biblio01entry197] 197. , “Key Recovery—Why, How, Who?” Computers and Security (8), pp. 669–674 (Dec. 1997).
[biblio01entry198] 198. and , “A Comparison of Commercial and Military Security Policies,” Proceedings of the 1987 IEEE Symposium on Security and Privacy, pp. 184–194 (Apr. 1987).
[biblio01entry199] 199. and , “Axiomatic Verification of Finite-State Concurrent Systems Using Temporal Logic Specifications,” ACM Transactions on Programming Languages and Systems (2), pp. 244–263 (1986).
[biblio01entry200] 200. and , “Using State Space Exploration and a Natural Deduction Style Message Derivation Engine to Verify Security Protocols,” Proceedings of the IFIP Working Conference on Programming Concepts and Methods, pp. 87–106 (June 1998).
[biblio01entry201] 201. and , Programming in Prolog, Springer-Verlag, New York, NY (<year>1981</year>).
[biblio01entry202] 202. and , “It Takes Six Ones to Reach a Flaw (Pentium Processor),” Proceedings of the 12th Symposium on Computer Arithmetic, pp. 140–146 (July 1995).
[biblio01entry203] 203. and , “Protection in the HYDRA Operating System,” Proceedings of the 5th Symposium on Operating System Principles, pp. 141–160 (Nov. 1975).
[biblio01entry204] 204. , “Computer Viruses: Theory and Experiments,” Proceedings of the 7th DOD/NBS Computer Security Conference, pp. 240–263 (Sep. 1984).
[biblio01entry205] 205. , “Computer Viruses: Theory and Experiments,” Computers and Security (1), pp. 22–35 (Feb. 1987).
[biblio01entry206] 206. , “Practical Defenses Against Computer Viruses,” Computers and Security (2), pp. 149–160 (Apr. 1989).
[biblio01entry207] 207. , “Computational Aspects of Computer Viruses,” Computers and Security (4), pp. 325–344 (Nov. 1989).
[biblio01entry208] 208. , A Short Course on Computer Viruses, 2nd Edition, John Wiley and Sons, New York, NY (<year>1994</year>).
[biblio01entry209] 209. , “A Note on the Role of Deception in Information Protection,” Computers and Security (6), pp. 483–506 (Nov. 1998).
[biblio01entry210] 210. , Information Technology Security Evaluation Criteria, Version 1.2 (<year>1991</year>).
[biblio01entry211] 211. “Common Criteria Web Site,” http://www.commoncriteria.org.
[biblio01entry212] 212. , SunOS SPARC Integer4 Division Vulnerability, CERT Advisory CA-91.16 (Sep. 1991).
[biblio01entry220] 220. , Sendmail Group Permissions Vulnerability, CERT Advisory CA-96.25 (Dec. 1996).
[biblio01entry221] 221. , MIME Conversion Buffer Overflow in Sendmail Versions 8.8.3 and 8.8.4, CERT Advisory CA-97.05 (Jan. 1997).
[biblio01entry222] 222. , IP Denial-of-Service Attacks, CERT Advisory CA-97.28 (Dec. 1997; revised May 1998).
[biblio01entry224] 224. , Buffer Overflows in SSH Daemon and RSAREF2 Library, CERT Advisory CA-99.15 (Dec. 1999).
[biblio01entry225] 225. , Buffer Overflow in Sun Solstice AdminSuite Daemon sadmind, CERT Advisory CA-99.16 (Dec. 1999).
[biblio01entry226] 226. , Multiple Buffer Overflows in Kerberos Authenticated Services, CERT Advisory CA-2000.06 (May 2000).
[biblio01entry227] 227. , Input Validation Problem in rpc.statd, CERT Advisory CA-2000.17 (Aug. 2000).
[biblio01entry228] 228. , Unauthentic “Microsoft Corporation” Certificates, CERT Advisory CA-2001.04 (Mar. 2001).
[biblio01entry230] 230. and , “On the Implementation of Security Measures in Information Systems,” Communications of the ACM (4), pp. 211–220 (Apr. 1972).
[biblio01entry231] 231. and , Mathematical Psychology: An Elementary Introduction, Mathesis Press, Ann Arbor, MI (<year>1981</year>).
[biblio01entry232] 232. , “A Model of Certificate Revocation,” Proceedings of the 15th Annual Computer Security Applications Conference, pp. 256–264 (Dec. 1999).
[biblio01entry233] 233. and , Intrusion Signatures and Analysis, New Riders Publishing, Indianapolis, IN 46290 (<year>2001</year>).
[biblio01entry234] 234. , “The Data Encryption Standard (DES) and Its Strength Against Attacks,” IBM Journal of Research and Development (3), pp. 243–250 (May 1994)
[biblio01entry235] 235. and , “Introduction and Overview of the Multics System,” Proceedings of the 1965 Fall Joint Computer Conference, pp. 185–196 (Fall 1965).
[biblio01entry236] 236. and , “Analysis of a Storage Channel in the Two Phase Commit Protocol,” Proceedings of the Foundations of Computer Security Workshop IV, pp. 201–208 (June 1991).
[biblio01entry237] 237. , “Frequently Asked Questions About Mixmaster Remailers,” Obscura Information Security, La Mesa, CA (July 1996); available at http://www.obscura.com/~loki/remailer/mixmaster-faq.html.
[biblio01entry238] 238. , “Mixmaster and Remailer Attacks,” Obscura Information Security, La Mesa, CA (1996); available at http://www.obscura.com/~loki/remailer/remailer-essay.html.
[biblio01entry239] 239. and , “It's Elementary, Dear Watson: Applying Logic Programming to Convergent System Management Processes,” Proceedings of the 13th Systems Administration Conference (LISA 1999), pp. 123–137 (<year>1999</year>).
[biblio01entry240] 240. , The Mathematics of Ciphers: Number Theory and RSA Cryptography, A. K. Peters Publishing Co., Natick, MA (<year>1999</year>).
[biblio01entry241] 241. and , “StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks,” Proceedings of the 7th USENIX Security Symposium, pp. 63–77 (Jan. 1998).
[biblio01entry242] 242. and , “SubDomain: Parsimonious Server Security,” Proceedings of the 14th LISA Conference, pp. 355–367 (Dec. 2000).
[biblio01entry243] 243. , “Password Security in a Large Distributed Environment,” Proceedings of the 2nd USENIX UNIX Security Workshop, pp. 17–30 (Aug. 1990).
[biblio01entry244] 244. , Windows 2000 Pro: The Missing Manual, O'Reilly and Associates, Sebastopol, CA (<year>2000</year>).
[biblio01entry245] 245. , UNICOS® Security Administration Reference Manual, Document Number SR-2062A, Cray Research, Inc., Mendota Heights, MN (<year>1989</year>).
[biblio01entry246] 246. , Standard for the Format of ARPA Internet Text Messages, RFC 822 (Aug. 1982).
[biblio01entry247] 247. and , “A Proposal for a Verification-Based Virus Filter,” Proceedings of the 1989 IEEE Symposium on Security and Privacy, pp. 319–324 (May 1989).
[biblio01entry248] 248. and , “Defending a Computer System Using Autonomous Agents,” Proceedings of the 18th National Information Systems Security Conference, pp. 549–558 (Oct. 1995).
[biblio01entry249] 249. and , “A Tutorial Introduction to PVS,” Computer Science Laboratory, SRI International, Menlo Park, CA 94025 (June 1995).
[biblio01entry250] 250. and , “Functional Security Criteria for Distributed Systems,” Proceedings of the 18th National Information Systems Security Conference, pp. 310–321 (Oct. 1995).
[biblio01entry251] 251. and , “Compartmented Mode Workstation: Results Through Prototyping,” Proceedings of the 1987 IEEE Symposium on Security and Privacy, pp. 2–12 (Apr. 1987).
[biblio01entry252] 252. and , “The REDOC-II Cryptosystem,” Advances in Cryptology—Proceedings of CRYPTO '90, pp. 1–16 (Aug. 1990).
[biblio01entry254] 254. and , The Design of Rijndael, Springer-Verlag, New York, NY (<year>2002</year>).
[biblio01entry255] 255. and , “Identification of Host Audit Data to Detect Attacks on Low-Level IP Vulnerabilities,” Journal of Computer Security (1), pp. 3–35 (1999).
[biblio01entry256] 256. and , “Can't Happen or /* NOTREACHED */ or Real Programs Dump Core,” Proceedings of the 1985 Winter USENIX Conference, pp. 136–151 (Winter 1985).
[biblio01entry257] 257. , Managing Security on the DG/UX® System, Manual 093-701138-04, Westboro, MA (Nov. 1996).
[biblio01entry258] 258. , “High Confidence Visual Recognition of Persons by a Test of Statistical Independence,” IEEE Transactions on Pattern Analysis and Machine Intelligence, (11), pp. 1148–1161 (Nov. 1993).
[biblio01entry259] 259. and , “UNIX Guardians: Delegating Security to the User,” Proceedings of the UNIX Security Workshop, pp. 14–23 (Aug. 1988).
[biblio01entry260] 260. and , “Defending Systems Against Viruses Through Cryptographic Authentication,” Proceedings of the 1989 Symposium on Security and Privacy, pp. 312–318 (May 1989).
[biblio01entry261] 261. and , “Cryptographic Randomness from Air Turbulence in Disk Drives,” Advances in Cryptology—Proceedings of CRYPTO '94, pp. 114–120 (Aug. 1994).
[biblio01entry262] 262. and , “Java Security: From HotJava to Netscape and Beyond,” Proceedings of the 1996 IEEE Symposium on Security and Privacy, pp. 190–200 (May 1996).
[biblio01entry263] 263. and , “An Algebraic Approach to IP Traceback,” Proceedings of the 2000 Symposium on Network and Distributed System Security (Feb. 2001).
[biblio01entry264] 264. and , “A Neural Network Component for an Intrusion Detection System,” Proceedings of the 1992 IEEE Symposium on Research in Security and Privacy, pp. 240–250 (May 1992).
[biblio01entry265] 265. R.Demillo, D.Dobkin, A.Jones, and R.Lipton (eds.), Foundations of Secure Computing, Academic Press, New York, NY (<year>1978</year>).
[biblio01entry266] 266. , “Secure Information Flow in Computer Systems,” Ph.D. thesis, Dept. of Computer Sciences, Purdue University, West Lafayette, IN (May 1975); cited in Cryptography and Data Security [269].
[biblio01entry267] 267. , “A Lattice Model of Secure Information Flow,” Communications of the ACM (5), pp. 236–243 (May 1976).
[biblio01entry268] 268. , “Secure Personal Computing in an Insecure Network,” Communications of the ACM (8), pp. 476–482 (Aug. 1979).
[biblio01entry269] 269. , Cryptography and Data Security, Addison-Wesley, Reading, MA (<year>1982</year>).
[biblio01entry270] 270. , “An Intrusion-Detection Model,” IEEE Transactions on Software Engineering (2), pp. 222–232 (Feb. 1987).
[biblio01entry271] 271. , Information Warfare and Security, Addison-Wesley, Reading, MA (<year>1999</year>).
[biblio01entry272] 272. and , “Views for Multilevel Database Security,” IEEE Transactions on Software Engineering (2), pp. 129–140 (Feb. 1987).
[biblio01entry273] 273. and , “A Taxonomy for Key Escrow Encryption Systems,” Communications of the ACM (3), pp. 34–40 (Mar. 1996).
[biblio01entry274] 274. and , “Certification of Programs for Secure Information Flow,” Communications of the ACM (7), pp. 504–513 (July 1977).
[biblio01entry275] 275. and , “The Sea View Security Model,” Proceedings of the 1988 Symposium on Security and Privacy, pp. 218–233 (May 1988).
[biblio01entry276] 276. and , “Location-Based Authentication: Grounding Cyberspace for Better Security,” Computer Fraud and Security, pp. 12–16 (Feb. 1996).
[biblio01entry277] 277. and , “Timestamps in Key Distribution Protocols,” Communications of the CACM (8), pp. 533–536 (Aug. 1981).
[biblio01entry278] 278. and , “Key Escrowing Today,” IEEE Communications Magazine (9), pp. 58–68 (Sep. 1994).
[biblio01entry279] 279. , “Third Generation Computer Systems,” Computing Surveys (4), pp. 175–216 (Dec. 1971).
[biblio01entry280] 280. , “Fault-Tolerant Operating Systems,” Computing Surveys (4), pp. 359–390 (Dec. 1976).
[biblio01entry281] 281. , “The Science of Computing: Computer Viruses,” American Scientist (3), pp. 236–238 (May 1988).
[biblio01entry282] 282. , Computers Under Attack: Intruders, Worms, and Viruses, Addison-Wesley, Reading, MA (<year>1990</year>).
[biblio01entry283] 283. and , “Programming Semantics for Multiprogrammed Computations,” Communications of the ACM (3), pp. 143–155 (Mar. 1966).
[biblio01entry286] 286. , Trusted Network Interpretation of the Trusted System Evaluation Criteria, NCSC-TG-005 (July 1987).
[biblio01entry287] 287. , A Guide to Understanding Audit in Trusted Systems, NCSC-TG-001 Version 2 (June 1988).
[biblio01entry288] 288. , Trusted Database Management System Interpretation of the Trusted Computer System Evaluation Criteria, NCSC-TG-021 Version 1 (Apr. 1991).
[biblio01entry289] 289. , A Guide to Understanding Covert Channel Analysis of Trusted Systems, NCSC-TG-030 (Nov. 1993).
[biblio01entry290] 290. , “Computer Recreations: A Core War Bestiary of Viruses, Worms, and Other Threats to Computer Memories,” Scientific American (3), pp. 14–23 (Mar. 1985).
[biblio01entry291] 291. and , “An Immunological Approach to Change Detection: Algorithms, Analysis, and Implications,” Proceedings of the 1996 IEEE Symposium on Security and Privacy, pp. 110–119 (May 1996).
[biblio01entry292] 292. and , “SESAM: a Biometric Person Identification System Using Sensor Fusion,” Pattern Recognition Letters (9), pp. 827–833 (Sep. 1997).
[biblio01entry294] 294. , An Introduction to Operating Systems (Revised 1st Edition), Addison-Wesley, Reading, MA (<year>1984</year>).
[biblio01entry295] 295. and , “New Directions in Cryptography,” IEEE Transactions on Information Theory (6), pp. 644–654 (Nov. 1976).
[biblio01entry296] 296. and , “Exhaustive Cryptanalysis of the NBS Data Encryption Standard,” IEEE Computer (6), pp. 74–84 (June 1977).
[biblio01entry298] 298. , “The Structure of the T. H. E. Multiprogramming System,” Communications of the ACM (5), pp. 341–346 (May 1968).
[biblio01entry299] 299. , Z: An Introduction to Formal Methods, Wiley, Chichester, UK (<year>1990</year>).
[biblio01entry300] 300. , “A Complete Protection Model,” Proceedings of the 1981 IEEE Symposium on Security and Privacy, pp. 49–55 (Apr. 1981).
[biblio01entry301] 301. and , “Specification and Verification of the ASOS Kernel,” Proceedings of the 1990 Symposium on Research in Security and Privacy, pp. 61–74 (May 1990).
[biblio01entry302] 302. , “The Status of MD5 After a Recent Attack,” CryptoBytes (2), pp. 1ff. (Summer 1996).
[biblio01entry304] 304. and , “Secure Databases: Protection Against User Inference,” ACM Transactions on Database Systems (1), pp. 97–106 (Mar. 1979).
[biblio01entry305] 305. and , “Using Router Stamping to Identify the Source of IP Packets,” Proceedings of the 7th ACM Conference on Computer and Communications Security, pp. 184–189 (Nov. 2000).
[biblio01entry306] 306. and , “Misplaced Trust: Kerberos 4 Session Keys,” Proceedings of the 1997 Symposium on Network and Distributed System Security, pp. 60–70 (Mar. 1997).
[biblio01entry307] 307. and , “On the Security of Public Key Protocols,” IEEE Transactions on Information Theory (2), pp. 198–208 (Mar. 1983).
[biblio01entry309] 309. and , IPSEC: The New Security Standard for the Internet, Intranets, and Virtual Private Networks, Prentice Hall, Upper Saddle River, NJ (<year>1999</year>).
[biblio01entry310] 310. and , “Issues in Discretionary Access Control,” Proceedings of the 1984 IEEE Symposium on Security and Privacy, pp. 208–218 (Apr. 1984).
[biblio01entry311] 311. and , “Fusion of Audio and Video Information for Multi-Model Person Authentication,” Pattern Recognition Letters (9), pp. 835–843 (Sep. 1997).
[biblio01entry312] 312. , “Experiences with Viruses on UNIX Systems,” Computing Systems (2), pp. 155–172 (Spring 1989).
[biblio01entry313] 313. and , “Testing and Evaluating Computer Intrusion Detection Systems,” Communications of the ACM (7), pp. 53–61 (July 1999).
[biblio01entry316] 316. , RSA/MD5 KEYs and SIGs in the Domain Name System (DNS), RFC 2537 (Mar. 1999).
[biblio01entry317] 317. , Storage of Diffie-Hellman Keys in the Domain Name System (DNS), RFC 2539 (Mar. 1999).
[biblio01entry318] 318. and , Storing Certificates in the Domain Name System (DNS), RFC 2538 (Mar. 1999).
[biblio01entry320] 320. , “Eliminating Formal Flows in Automated Information Flow Analysis,” Proceedings of the 1994 IEEE Symposium on Research in Security and Privacy, pp. 30–38 (May 1994).
[biblio01entry321] 321. and , “A Cryptographic Key Management Scheme for Implementing the Data Encryption Standard,” IBM Systems Journal (2), pp. 106–125 (1978).
[biblio01entry322] 322. and , “With Microscope and Tweezers: An Analysis of the Internet Virus of November 1988,” Proceedings of the 1989 IEEE Symposium on Security and Privacy, pp. 326–343 (May 1989).
[biblio01entry323] 323. and , The Computer Worm: A Report to the Provost of Cornell University on an Investigation Conducted by the Commission of Preliminary Enquiry, Cornell University, Ithaca, NY (Feb. 1989).
[biblio01entry324] 324. , “A Public Key Cryptosystem and Signature Scheme Based on Discrete Logarithms,” IEEE Transactions in Information Theory (4), pp. 469–472 (July 1985).
[biblio01entry325] 325. and , “The Department of Defense Information Technology Security Certification and Accreditation Process (DITSCAP),” Proceedings of the 19th National Information Systems Security Conference, pp. 46–53 (Oct. 1996).
[biblio01entry326] 326. , “A High-Level Debugger for PL/1, FORTRAN and BASIC,” Software—Practice and Experience (4), pp. 331–340 (April 1982).
[biblio01entry327] 327. , “Establishing Identity Without Certification Authorities,” Proceedings of the 6th USENIX Security Symposium, pp. 67–76 (July 1996).
[biblio01entry328] 328. , “Naming and Certificates,” CFP '00, Proceedings of the 10th Conference on Computers, Freedom and Privacy: Challenging the Assumptions, pp. 213–217 (Apr. 2000).
[biblio01entry329] 329. , Introduction to the Theory of Computation, Academic Press, New York, NY (<year>1973</year>).
[biblio01entry330] 330. , “Anonymity and Privacy on the Internet” (Jan. 1997); available at http://www.stack.nl/~galactus/remailers/index.html.
[biblio01entry331] 331. and , “A High Assurance Window System Prototype,” Journal of Computer Security (2, 3), pp. 159–190 (1993).
[biblio01entry332] 332. and , “Using Operating System Wrappers to Increase the Resiliency of Commercial Firewalls,” Proceedings of the 16th Annual Computer Security Applications Conference, pp. 236–245 (Dec. 2000).
[biblio01entry333] 333. , Audit, Control, and Security Issues in RACF Environments, Technical Reference Series No. 37052, The EDP Auditors Foundation, Inc., Carol Stream, IL (<year>1992</year>).
[biblio01entry334] 334. and , “Functional Specifications of Subsystem for Database Integrity,” Proceedings of the International Conference on Very Large Data Bases, pp. 48–68 (Sep. 1975).
[biblio01entry335] 335. and , “Information Assurance Through Kolmogorov Complexity,” Proceedings of the DARPA Information Survivability Conference and Exposition II, pp. 322–331 (June 2001).
[biblio01entry336] 336. , “Capability-Based Addressing,” Communications of the ACM (7), pp. 403–412 (July 1974).
[biblio01entry337] 337. , “On an Authorization Mechanism,” ACM Transactions on Database Systems (3), pp. 310–319 (Sep. 1978).
[biblio01entry338] 338. and , “An LSI Random Number Generator (RNG),” Advances in Cryptology—Proceedings of CRYPTO '84, pp. 115–143 (Aug. 1984).
[biblio01entry339] 339. and , “TITAN,” Proceedings of the 12th Systems Administration Conference (LISA '98), pp. 1–10 (Dec. 1998).
[biblio01entry340] 340. and , “The Cops Security Checker System,” Proceedings of the 1990 Summer USENIX Conference, pp. 165–170 (June 1990).
[biblio01entry341] 341. and , “Proving Multilevel Security of a System Design,” Proceedings of the 6th Symposium on Operating System Principles, pp. 57–65 (Dec. 1977).
[biblio01entry342] 342. and , “The Foundations of a Provably Secure Operating System (PSOS),” Proceedings of the National Computer Conference , pp. 329–334 (1979).
[biblio01entry343] 343. , “Cryptography and Computer Privacy,” Scientific American (5), pp. 15–23 (May 1973).
[biblio01entry344] 344. and , “UNIX Password Security—Ten Years Later,” Advances in Cryptology—Proceedings of CRYPTO '89, pp. 44–63 (Aug. 1989).
[biblio01entry346] 346. , A Pathology of Computer Viruses, Springer-Verlag, New York, NY (<year>1991</year>).
[biblio01entry347] 347. and “Building a Case for Assurance from Process,” Proceedings of the 21st National Information Systems Security Conference, pp. 49–61 (Oct. 1998).
[biblio01entry348] 348. , “Tutorial: The Systems Security Engineering Capability Maturity Model,” Proceedings of the 21st National Information Systems Security Conference, pp. 719–729 (Oct. 1998).
[biblio01entry349] 349. and , “Property-Based Testing: A New Approach to Testing for Assurance,” Software Engineering Notes (4), pp. 74–80 (July 1997).
[biblio01entry350] 350. and , “Property-Based Testing of Privileged Programs,” Proceedings of the 10th Annual Computer Security Applications Conference, pp. 154–163 (Dec. 1994).
[biblio01entry351] 351. and , “Tools for System Administration in a Heterogeneous Environment,” Proceedings of the 3rd Large Installation Systems Administration Workshop (LISA 1989), pp. 15–30 (<year>1989</year>).
[biblio01entry352] 352. and , “Log Files: An Extended File Service Exploiting Write-Once Storage,” Proceedings of the 11th Symposium on Operating Systems Principles, pp. 139–148 (Nov. 1987).
[biblio01entry353] 353. and , “The Design of an Audit Trail Analysis Tool,” Proceedings of the 10th Annual Computer Security Applications Conference, pp. 126–132 (Dec. 1994).
[biblio01entry354] 354. and , “The Cascade Problem: Graph Theory Can Help,” Proceedings of the 14th National Computer Security Conference, pp. 88–100 (Oct. 1991).
[biblio01entry355] 355. and , The Computer Virus Crisis, Van Nostrand Reinhold, New York, NY (<year>1988</year>).
[biblio01entry356] 356. and , “CERT Incident Response and the Internet,” Communications of the ACM (8), pp. 108–113 (Aug. 1994).
[biblio01entry357] 357. and , “Better Logging Through Formality: Applying Formal Specification Techniques to Improve Audit Logs and Log Consumers,” Proceedings of the 3rd International Workshop on Recent Advances in Intrusion Detection, pp. 1–16 (Oct. 2000).
[biblio01entry358] 358. and , “The Certification of the Interim Key Escrow System,” Proceedings of the 19th National Information Systems Security Conference, pp. 26–33 (Oct. 1996).
[biblio01entry359] 359. and , “System V/MLS Labeling and Mandatory Policy Alternatives,” Proceedings of the 1989 Winter USENIX Conference, pp. 413–427 (Jan. 1989).
[biblio01entry360] 360. and , “Statistical Analysis of the Alleged RC4 Keystream Generator,” Proceedings of the 7th International Workshop on Fast Software Encryption, pp. 19–39 (Apr. 2000).
[biblio01entry361] 361. and , “A Classification of Security Properties for Process Algebras,” Journal of Computer Security (1), pp. 5–33 (1994/1995).
[biblio01entry362] 362. , “A Model for Secure Information Flow,” Proceedings of the 1989 IEEE Symposium on Research in Security and Privacy, pp. 248–258 (May 1989).
[biblio01entry363] 363. , “Separation of Duty Using High Water Marks,” Proceedings of the Computer Security Foundations Workshop IV, pp. 79–88 (June 1991).
[biblio01entry364] 364. and , “Specifying Security for CSCW Systems,” Proceedings of the 8th IEEE Computer Security Foundations Workshop, pp. 136–145 (June 1995).
[biblio01entry365] 365. and , Secure Electronic Commerce: Building the Infrastructure for Digital Signatures and Encryption, Prentice-Hall, Upper Saddle River, NJ (<year>1997</year>).
[biblio01entry366] 366. and , “Computer Immunology,” Communications of the ACM (10), pp. 88–96 (Oct. 1997).
[biblio01entry367] 367. and , “A Sense of Self for UNIX Processes,” Proceedings of the 1996 IEEE Symposium on Security and Privacy, pp. 120–128 (May 1996).
[biblio01entry368] 368. and , “Self-Nonself Discrimination,” Proceedings of the 1994 IEEE Symposium on Security and Privacy, pp. 202–212 (May 1994).
[biblio01entry369] 369. , “Artificial Intelligence and Intrusion Detection: Current and Future Directions,” Proceedings of the 17th National Computer Security Conference, pp. 21–33 (Oct. 1994).
[biblio01entry370] 370. and , “A Framework for Understanding Vulnerabilities in Firewalls Using a Dataflow Model of Firewall Internals,” Computers and Security (3), pp. 263–270 (May 2001).
[biblio01entry371] 371. and , “Ensuring Continuity During Dynamic Security Policy Reconfiguration in DTE,” Proceedings of the 1998 IEEE Symposium on Security and Privacy, pp. 15–26 (May 1998).
[biblio01entry372] 372. and , “Hardening COTS Software with Generic Software Wrappers,” Proceedings of the 1999 IEEE Symposium on Security and Privacy, pp. 2–16 (May 1999).
[biblio01entry373] 373. , “How to Make BSD (SunOS) Kernels SYN-Attack Resistant” (Sep. 1996); available at http://www.netaxs.com/~freedman/syn/.
[biblio01entry374] 374. and , At Large: The Strange Case of the World's Biggest Internet Invasion, Simon and Schuster, New York, NY (<year>1997</year>).
[biblio01entry375] 375. and , The SSL Protocol: Version 3.0, Netscape Communications, Inc., Mountain View, CA (Mar. 1996).
[biblio01entry376] 376. , Essential System Administration, O'Reilly and Associates, Sebastopol, CA (<year>1991</year>).
[biblio01entry377] 377. and , “Evaluation of Intrusion Detectors: a Decision Theory Approach,” Proceedings of the 2001 IEEE Symposium on Security and Privacy, pp. 50–61 (May 2001).
[biblio01entry378] 378. , Cryptanalysis: A Study of Ciphers and Their Solution, Dover, New York, NY (<year>1956</year>).
[biblio01entry379] 379. , “Security Modeling for Public Safety Communication Specifications,” Proceedings of the 20th National Information Systems Security Conference, pp. 514–521 (Oct. 1997).
[biblio01entry380] 380. and , “A New Attack on Pronounceable Password Generators,” Proceedings of the 17th National Computer Security Conference, pp. 184–197 (Oct. 1994).
[biblio01entry381] 381. , “The Yaksha Security System,” Communications of the ACM (3), pp. 55–60 (Mar. 1996).
[biblio01entry382] 382. and , Practical UNIX and Internet Security, 2nd Edition, O'Reilly and Associates, Sebastopol, CA (<year>1996</year>).
[biblio01entry383] 383. and , Web Security & Commerce, O'Reilly and Associates, Sebastopol, CA (<year>1996</year>).
[biblio01entry384] 384. and , “Specifying, Validating, and Testing a Traffic Management System in the TRIO Environment,” Proceedings of the 11th Annual Conference on Computer Assurance, pp. 65–76 (June 1996).
[biblio01entry385] 385. , “Selective Disassembly: A First Step Towards Developing a Virus Filter,” Proceedings of the 4th Aerospace Computer Security Conference, pp. 2–6 (Dec. 1988).
[biblio01entry386] 386. , “A Random Word Generator for Pronounceable Passwords,” Technical Report ESD-TR-75-97, Electronic Systems Division, Hanscom Air Force Base, Bedford, MA (Nov. 1975).
[biblio01entry387] 387. and , “Compile-Time Flow Analysis of Transactions and Methods in Object-Oriented Databases,” Proceedings of the IFIP TC11 WG11.3 11th International Conference on Database Security, pp. 110–133 (Aug. 1997).
[biblio01entry389] 389. , E-Commerce Security: Weak Links, Best Defenses, John Wiley and Sons, New York, NY (<year>1998</year>).
[biblio01entry390] 390. and , “An Automated Approach for Identifying Potential Vulnerabilities in Software,” Proceedings of the 1998 IEEE Symposium on Security and Privacy, pp. 104–114 (May 1998).
[biblio01entry391] 391. and , “A Distributed Safety-Critical System for Real-Time Train Control,” Proceedings of the 21st IEEE International Conference on Industrial Electronics, Control, and Instrumentation, pp. 760–767 (Nov. 1995).
[biblio01entry392] 392. , “Cryptographic Sealing for Information Secrecy and Authentication,” Communications of the ACM (4), pp. 274–286 (Apr. 1982).
[biblio01entry393] 393. and , “A Statistical Attack on the Feal-8 Cryptosystem,” Advances in Cryptology—Proceedings of CRYPTO '90, pp. 22–33 (Aug. 1990).
[biblio01entry394] 394. and , “Development of a Software Security Assessment Instrument to Reduce Software Security Risk,” Proceedings of the 10th IEEE International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises, pp. 144–149 (June 2001).
[biblio01entry395] 395. , Cracking the DES, O'Reilly and Associates, Sebastopol, CA (<year>1998</year>).
[biblio01entry396] 396. , UNIX® for Programmers and Users, Prentice-Hall, Englewood Cliffs, NJ (<year>1993</year>).
[biblio01entry397] 397. , “Guidelines for Trusted Facility Management and Audit,” University of Maryland, College Park, MD (1985); cited in A Guide to Understanding Audit in Trusted Systems [287].
[biblio01entry398] 398. and , “Design and Implementation of Secure Xenix,” IEEE Transactions on Software Engineering (2), pp. 208–221 (Feb. 1987).
[biblio01entry399] 399. and , “On the Formal Definition of Separation of Duty Policies and Their Composition,” Proceedings of the 1998 Symposium on Security and Privacy, pp. 172–183 (May 1998).
[biblio01entry400] 400. and , “KVM/370 in Retrospect,” Proceedings of the 1984 Symposium on Security and Privacy, pp. 13–24 (Apr. 1984).
[biblio01entry401] 401. and , “A Security Retrofit of VM/370,” Proceedings of the National Computer Conference , pp. 335–344 (June 1979).
[biblio01entry402] 402. and , “A Secure Environment for Untrusted Helper Applications: Confining the Wily Hacker,” Proceedings of the 6th USENIX Security Symposium, pp. 1–13 (July 1996).
[biblio01entry403] 403. , Modern Cryptography, Probabilistic Proofs, and Pseudorandomness, Springer-Verlag, New York, NY (<year>1999</year>).
[biblio01entry404] 404. , “Linear Statistical Weakness of Alleged RC4 Keystream Generator,” Advances in Cryptology—Proceedings of EUROCRYPT '97, pp. 226–238 (May 1997).
[biblio01entry405] 405. , “A Secure Identity-Based Capability System,” Proceedings of the 1989 IEEE Symposium on Security and Privacy, pp. 56–63 (May 1989).
[biblio01entry406] 406. , “A Security Risk of Depending on Synchronized Clocks,” Operating Systems Review (1), pp. 49–53 (Jan. 1992).
[biblio01entry407] 407. and , “Going Beyond the Sandbox: An Overview of the New Security Architecture in the Java™ Development Kit 1.2,” Proceedings of the USENIX Symposium on Internet Technologies and Systems, pp. 103–112 (Dec. 1997).
[biblio01entry408] 408. and , “The Complexity and Composability of Secure Interoperation,” Proceedings of the 1994 Symposium on Security and Privacy, pp. 190–200 (May 1994).
[biblio01entry409] 409. and , “Computational Issues in Secure Interoperation,” IEEE Transactions on Software Engineering (1), pp. 43–52 (Jan. 1996).
[biblio01entry410] 410. and , “Security Assurance Efforts in Engineering Java 2 SE (JDK 1.2),” Proceedings of the 4th IEEE International Symposium on High-Assurance Systems Engineering, pp. 89–93 (Nov. 1999).
[biblio01entry411] 411. M.Gordon and T.Melham (eds.), Introduction to HOL: A Theorem Proving Environment for Higher Order Logic, Cambridge University Press, Cambridge, UK (<year>1993</year>).
[biblio01entry412] 412. and , “Security Policies and Security Models,” Proceedings of the 1982 Symposium on Privacy and Security, pp. 11–20 (Apr. 1982).
[biblio01entry413] 413. and “Protection—Principles and Practice,” Spring Joint Computer Conference, AFIPS Conference Proceedings , pp. 417–429 (1972).
[biblio01entry414] 414. , “Laws of Non-Interference in CSP,” Journal of Computer Security (1), pp. 37–52 (1993).
[biblio01entry415] 415. and , “UNIX Operating System Security,” AT&T Bell Laboratories Technical Journal (8), pp. 1649–1672 (Oct. 1984).
[biblio01entry416] 416. , Understanding Digital Signatures, McGraw-Hill, New York, NY (<year>1998</year>).
[biblio01entry417] 417. , “DES Key Crunching for Safer Cipher Keys,” ACM Special Interest Group Security Audit and Control Review (3), pp. 9–16 (Summer 1987).
[biblio01entry418] 418. , “The Integrity-Lock Approach to Secure Database Management,” Proceedings of the 1990 Symposium on Security and Privacy, pp. 62–74 (Apr. 1990).
[biblio01entry419] 419. , “On the Need for a Third Form of Access Control,” Proceedings of the 12th National Computer Security Conference, pp. 296–304 (Oct. 1989).
[biblio01entry420] 420. , “Towards a Mathematical Model of Information Flow Security,” Journal of Computer Security (3,4), pp. 255–294 (1992).
[biblio01entry421] 421. , “On Introducing Noise into the Bus-Contention Channel,” Proceedings of the 1993 IEEE Symposium on Research in Security and Privacy, pp. 90–98 (May 1993).
[biblio01entry422] 422. and , “The 'Father Christmas' Worm,” Proceedings of the 12th National Computer Security Conference, pp. 359–368 (Oct. 1989).
[biblio01entry423] 423. and , “Mobile Agents and Security,” IEEE Communications Magazine (7), pp. 76–85 (July 1998).
[biblio01entry424] 424. and , “Designing an Academic Firewall: Policy, Practice, and Experience,” Proceedings of the 1996 Symposium on Network and Distributed Systems Security, pp. 79–92 (Feb. 1996).
[biblio01entry425] 425. , Solaris™ Security, Prentice-Hall, Upper Saddle River, NJ (<year>2000</year>).
[biblio01entry426] 426. and , “An Authorization Mechanism for a Relational Database System,” ACM Transactions on Database Systems (3), pp. 242–255 (Sep. 1976).
[biblio01entry427] 427. and , “Mixing Email with BABEL,” Proceedings of the 1996 Symposium on Network and Distributed System Security, pp. 1–15 (Feb. 1996).
[biblio01entry428] 428. and , “Towards a Theory of Penetration-Resistant Systems and Its Applications,” Proceedings of the Computer Security Foundations Workshop IV, pp. 62–78 (June 1991).
[biblio01entry429] 429. and , “Experience with a Penetration Analysis Method and Tool,” Proceedings of the 15th National Computer Security Conference, pp. 165–183 (Oct. 1992).
[biblio01entry430] 430. , “Information Flow and Invariance,” Proceedings of the 1987 IEEE Symposium on Security and Privacy, pp. 67–73 (Apr. 1987).
[biblio01entry431] 431. and , “What Needs Securing?” Proceedings of the Computer Security Foundations Workshop MITRE Technical Report M88-37, pp. 34–57, MITRE Corporation, Bedford, MA, (June 1988).
[biblio01entry432] 432. and , Cyberpunk: Outlaws and Hackers on the Computer Frontier, Simon and Schuster, New York, NY (<year>1991</year>).
[biblio01entry433] 433. and , “Site: A Language and System for Configuring Many Computers as One Computer Site,” Proceedings of the 3rd Large Installation Systems Administration Workshop (LISA 1989), pp. 1–15 (<year>1989</year>).
[biblio01entry434] 434. and , “Extending the Non-Interference Version of MLS for SAT,” Proceedings of the 1986 IEEE Symposium on Security and Privacy, pp. 232–239 (Apr. 1986).
[biblio01entry435] 435. and , “An Experience Using Two Covert Channel Analysis Techniques on a Real System Design,” Proceedings of the 1986 Symposium on Security and Privacy, pp. 14–24 (Apr. 1986).
[biblio01entry436] 436. and , “An Experience Using Two Covert Channel Analysis Techniques on a Real System Design,” IEEE Transactions on Software Engineering (2), (Feb. 1987).
[biblio01entry437] 437. , “The S/Key™ One-Time Password System,” Proceedings of the 1994 Symposium on Network and Distributed System Security, pp. 151–157 (Feb. 1994).
[biblio01entry438] 438. and , “Horses and Barn Doors: Evolution of Corporate Guidelines for Internet Usage,” Proceedings of the 7th Systems Administration Conference (LISA 1993), pp. 9–16 (Nov. 1993).
[biblio01entry439] 439. and , The Federalist Papers (C.Rossiter, ed.), New American Library, New York, NY (<year>1961</year>).
[biblio01entry440] 440. and , “Security Characterisation and Integrity Assurance for Component-Based Software,” Proceedings of the International Conference on Software Methods and Tools, pp. 61–66 (Nov. 2000).
[biblio01entry441] 441. and , “Erroneous Requirements: A Linguistic Basis for Their Occurrence and an Approach to Their Reduction,” Proceedings of the 26th Annual NASA Goddard Software Engineering Workshop, pp. 115–119 (Nov. 2001).
[biblio01entry442] 442. , “A Machine-Independent Debugger—Revisited,” Software—Practice and Experience (10), pp. 849–862 (Oct. 1999).
[biblio01entry443] 443. and , “Centralized System Monitoring with Swatch,” Proceedings of the 3rd USENIX UNIX Security Symposium, pp. 105–117 (Sep. 1992).
[biblio01entry444] 444. and , “Automated System Monitoring and Notification with Swatch,” Proceedings of the 7th Systems Administration Conference (LISA 1993), pp. 145–155 (Nov. 1993).
[biblio01entry445] 445. , Encoding Network Addresses to Support Operation over Non-OSI Lower Layers, RFC 1277 (Nov. 1991).
[biblio01entry447] 447. , “KeyKOS Architecture,” Operating Systems Review (4), pp. 8–25 (Oct. 1985).
[biblio01entry448] 448. , “Hackers May 'Net' Good PR for Studio,” Los Angeles Times, p. D1 (Aug. 12, 1995).
[biblio01entry449] 449. and , “Firewall Certification,” Computers and Security (2), pp. 165–177 (Mar./Apr. 1999).
[biblio01entry450] 450. and , “Protection in operating systems,” Communications of the ACM (8), pp. 461–471 (Aug. 1976).
[biblio01entry451] 451. and , “Monotonic Protection Systems,” in Foundations of Secure Computing [265], pp. 337–363 (Oct. 1977).
[biblio01entry452] 452. and , “The BirliX Security Architecture,” Journal of Computer Security (1), pp. 5–21 (1993).
[biblio01entry453] 453. and , “Full Protection Specifications in the Semantic Model for Database Protection Languages,” Proceedings of the 1976 ACM Annual Conference, pp. 90–95 (Oct. 1976).
[biblio01entry454] 454. , “Pass-Algorithms: A User Validation Scheme Based on Knowledge of Secret Algorithms,” Communications of the ACM (8), pp. 777–781 (Aug. 1984).
[biblio01entry455] 455. , “Shadow Password Suite,” Proceedings of the 3rd USENIX UNIX Security Symposium, pp. 133–144 (Sep. 1992).
[biblio01entry456] 456. and , “Data Mining Computer Audit Logs to Detect Computer Misuse,” International Journal of Intelligent Systems in Accounting, Finance and Management (3), pp. 125–134 (Sep. 1998).
[biblio01entry457] 457. and , “A Penetration Analysis of the Michigan Terminal System,” Operating Systems Review (1), pp. 7–20 (Jan. 1980).
[biblio01entry458] 458. and , “Attack Class: Address Spoofing,” Proceedings of the 19th National Information Systems Security Conference, pp. 371–377 (Oct. 1996).
[biblio01entry459] 459. and , “A Network Security Monitor,” Proceedings of the 1990 IEEE Symposium on Research in Security and Privacy, pp. 296–304 (May 1990).
[biblio01entry460] 460. and , “Internetwork Security Monitor: An Intrusion-Detection System for Large-Scale Networks,” Proceedings of the 15th National Information Systems Security Conference, pp. 262–271 (Oct. 1992).
[biblio01entry461] 461. , “Lessons Learned with the Systems Security Engineering Capability Maturity Model,” Proceedings of the 1997 International Conference on Software Engineering, pp. 566–567 (May 1997).
[biblio01entry462] 462. , “A Process Standard for System Security Engineering: Development Experiences and Pilot Results,” Proceedings of the IEEE International Symposium on Software Engineering Standards, pp. 217–221 (June 1997).
[biblio01entry463] 463. and , Cisco® Access Lists Field Guide, McGraw-Hill, New York, NY (<year>1999</year>).
[biblio01entry464] 464. , Great Feuds in Science: Ten of the Liveliest Disputes Ever, John Wiley and Sons, New York, NY (<year>1998</year>).
[biblio01entry465] 465. , “A Cryptanalytic Time-Memory Tradeoff,” IEEE Transactions on Information Theory (4), pp. 401–406 (July 1980).
[biblio01entry466] 466. and , “Statistical Foundations of Audit Trail Analysis for the Detection of Computer Misuse,” IEEE Transactions on Software Engineering (9), pp. 886–901 (Sep. 1993).
[biblio01entry467] 467. , Press Release: Johan Helsingius Closes His Internet Remailer, Oy Penetic Ab (Aug. 1996).
[biblio01entry468] 468. , Sendmail Release 8.8.6 Causes Denial of Service Failures, Security Bulletin #00097 (Apr. 1999).
[biblio01entry469] 469. , “An 'Intelligent' Approach to Audit Trail Analysis,” Proceedings of the 2nd International Meeting on Expert Systems Applications, pp. 51–63 (<year>1992</year>).
[biblio01entry470] 470. , “Random Bits and Bytes: Case History of a Virus Attack,” Computers and Security (1), pp. 3–5 (Feb. 1988).
[biblio01entry471] 471. , Computer Virus Handbook, Elsevier Advanced Technology, Oxford, UK (<year>1990</year>).
[biblio01entry472] 472. , “Random Bits and Bytes: Testing a Password System,” Computers and Security (2), pp. 110–113 (Apr. 1992).
[biblio01entry473] 473. and , “Audit Log Analysis Using the Visual Audit Browser Toolkit,” Technical Report CSE-95-11, Department of Computer Science, University of California, Davis, CA (Sep. 1995).
[biblio01entry474] 474. , “The Formulary Model for Flexible Privacy and Access Control,” Proceedings of the 1971 Fall Joint Computer Conference, pp. 587–601 (<year>1971</year>).
[biblio01entry475] 475. , Modern Methods for Computer Security and Privacy, Prentice-Hall, Englewood Cliffs, NJ 07632 (<year>1977</year>).
[biblio01entry476] 476. , Rogue Programs: Viruses, Worms, and Trojan Horses, Van Nostrand Reinhold, New York, NY (<year>1990</year>).
[biblio01entry477] 477. and , “Security Pipeline Interface (SPI),” Proceedings of the 6th Annual Computer Security Applications Conference, pp. 349–355 (Dec. 1990).
[biblio01entry478] 478. and , “Intrusion Detection Using Sequences of System Calls,” Journal of Computer Security (3), pp. 151–180 (1988).
[biblio01entry479] 479. and “Decentralizing Distributed System Administration,” Proceedings of the 9th Systems Administration Conference (LISA 1995), pp. 139–147 (Sep. 1995).
[biblio01entry480] 480. and , “Auditing the On-Line, Real-Time Computer System,” Journal of Systems Management (1), pp. 14–19 (Jan. 1983).
[biblio01entry481] 481. , “The Model Checker SPIN,” IEEE Transactions on Software Engineering (5), pp. 1–17 (May 1997).
[biblio01entry482] 482. , The Odyssey (translated by ), Penguin Books, New York, NY (<year>1946</year>).
[biblio01entry483] 483. , “Know Your Enemy: III” (March 2000); available at http://project.honeynet.org/papers/enemy3.
[biblio01entry484] 484. , “Know Your Enemy: Passive Fingerprinting” (May 2000); available at http://project.honeynet.org/papers/finger.
[biblio01entry485] 485. , “Know Your Enemy: A Forensic Analysis” (May 2000); available at http://project.honeynet.org/papers/forensics.
[biblio01entry486] 486. , “Know Your Enemy” (July 2000); available at http://project.honeynet.org/papers/enemy.
[biblio01entry487] 487. , “Know Your Enemy: Honeynets” (Apr. 2001); available at http://project.honeynet.org/papers/honeynet.
[biblio01entry488] 488. , “Know Your Enemy: II” (June 2001); available at http://project.honeynet.org/papers/enemy2.
[biblio01entry489] 489. , “Know Your Enemy: Statistics” (July 2001); available at http://project.honeynet.org/papers/stats.
[biblio01entry490] 490. and “The Cascade Vulnerability Problem,” Journal of Computer Security (4), pp. 279–290 (1993).
[biblio01entry491] 491. and , “The Cascade Vulnerability Problem,” Proceedings of the 1993 IEEE Symposium on Research in Security and Privacy, pp. 110–116 (May 1993).
[biblio01entry492] 492. , Designing Secure Web-Based Applications for Microsoft® Windows® 2000, Microsoft Press, Redmond, WA (<year>2000</year>).
[biblio01entry493] 493. and , Writing Secure Code, Microsoft Press, Redmond, WA (<year>2001</year>).
[biblio01entry494] 494. and , “We Have Met the Enemy, an Informal Survey of Policy Practices in the Internetworked Community,” Proceedings of the 5th Large Installation Systems Administration Conference (LISA 1991), pp. 159–170 (Sep./Oct. 1991).
[biblio01entry495] 495. , Computer Viruses and Anti-Virus Warfare, Ellis Horwood, New York, NY (<year>1992</year>).
[biblio01entry496] 496. and , “Language Support for Extensible Operating Systems,” Proceedings of the Inaugural Workshop on Compiler Support for Systems Software, pp. 127–133 (Feb. 1996).
[biblio01entry497] 497. and , “E4 ITSEC Evaluation of PR/SM on ES/9000 Processors,” Proceedings of the 19th National Information Systems Security Conference, pp. 1–11 (Oct. 1996).
[biblio01entry498] 498. , “Reducing Timing Channels with Fuzzy Time,” Proceedings of the 1991 IEEE Symposium on Research in Security and Privacy, pp. 52–61 (May 1991).
[biblio01entry499] 499. , “Lattice Scheduling and Covert Channels,” Proceedings of the 1992 IEEE Symposium on Research in Security and Privacy, pp. 8–20 (May 1992).
[biblio01entry500] 500. , Windows NT Administration and Security, Prentice-Hall, Upper Saddle River, NJ (<year>2001</year>)
[biblio01entry501] 501. , “Certificate Inter-Operability White Paper,” Computers and Security (3), pp. 221–250 (May 1999).
[biblio01entry502] 502. , “The Realities of PKI Inter-Operability,” Proceedings of Secure Networking—CQRE [Secure] '99 International Exhibition and Congress, pp. 127–132 (Nov. 1999).
[biblio01entry503] 503. and , Logic in Computer Science: Modelling and Reasoning About Systems, Cambridge University Press, Cambridge, UK (<year>2000</year>).
[biblio01entry504] 504. and , “Access Control with Role Attribute Certificates,” Computer Standards and Interfaces (1), pp. 43–53 (Mar. 2000).
[biblio01entry505] 505. and , “Protection Profiles for Remailer Mixes,” Proceedings of the International Workshop on Design Issues in Anonymity and Unobservability, pp. 181–225 (July 2000).
[biblio01entry506] 506. and , “Security Defects in CCITT Recommendation X.509—the Directory Authentication Framework,” Computer Communication Review (2), pp. 30–34 (Apr. 1990).
[biblio01entry507] 507. , “Collaring the Cybercrook: An Investigator's View,” IEEE Spectrum (6), pp. 31–36 (June 1997).
[biblio01entry508] 508. and , “State Transition Analysis: A Rule-Based Intrusion Detection Approach,” IEEE Transactions on Software Engineering (3), pp. 181–199 (Mar. 1995).
[biblio01entry509] 509. and , “A Dynamic Storage Allocation System,” Computer Journal , pp. 200–209 (1962); cited in Cryptography and Data Security [269].
[biblio01entry510] 510. , Basic Machine Principles, 2nd Edition, Elsevier MacDonald Publishing Co., New York, NY (<year>1972</year>); cited in Cryptography and Data Security [269].
[biblio01entry511] 511. , Transmission Control Protocol DARPA Internet Program Protocol Specification, RFC 793 (Sep. 1981).
[biblio01entry512] 512. , Recommendation X.509—the Directory Authentication Framework (<year>1993</year>).
[biblio01entry513] 513. and , “A Practical Tool for Developing Trusted Applications,” Proceedings of the 11th Annual Computer Security Applications Conference, pp. 190–195 (Dec. 1995).
[biblio01entry514] 514. and , “A Multi-threading Architecture for Multilevel Secure Transaction Processing,” Proceedings of the 1999 IEEE Symposium on Security and Privacy, pp. 166–180 (May 1999).
[biblio01entry515] 515. and , “Fingerprint Identification Using Graph Matching,” Pattern Recognition (2), pp. 113–122 (1986).
[biblio01entry516] 516. , “Computer Viruses: Myth or Reality?” Proceedings of the 10th National Computer Security Conference, pp. 226–230 (Sep. 1987).
[biblio01entry517] 517. and , “Pluggable Authentication Modules for Windows NT,” Proceedings of the 2nd USENIX Windows NT Symposium, pp. 97–108 (Aug. 1998).
[biblio01entry518] 518. and , “Audit Trail Organization in Relational Databases,” Results of the IFIP WG 11.3 Workshop on Database Security, III: Status and Prospects, pp. 269–281 (Sep. 1989).
[biblio01entry519] 519. and , “Transaction Processing in Multilevel-Secure Databases Using Replicated Architecture,” Proceedings of the 1990 Symposium on Research in Security and Privacy, pp. 360–368 (May 1990).
[biblio01entry520] 520. and , “A Logical Language for Expressing Authorizations,” Proceedings of the 1997 IEEE Symposium on Security and Privacy, pp. 31–42 (May 1997).
[biblio01entry521] 521. and , “Towards a Multilevel Secure Relational Data Model,” Proceedings of the ACM-SIGMOD Conference, pp. 50–59 (May 1991).
[biblio01entry522] 522. and , PASCAL: User Manual and Report, 2nd Edition, Springer-Verlag, New York, NY (<year>1974</year>).
[biblio01entry523] 523. and , “The Design and Analysis of Graphical Passwords,” Proceedings of the 8th USENIX Security Symposium, pp. 1–14 (Aug. 1999).
[biblio01entry524] 524. and , “Security and the Composition of Machines,” Proceedings of the Computer Security Foundations Workshop, MITRE Technical Report M88-37, MITRE Corporation, Bedford, MA, pp. 72–89 (June 1988).
[biblio01entry525] 525. and , “Use of the Trusted Computer System Evaluation Criteria (TCSEC) for Complex, Evolving, Multipolicy Systems,” Proceedings of the 16th National Computer Security Conference, pp. 137–145 (Sep. 1993).
[biblio01entry526] 526. and , “The Enforcement of Security Policies for Computation,” Proceedings of the 5th Symposium on Operating System Principles, pp. 197–206 (Nov. 1975).
[biblio01entry527] 527. and , “A Linear-Time Algorithm for Deciding Security,” Proceedings of the 17th Symposium on the Foundations of Computer Science, pp. 33–41 (Oct. 1976).
[biblio01entry528] 528. and , “Balancing Security and Convenience,” Proceedings of the Large Installation Systems Administration Workshop, pp. 5–6 (Apr. 1987).
[biblio01entry529] 529. , “Towards the Elimination of the Effects of Malicious Logic: Fault Tolerance Approaches,” Proceedings of the 10th National Computer Security Conference, pp. 238–244 (Sep. 1987).
[biblio01entry530] 530. and , “A Fault Tolerant Approach to Computer Viruses,” Proceedings of the 1988 IEEE Symposium on Security and Privacy, pp. 52–58 (Apr. 1988).
[biblio01entry531] 531. and , “Identity Authorization Based on Keystroke Latencies,” Communications of the ACM (2), pp. 168–176 (Feb. 1990).
[biblio01entry532] 532. and , “Computer-Virus Infection of a Medical Diagnostic Computer,” New England Journal of Medicine (12), pp. 811–812 (Mar. 12, 1989).
[biblio01entry533] 533. and , Microsoft® Windows NT® 4.0 Security, Audit, and Control, Microsoft Press, Redmond, WA (<year>1999</year>).
[biblio01entry535] 535. and , “Incentives to Help Stop Floods,” Proceedings of the 2000 New Security Paradigms Workshop, pp. 127–132 (Sep. 2000).
[biblio01entry536] 536. , The Codebreakers: The Story of Secret Writing (revised edition), Macmillan Publishing Co., New York, NY (<year>1967</year>).
[biblio01entry537] 537. , Seizing the Enigma: The Race to Break the German U-Boat Codes, 1939–1943, Houghton Mifflin Co., Boston, MA (<year>1991</year>).
[biblio01entry538] 538. , Codebreaking and the Battle of the Atlantic, US Air Force Academy, Colorado Springs, CO (<year>1994</year>).
[biblio01entry539] 539. , The Codebreakers; The Story of Secret Writing (revised edition), Scribner, New York, NY (<year>1996</year>).
[biblio01entry540] 540. and , “iMAX: A Multiprocessor Operating System for an Object-Based Computer,” Proceedings of the 8th Symposium on Operating Systems Principles, pp. 117–121 (Dec. 1979).
[biblio01entry541] 541. , Advanced Computer Architecture: A Systems Design Approach, Prentice-Hall, Englewood Cliffs, NJ 07632 (<year>1996</year>).
[biblio01entry542] 542. and , “On Access Checking in Capability-Based Systems,” Proceedings of the 1986 IEEE Symposium on Security and Privacy, pp. 95–100 (May 1986).
[biblio01entry544] 544. and , “Jails: Confining the Omnipotent Root,” Proceedings of the SANE 2000 Conference (<year>2000</year>).
[biblio01entry545] 545. and , “Design and Assurance Strategy for the NRL Pump,” IEEE Computer (4), pp. 56–64 (Apr. 1998).
[biblio01entry546] 546. and , “A Pump for Rapid, Reliable, Secure Communication,” Proceedings of the 1st ACM Conference on Computer and Communication Security, pp. 119–129 (Nov. 1993).
[biblio01entry547] 547. and , “A Network Version of the Pump,” Proceedings of the 1995 IEEE Symposium on Security and Privacy, pp.144–154 (May 1995).
[biblio01entry548] 548. and , “A Network Pump,” IEEE Transactions on Software Engineering (5), pp. 329–338 (May 1996).
[biblio01entry550] 550. , “Limiting the Damage Potential of Discretionary Trojan Horses,” Proceedings of the 1987 IEEE Symposium on Security and Privacy, pp. 32–37 (Apr. 1987).
[biblio01entry551] 551. and , “An Augmented Capability Architecture to Support Lattice Security and Traceability of Access,” Proceedings of the 1984 IEEE Symposium on Security and Privacy, pp. 2–12 (Apr. 1984).
[biblio01entry552] 552. and , “MULTICS Security Evaluation, Volume II: Vulnerability Analysis,” ESD-TR-74-193, , Electronic Systems Division, Air Force Systems Command, Hanscom Field, Bedford, MA (June 1974).
[biblio01entry553] 553. and , “Covert Storage Channels in Disk Arm Optimization,” Proceedings of the 1991 Symposium on Research in Security and Privacy, pp. 52–61 (May 1991).
[biblio01entry554] 554. and , “A VMM Security Kernel for the VAX Architecture,” Proceedings of the 1990 Symposium on Research in Security and Privacy, pp. 2–19 (May 1990).
[biblio01entry555] 555. and , “ACL2: An Industrial Strength Version of Nqthm,” Proceedings of the 11th Annual Conference on Computer Assurance, pp. 23–34 (June 1996).
[biblio01entry556] 556. and , “Brute Force Attack on UNIX Passwords with SIMD Computer,” Proceedings of the 8th USENIX Security Symposium, pp. 93–98 (Aug. 1999).
[biblio01entry557] 557. , “A Practical Approach to Identifying Storage and Timing Channels,” Proceedings of the 1982 IEEE Symposium on Security and Privacy, pp. 66–73 (Apr. 1982).
[biblio01entry558] 558. , “Shared Resource Matrix Methodology: An Approach to Identifying Storage and Timing Channels,” ACM Transactions on Computer Systems, (3), pp. 256–277 (Aug. 1983).
[biblio01entry559] 559. , “Analyzing Encryption Protocols Using Formal Verification Techniques,” IEEE Journal on Selected Areas in Communications (4), pp. 448–457 (May 1989).
[biblio01entry560] 560. and , “Three Systems for Cryptographic Protocol Analysis,” Journal of Cryptology (2), pp. 79–130 (Spring 1994).
[biblio01entry561] 561. , “Encryption-Based Protection Protocols for Interactive User-Computer Communication,” Technical Report MIT/LCS/TR-162, Laboratory for Computer Science, Massachusetts Institute of Technology, Cambridge, MA (May 1976); cited in Cryptography and Data Security [269].
[biblio01entry562] 562. , “Comments on 'Security Problems in the TCP/IP Protocol Suite',” Computer Communications Review (3), pp. 10–19 (July 1989).
[biblio01entry563] 563. , Privacy Enhancement for Internet Electronic Mail: Part II: Certificate-Based Key Management, RFC 1422 (Feb. 1993).
[biblio01entry564] 564. and , The Elements of Programming Style, McGraw-Hill Book Co., Reading, MA (<year>1974</year>).
[biblio01entry566] 566. and , “Quality Assurance in the ITSEC-Evaluation Environment in Germany,” Proceedings of the 16th National Information Systems Security Conference, pp. 324–333 (Sep. 1993).
[biblio01entry567] 567. and , “Measuring Correctness and Effectiveness: A New Approach Using Process Evaluation,” Proceedings of the 18th National Information Systems Security Conference, pp. 366–373 (Oct. 1995).
[biblio01entry568] 568. and , “Experiences with Tripwire: Using Integrity Checkers for Intrusion Detection,” Proceedings of SANS III, pp. 89–102 (Apr. 1994).
[biblio01entry569] 569. and , “The Design and Implementation of Tripwire: A File System Integrity Checker,” Proceedings of the 2nd ACM Conference on Computer and Communications Security (Nov. 1994).
[biblio01entry570] 570. and , “Methodology for Safety-Related Software Development [for Nuclear Power Plants],” Proceedings of the 1996 American Nuclear Society International Topical Meeting on Nuclear Plant Instrumentation, Control and Human-Machine Interface Technologies, pp. 1041–1046 (May 1996).
[biblio01entry571] 571. and , “SCR: A Practical Approach to Building a High Assurance COMSEC System,” Proceedings of the 15th Annual Computer Security Applications Conference, pp. 109–118 (Dec. 1999).
[biblio01entry572] 572. , “A Capability Based Protection Mechanism Under Unix,” Proceedings of the 1985 Winter USENIX Conference, pp. 152–159 (Jan. 1995).
[biblio01entry573] 573. , “Foiling the Cracker: A Survey of, and Improvements to, Password Security,” Proceedings of the 2nd USENIX UNIX Security Workshop, pp. 5–14 (Aug. 1990).
[biblio01entry574] 574. and , “An Experimental Evaluation of the Assumption of Independence in Multi-Version Programming,” IEEE Transactions on Software Engineering (1), pp. 96–109 (Jan. 1986).
[biblio01entry575] 575. and , “On N-version Programming,” Software Engineering Notes (1), pp. 24–35 (Jan. 1990).
[biblio01entry577] 577. , “Cryptanalysis of LOKI91,” Advances in Cryptology—AUSCRYPT '92 Proceedings, pp. 196–208 (<year>1992</year>).
[biblio01entry578] 578. , The Art of Computer Programming Volume 2: Seminumerical Algorithms, 3rd Edition, Addison-Wesley, Reading, MA (1998).
[biblio01entry579] 579. , “A Method for Certification,” Laboratory for Computer Science, Massachusetts Institute of Technology, Cambridge, MA (May 1978); cited in Cryptography and Data Security [269].
[biblio01entry580] 580. and , “Automated Detection of Vulnerabilities in Privileged Programs by Execution Monitoring,” Proceedings of the10th Annual Computer Security Applications Conference, pp. 134–144 (Dec. 1994).
[biblio01entry581] 581. and , “Detecting and Countering System Intrusions Using Software Wrappers,” Proceedings of the 9th USENIX Security Symposium, pp. 145–156 (Aug. 2000).
[biblio01entry582] 582. and , “Execution Monitoring of Security-Critical Programs in Distributed Systems: A Specification-Based Approach,” Proceedings of the 1997 IEEE Symposium on Security and Privacy, pp. 175–187 (May 1997).
[biblio01entry583] 583. , “Security Properties of Ring Brackets,” Proceedings of the Computer Security Foundations Workshop II, pp. 41–46 (June 1989).
[biblio01entry584] 584. , A Course in Number Theory and Cryptography, Springer-Verlag, New York, NY (<year>1994</year>).
[biblio01entry585] 585. , “Connecting Classified Nets to the Outside World: Costs and Benefits,” Proceedings of the 20th National Information Systems Security Conference, pp. 534–542 (Oct. 1997).
[biblio01entry586] 586. , “Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems,” Advances in Cryptology—Proceedings of CRYPTO '96, pp. 104–113 (Aug. 1996).
[biblio01entry587] 587. and , “Differential Power Analysis,” Advances in Cryptology—Proceedings of CRYPTO '99, pp. 388–397 (Aug. 1999).
[biblio01entry589] 589. and , The Kerberos Network Authentication Service (V5), RFC 1510 (Sep. 1993).
[biblio01entry590] 590. , Cryptography: A Primer, John Wiley and Sons, New York, NY (<year>1981</year>).
[biblio01entry591] 591. and , “Using Security Metrics to Assess Risk Management Capabilities,” Proceedings of the 22nd National Information Systems Security Conference, pp. 370–388 (Oct. 1999).
[biblio01entry592] 592. , Building and Managing Virtual Private Networks, John Wiley and Sons, New York, NY (<year>1998</year>).
[biblio01entry593] 593. , “On Incorporating Access Control Lists into the UNIX Operating System,” Proceedings of the USENIX UNIX Security Workshop, pp. 38–48 (Aug. 1988).
[biblio01entry595] 595. , “How to Predict Congruential Generators,” Journal of Algorithms (4), pp. 527–545 (Dec. 1992).
[biblio01entry596] 596. and , “The D5 Digital Terminal System: A Case Study of a Comprehensive Quality and Reliability Program,” IEEE Journal on Selected Areas in Communications (7), pp. 1099–1103 (Oct. 1986).
[biblio01entry598] 598. and , “Authorship Analysis: Identifying the Author of a Program,” Proceedings of the 18th National Information Systems Security Conference, pp. 514–524 (Oct. 1995).
[biblio01entry599] 599. , “The System Administration Maturity Model—SAMM,” Proceedings of the 7th Systems Administration Conference (LISA 1993), pp. 213–225 (Nov. 1993).
[biblio01entry600] 600. , “Mutual Exclusion of Roles as a Means of Implementing Separation of Duty in Role-Based Access Control Systems,” Proceedings of the 2nd ACM Workshop on Role-Based Access Control, pp. 23–30 (Nov. 1997).
[biblio01entry601] 601. and , “A Pattern Matching Model for Misuse Intrusion Detection,” Proceedings of the 17th National Computer Security Conference, pp. 11–21 (Oct. 1994).
[biblio01entry602] 602. and , “CrptoLib: Cryptography in Software,” Proceedings of the 4th USENIX UNIX Security Symposium, pp. 1–17 (June 1993).
[biblio01entry603] 603. and , “Strengthening Discretionary Access Controls to Inhibit Trojan Horses and Computer Viruses,” Proceedings of the 1988 Summer USENIX Conference, pp. 275–286 (June 1988).
[biblio01entry604] 604. and “Markov Ciphers and Differential Cryptanalysis,” Advances in Cryptology—Proceedings of EUROCRYPT '91, pp. 17–38 (<year>1991</year>).
[biblio01entry605] 605. and , “Computation of Discrete Logarithms in Prime Fields,” Designs, Codes, and Cryptography , pp. 46–62 (May 1991).
[biblio01entry606] 606. , “Password Authentication with Insecure Communication,” Communications of the ACM (11), pp. 770–771 (Nov. 1981).
[biblio01entry607] 607. , “Time, Clocks, and the Ordering of Events in a Distributed System,” Communications of the ACM (7), pp. 558–565 (July 1978).
[biblio01entry608] 608. , “Protection,” Proceedings of the Fifth Princeton Symposium of Information Science and Systems, pp. 437–443 (Mar. 1971); reprinted in Operating Systems Review (1), pp. 18–24 (Jan. 1974).
[biblio01entry609] 609. , “A Note on the Confinement Problem,” Communications of the ACM (10), pp. 613–615 (Oct. 1973).
[biblio01entry610] 610. , The Book of Risks: Fascinating Facts About the Chances We Take Every Day, John Wiley and Sons, New York, NY 10158 (<year>1994</year>).
[biblio01entry611] 611. and , “Temporal Sequence Learning and Data Reduction for Anomaly Detection,” ACM Transactions on Information and System Security (3), pp. 295–332 (Aug. 1999).
[biblio01entry612] 612. , “Formal Models for Computer Security,” Computing Surveys (3), pp. 247–278 (Sep. 1981).
[biblio01entry613] 613. and , “A Security Model for Military Message Systems,” ACM Transactions on Computer Systems (2), pp. 198–222 (Aug. 1984).
[biblio01entry614] 614. and , “A Taxonomy of Computer Program Security Flaws,” Computing Surveys (3), pp. 211–254 (Sep. 1994).
[biblio01entry615] 615. and , “Security Issues in Networks with Internet Access,” Proceedings of the IEEE (12), pp. 2034–2051 (Dec. 1997).
[biblio01entry616] 616. and , “Real-Time Anomaly Detection Using a Nonparametric Pattern Recognition Approach,” Proceedings of the 7th Annual Computer Security Applications Conference, pp. 80–89 (Dec. 1991).
[biblio01entry617] 617. , “The 'Basic Security Theorem' of Bell and LaPadula Revisited,” handout from Computer Security Foundations Workshop (April 18, 1988).
[biblio01entry618] 618. , “Biometrics: A New Era in Security,” IEEE Computer (8), pp. 16–18 (Aug. 1998).
[biblio01entry619] 619. , “Using Mandatory Integrity to Enforce 'Commercial' Security,” Proceedings of the 1988 IEEE Symposium on Security and Privacy, pp. 140–146 (Apr. 1988).
[biblio01entry620] 620. , “A Data Mining Framework for Building Intrusion Detection Models,” Proceedings of the 1999 IEEE Symposium on Security and Privacy, pp. 120–132 (May 1999).
[biblio01entry621] 621. and , “UNIX Password Encryption Considered Insecure,” Proceedings of the 1991 Winter USENIX Technical Conference, pp. 269–280 (Jan. 1991).
[biblio01entry622] 622. , Safeware: System Safety and Computers, Addison-Wesley, Reading, MA (<year>1995</year>).
[biblio01entry623] 623. and , “An Efficient, Dynamic, and Trust Preserving Public Key Infrastructure,” Proceedings of the 2000 IEEE Symposium on Security and Privacy, pp. 203–214 (May 2000).
[biblio01entry624] 624. , The Computer Virus Handbook, Osborne McGraw-Hill, Berkeley, CA (<year>1990</year>).
[biblio01entry625] 625. , Watchers of the Skies: An Informal History of Astronomy from Babylon to the Space Age, Viking Press, New York, NY (<year>1966</year>).
[biblio01entry626] 626. and , “Speaker Verification Using Verbal Information Verification for Automatic Enrollment,” Proceedings of the 1998 IEEE International Conference on Acoustics, Speech, and Signal Processing, pp. 133–136 (May 1998).
[biblio01entry627] 627. and , “Automatic Verbal Information Verification for User Authentication,” IEEE Transactions on Speech and Audio Processing (5), pp. 585–596 (Sep. 2000).
[biblio01entry628] 628. and , “Recent Advancements in Automatic Speaker Authentication,” IEEE Robotics and Automation Magazine (1), pp. 24–34 (Mar. 1999).
[biblio01entry629] 629. and , “MASS—Model for an Auditing Security System,” Proceedings of SEC 2000: Information Security, pp. 141–150 (Aug. 2000).
[biblio01entry630] 630. and , “A Generalized Secret Sharing Scheme with Cheater Detection,” Advances in Cryptology—Proceedings of ASIACRYPT '91, pp. 149–158 (<year>1991</year>).
[biblio01entry631] 631. , “Chinese Wall Security Policy—An Aggressive Model,” Proceedings of the 5th Annual Computer Security Conference, pp. 282–289 (Dec. 1989).
[biblio01entry632] 632. , “Operating Systems Penetration,” 1978 National Computer Conference, AFIPS Conference Proceedings , pp. 361–368 (Nov. 1975).
[biblio01entry633] 633. and , “The ADEPT-50 Time-Sharing System,” Proceedings of the 1969 Fall Joint Computer Conference, pp. 39–50 (Nov. 1969).
[biblio01entry634] 634. , Privacy Enhancement for Internet Electronic Mail: Part I: Message Encryption and Authentication Procedures, RFC 1421 (Feb. 1993).
[biblio01entry635] 635. , “A Comment on the Confinement Problem,” Proceedings of the 5th Symposium on Operating Systems Principles, pp. 192–196 (Nov. 1975).
[biblio01entry636] 636. , “Non-Discretionary Controls for Commercial Applications,” Proceedings of the 1982 Symposium on Privacy and Security, pp. 2–10 (Apr. 1982).
[biblio01entry637] 637. , “Twenty Years of Evaluation Criteria and Commercial Technology,” Proceedings of the 1999 IEEE Symposium on Security and Privacy, pp. 111–112 (May 1999).
[biblio01entry638] 638. and , “Evaluating Intrusion Detection Systems: The 1998 DARPA Off-Line Intrusion Detection Evaluation,” Proceedings of the DARPA Information Survivability Conference and Exposition, , pp. 12–26 (Jan. 2000).
[biblio01entry639] 639. and , “Analysis and Results of the 1999 DARPA Off-Line Intrusion Detection Evaluation,” Proceedings of the 3rd International Workshop on Recent Advances in Intrusion Detection, pp. 162–182 (Oct. 2000).
[biblio01entry640] 640. and , “On Classes of Protection Systems,” in Foundations of Secure Computing [265], pp. 281–291.
[biblio01entry641] 641. and , “A Linear Time Algorithm for Deciding Subject Security,” Journal of the ACM (3), pp. 455–464 (July 1977).
[biblio01entry642] 642. , The Watchman: The Twisted Life and Crimes of Serial Hacker Kevin Poulsen, Little, Brown, & Co., Boston, MA (<year>1997</year>).
[biblio01entry643] 643. and , “Firewalls Fend Off Invasions from the Net,” IEEE Spectrum (2), pp. 26–34 (Feb. 1998).
[biblio01entry644] 644. and , “Hierarchical Organization of Certification Authorities for Secure Environments,” Proceedings of the 1997 Symposium on Network and Distributed System Security, pp. 112–121 (Feb. 1997).
[biblio01entry645] 645. , The Giant Black Book of Computer Viruses, American Eagle Publishers, Phoenix, AZ (<year>1998</year>).
[biblio01entry646] 646. and , “Anomaly-Based Intrusion Detection: Privacy Concerns and Other Problems,” Computer Networks (4), pp. 623–640 (Oct. 2000).
[biblio01entry647] 647. and , “An Analysis of a Secure System Based on Trusted Components,” Proceedings of the 11th Annual Conference on Computer Assurance, pp. 213–223 (June 1996).
[biblio01entry648] 648. and , “A Prototype Real-Time Intrusion-Detection Expert System,” Proceedings of the 1988 IEEE Symposium on Security and Privacy, pp. 2–10 (Apr. 1988).
[biblio01entry649] 649. and , “ A Near-Term Design for the SeaView Multilevel Database System,” Proceedings of the 1988 IEEE Symposium on Security and Privacy, pp. 234–244 (Apr. 1988).
[biblio01entry650] 650. and , “Towards a Role-Based Framework for Distributed Systems Management,” Journal of Network and Systems Management (1), pp. 5–30 (Mar. 1997).
[biblio01entry651] 651. , “Analyzing Software Requirements Errors in Safety-Critical, Embedded Systems,” Proceedings of the IEEE International Symposium on Requirements Engineering, pp. 126–133 (Jan. 1993).
[biblio01entry652] 652. , Writing Solid Code: Microsoft's Techniques for Developing Bug-Free C Programs, Microsoft Press, Redmond, WA (<year>1993</year>).
[biblio01entry653] 653. , Securities and Investment Board Rules, Chapter III, Part 5:08, London, UK; cited in “The Chinese Wall Policy” [146].
[biblio01entry654] 654. , Financial Services Act 1986, §48(2)(h), London, UK (<year>1986</year>); cited in “The Chinese Wall Policy” [146].
[biblio01entry655] 655. and , “Secure Execution of Java Applets Using a Remote Playground,” Proceedings of the 1998 IEEE Symposium on Security and Privacy, pp. 40–51 (May 1998).
[biblio01entry656] 656. , “A Simple Scheme to Make Passwords Based on One-Way Functions Much Harder to Crack,” Computers and Security (2), pp. 171–176, (Mar. 1996).
[biblio01entry657] 657. and , “Towards a Common Enumeration of Vulnerabilities,” Proceedings of the 2nd Workshop on Research with Security Vulnerability Databases (Jan. 1999).
[biblio01entry658] 658. , “Secure Log File Download Mechanisms for Smart Cards,” Proceedings of the 3rd International Conference on Smart Card Research and Applications, pp. 285–304 (Sep. 1998).
[biblio01entry659] 659. and , “Implementing a Secure Log File Download Manager for the Java Card,” Proceedings of the Conference on Communications and Multi-Media Security, pp. 143–159 (Sep. 1999).
[biblio01entry660] 660. and , “Key Recovery Header for IPSEC,” Computers and Security (1), pp. 86–90 (Jan./Feb. 2000).
[biblio01entry661] 661. , “In the Chips (Smart Card Applications),” Bank Systems and Technology (5), pp. 46–48 (May 1995).
[biblio01entry662] 662. and , “Blocking Java Applets at the Firewall,” Proceedings of the 1997 Symposium on Network and Distributed System Security, pp. 16–26 (Feb. 1997).
[biblio01entry663] 663. , “Linear Cryptanalysis Method for DES Cipher,” Advances in Cryptology—Proceedings of EUROCRYPT '93, pp. 386–397 (May 1993).
[biblio01entry664] 664. and , “Assurance Technologies for Autonomous Train On-Board Computer System,” Proceedings of the 8th IEEE Workshop on Future Trends of Distributed Computing Systems, pp. 170–175 (Oct. 2001).
[biblio01entry665] 665. and , “Generation, Distribution, and Installation of Cryptographic Keys,” IBM Systems Journal (2), pp. 126–137 (1978).
[biblio01entry666] 666. and , Internet Security Association and Key Management Protocol (ISAKMP), RFC 2408 (Nov. 1998).
[biblio01entry667] 667. and , “Fang: a Firewall Analysis Engine,” Proceedings of the 2000 IEEE Symposium on Security and Privacy, pp. 177–187 (May 2000).
[biblio01entry668] 668. and , “The Design, Implementation, and Operation of an Email Pseudonym Server,” Proceedings of the 5th ACM Conference on Computer and Communications Security, pp. 27–36 (Nov. 1998).
[biblio01entry669] 669. and , “The BSD Packet Filter: A New Architecture for User-Level Packet Capture,” Proceedings of the 1993 Winter USENIX Conference, pp. 259–269 (Jan. 1993).
[biblio01entry670] 670. and , “Beyond the Pale of MAC and DAC—Defining New Forms of Access Control,” Proceedings of the 1990 IEEE Computer Society Symposium on Research in Security and Privacy, pp. 190–200 (May 1990).
[biblio01entry671] 671. , “DVD Lawyers Make Secret Public,” Wired News (Jan. 26, 2000); available at http://www.wired.com/news/politics/0,1283,33922,00.html.
[biblio01entry672] 672. , “Specifications for Multi-Level Security and a Hook-Up Theorem,” Proceedings of the 1987 IEEE Symposium on Security and Privacy, pp. 161–166 (Apr. 1987).
[biblio01entry673] 673. , “Non-Interference and the Composability of Security Properties,” Proceedings of the 1988 IEEE Symposium on Security and Privacy, pp. 177–186 (Apr. 1988).
[biblio01entry674] 674. and , “Secure Composition of Systems,” Proceedings of the 8th Annual Computer Security Applications Conference, pp. 112–122 (Dec. 1992).
[biblio01entry675] 675. and , “Using Abuse Case Models for Security Requirements Analysis,” Proceedings of the 15th Annual Computer Security Applications Conference, pp. 55–64 (Dec. 1999).
[biblio01entry676] 676. , “Software Assurance for Security,” IEEE Computer (4), pp. 103–105 (Apr. 1999).
[biblio01entry677] 677. , “The 1998 Lincoln Laboratory IDS Evaluation: A Critique,” Proceedings of the 3rd International Workshop on Recent Advances in Intrusion Detection, pp. 145–161 (Oct. 2000).
[biblio01entry678] 678. and , “An Information Flow Tool for Gypsy,” Proceedings of the 1985 IEEE Symposium on Security and Privacy, pp. 46–48 (Apr. 1985).
[biblio01entry680] 680. and , The Design and Implementation of the 4.4BSD Operating System, Addison-Wesley Publishing Co., Reading, MA (<year>1996</year>).
[biblio01entry681] 681. , Windows 2000 Security, The Coriolis Group, LLC., Scottsdale, AZ (<year>2000</year>).
[biblio01entry682] 682. , “A Comment on the 'Basic Security Theorem' of Bell and LaPadula,” Information Processing Letters (2), pp. 67–70 (Feb. 1985).
[biblio01entry683] 683. , “Reasoning About Security Models,” Proceedings of the 1987 IEEE Symposium on Security and Privacy, pp. 123–131 (Apr. 1987).
[biblio01entry684] 684. , “Proving Noninterference and Functional Correctness Using Traces,” Journal of Computer Security (1), pp. 37–57 (1992).
[biblio01entry685] 685. , “Is the Trusted Computing Base Concept Fundamentally Flawed?” Proceedings of the 1997 IEEE Symposium on Security and Privacy, p. 2 (May 1997).
[biblio01entry686] 686. , “Twenty Years of Formal Methods,” Proceedings of the 1999 IEEE Symposium on Security and Privacy, pp. 115–116 (May 1999).
[biblio01entry687] 687. , “Role-Based System Administration or Who, What, Where, and How,” Proceedings of the 7th System Administration Conference (LISA '93), pp. 107–112 (Nov. 1993).
[biblio01entry688] 688. , “The Integrity Lock Architecture and Its Application to Message Systems: Reducing Covert Channels,” Proceedings of the 1987 IEEE Symposium on Security and Privacy, pp. 212–218 (Apr. 1987).
[biblio01entry689] 689. , “Extending the Brewer-Nash Model to a Multilevel Context,” Proceedings of the 1990 IEEE Symposium on Research in Security and Privacy, pp. 95–102 (May 1990).
[biblio01entry690] 690. , “The NRL Protocol Analyzer: An Overview,” Journal of Logic Programming (2), pp. 113–131 (Feb. 1996).
[biblio01entry691] 691. , “Analyzing the Needham-Schroeder Public Key Protocol: A Comparison of Two Approaches,” Proceedings of the 4th European Symposium on Research in Computer Security, pp. 351–364 (Sep. 1996).
[biblio01entry692] 692. , “Analysis of the Internet Key Exchange Protocol Using the NRL Protocol Analyzer,” Proceedings of the 1999 IEEE Symposium on Security and Privacy, pp. 216–231 (May 1999).
[biblio01entry693] 693. and , “NetCash: A Design for Practical Electronic Currency on the Internet,” Proceedings of the 1st ACM Conference on Computer and Communications Security, pp. 102–106 (Oct. 1993).
[biblio01entry694] 694. and , “Expanding and Extending the Security Features of Java,” Proceedings of the 7th USENIX Security Symposium, pp. 159–172 (Jan. 1998).
[biblio01entry695] 695. and , Handbook of Applied Cryptography, CRC Press, Boca Raton, FL (<year>1997</year>).
[biblio01entry696] 696. , “System Security Engineering Capability Maturity Model and Evaluations: Partners Within the Assurance Framework,” Proceedings of the 19th National Information Systems Security Conference, pp. 76–88 (Oct. 1996).
[biblio01entry697] 697. , “Protocols for Public Key Cryptosystems,” Proceedings of the 1980 Symposium on Privacy and Security, pp. 122–133 (Apr. 1980).
[biblio01entry698] 698. , “A Fast Software One-Way Hash Function,” Journal of Cryptology (1), pp. 43–58 (1990).
[biblio01entry699] 699. , “Fast Software Encryption Functions,” Advances in Cryptology—Proceedings of CRYPTO '90, pp. 476–501 (Aug. 1990).
[biblio01entry700] 700. and , “On the Security of Multiple Encryption,” Communications of the ACM (7), pp. 465–467 (July 1981).
[biblio01entry701] 701. , “Ciphertext/Plaintext and Ciphertext/Key Dependence vs. Number of Rounds for the Data Encryption Standard,” 1978 National Computer Conference, AFIPS Conference Proceedings , pp. 1119–1126 (June 1978).
[biblio01entry702] 702. and , Cryptography: A New Dimension in Computer Data Security: A Guide for the Design and Implementation of Secure Systems, John Wiley and Sons, New York, NY (<year>1982</year>).
[biblio01entry704] 704. , “The Efficacy of International Regulation of Transborder Data Flows: The Case for the Clipper Chip,” Government Information Quarterly (4), pp. 353–366 (1995).
[biblio01entry705] 705. and , “Two State-Based Approaches to Program-Based Anomaly Detection,” Proceedings of the 16th Annual Computer Security Applications Conference, pp. 21–30 (Dec. 2000).
[biblio01entry706] 706. and , Naming Guidelines for the AARNet X.500 Directory Service, RFC 1562 (Dec. 1993).
[biblio01entry707] 707. , “The Interrogator: A Tool for Cryptographic Protocol Security,” Proceedings of the 1984 IEEE Symposium on Security and Privacy, pp. 134–141 (Apr. 1984).
[biblio01entry708] 708. and , “The Interrogator: Protocol Security Analysis,” IEEE Transactions on Software Engineering (2), pp. 274–288 (Feb. 1987).
[biblio01entry709] 709. , “The Cascading Problem for Interconnected Networks,” Proceedings of the 4th Aerospace Computer Security Applications Conference, pp. 269–274 (Dec. 1988).
[biblio01entry710] 710. , “Covert Channel Capacity,” Proceedings of the 1993 IEEE Symposium on Research in Security and Privacy, pp. 60–65 (May 1993).
[biblio01entry711] 711. , “Unwinding Forward Correctability,” Journal of Computer Security (1), pp. 35–54 (1994/1995).
[biblio01entry712] 712. , “20 Years of Covert Channel Modeling and Analysis,” Proceedings of the 1999 IEEE Symposium on Security and Privacy, pp. 113–114 (May 1999).
[biblio01entry714] 714. and , “An Empirical Study of the Reliability of UNIX Utilities,” Communications of the ACM (12), pp. 32–44 (Dec. 1990).
[biblio01entry715] 715. and , “Access Control by Boolean Expression Evaluation,” Proceedings of the 5th Annual Computer Security Applications Conference, pp. 131–139 (Dec. 1990).
[biblio01entry716] 716. and , “strlcpy and strlcat—Consistent, Safe, String Copy and Concatenation,” Proceedings of the FREENIX Track of the 1999 USENIX Conference, pp. 175–178 (June 1999).
[biblio01entry717] 717. , Computation: Finite and Infinite Machines, Prentice-Hall, Englewood Cliffs, NJ (<year>1967</year>).
[biblio01entry718] 718. , “Selective and Locally Controlled Transport of Privileges,” ACM Transactions on Programming Languages and Systems (4), pp. 573–602 (Oct. 1984).
[biblio01entry719] 719. and , “Cryptanalysis of RC4-Like Ciphers,” Proceedings of the 5th Annual International Workshop on Selected Areas in Cryptography, pp. 131–143 (Aug. 1998).
[biblio01entry720] 720. and , “Finite-State Analysis of SSL 3.0,” Proceedings of the 7th USENIX Security Symposium, pp. 201–215 (Jan. 1998).
[biblio01entry721] 721. , “The FEAL Cipher Family,” Advances in Cryptology—Proceedings of EUROCRYPT '90, pp. 627–638 (<year>1991</year>).
[biblio01entry724] 724. and , “The Packet Filter: An Efficient Mechanism for User-Level Network Code,” Proceedings of the 11th Symposium on Operating Systems Principles, pp. 39–51 (Nov. 1987).
[biblio01entry725] 725. V.Molak (ed.), Fundamentals of Risk Analysis and Risk Management, CRC Press, Boca Raton, FL (<year>1996</year>).
[biblio01entry726] 726. , “Biometrics for Automatic Identity Verification,” Technical Report 722, Department of Computer Science, New York University, New York, NY (1998).
[biblio01entry727] 727. and , “Authentication via Keystroke Dynamics,” Proceedings of the 4th ACM Conference on Computer and Communications Security, pp. 48–56 (Nov. 1997).
[biblio01entry728] 728. and , “Increasing Assurance with Literate Programming Techniques,” Proceedings of the 11th Annual Conference on Computer Assurance, pp. 187–198 (June 1996).
[biblio01entry729] 729. , “Protocol Failures in Cryptosystems,” Proceedings of the IEEE (5), pp. 594–602 (May 1988).
[biblio01entry730] 730. and , “Secure Software Architectures,” Proceedings of the 1997 IEEE Symposium on Security and Privacy, pp. 84–93 (May 1997).
[biblio01entry731] 731. and , “Password Security: A Case History,” Communications of the ACM (11), pp. 594–597 (Nov. 1979).
[biblio01entry732] 732. , “Variable Noise Effects upon a Simple Timing Channel,” Proceedings of the 1991 IEEE Symposium on Research in Security and Privacy, pp. 362–372 (May 1991).
[biblio01entry733] 733. and , “The Influence of Delay upon an Idealized Channel's Bandwidth,” Proceedings of the 1992 IEEE Symposium on Security and Privacy, pp. 62–67 (May 1992).
[biblio01entry734] 734. and , “An Analysis of the Timed Z-Channel,” Proceedings of the 1996 IEEE Symposium on Security and Privacy, pp. 2–9 (May 1996).
[biblio01entry735] 735. , Securing and Optimizing Linux: Red Hat Edition—A Hands-On Guide, OpenDocs, LLC, Salem, OR (Aug. 2000).
[biblio01entry737] 737. , “WAN-Hacking with AutoHack: Auditing Security Behind the Firewall,” Proceedings of the 5th USENIX UNIX Security Symposium, pp. 21–34 (June 1995).
[biblio01entry738] 738. , “The Cryptanalysis of FEAL-4 with 20 Chosen Plaintexts,” Journal of Cryptology (3), pp. 145–154 (1990).
[biblio01entry739] 739. , “The Application of Epidemiology to Computer Viruses,” Computers and Security (1), pp. 139–150 (Feb. 1988).
[biblio01entry740] 740. and , “Complete, Safe Information Flow with Decentralized Labels,” Proceedings of the 1998 IEEE Computer Society Symposium on Security and Privacy, pp. 186–197 (May 1998).
[biblio01entry741] 741. and , “Security Policy in a Complex Logistics Procurement,” Proceedings of the 9th Annual Computer Security Applications Conference, pp. 46–53 (Dec. 1993).
[biblio01entry742] 742. and , “Some Conundrums Concerning Separation of Duty,” Proceedings of the 1990 IEEE Computer Society Symposium on Research in Security and Privacy, pp. 201–207 (May 1990).
[biblio01entry749] 749. , “SKIPJACK and KEA Algorithm Specifications,” Version 2.0 (May 1998); available at http://csrc.nist.gov/encryption/skipjack.pdf.
[biblio01entry750] 750. , Common Criteria for Information Technology Security Evaluation, Part 1: Introduction and General Model, Version 2.1, CCIMB-99-031 (Aug. 1999).
[biblio01entry751] 751. , Common Criteria for Information Technology Security Evaluation, Part 2: Security Function Requirements, Version 2.1, CCIMB-99-031 (Aug. 1999).
[biblio01entry752] 752. , Common Criteria for Information Technology Security Evaluation, Part 3: Security Assurance Requirements, Version 2.1, CCIMB-99-031 (Aug. 1999).
[biblio01entry753] 753. , Security Requirements for Cryptographic Modules, FIPS PUB 140-2 (May 2001).
[biblio01entry755] 755. , “National Information Assurance Partnership: Common Criteria Evaluation and Validation Scheme Web Site,” http://niap.nist.gov/cc-scheme (Apr. 2002).
[biblio01entry756] 756. , “Cryptographic Module Validation (CMV) Program Web Site,” http://csrc.nist.gov/cryptval (May 2002).
[biblio01entry757] 757. , Federal Criteria for Information Technology Security, Version 1.0 (<year>1992</year>).
[biblio01entry758] 758. , Cryptolog Interface Programmers Guide for the Fortezza Crypto Card, Revision 1.52, Ft. George Meade, MD (Nov. 1995).
[biblio01entry759] 759. , Fortezza Message Security Protocol Software Interface Control Document, Version 3.01, Ft. George Meade, MD (Nov. 1995).
[biblio01entry760] 760. , Press Release: NSA Releases Fortezza Algorithms, Ft. George Meade, MD (June 1998).
[biblio01entry761] 761. , National Information Systems Security (INFOSEC) Glossary, NSTISSI No. 4009 (Sep. 2000).
[biblio01entry762] 762. , “Proof-Carrying Code,” Proceedings of the 24th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pp. 106–119 (Jan. 1997).
[biblio01entry763] 763. and , “Safe Kernel Extensions Without Run-Time Checking,” Proceedings of the 2nd Symposium on Operating Systems Design and Implementation, pp. 229–243 (Oct. 1996).
[biblio01entry764] 764. and , “Using Encryption for Authentication in Large Networks of Computers,” Communications of the ACM (12), pp. 993–999 (Dec. 1978).
[biblio01entry765] 765. and , “Authentication Revisited,” Operating Systems Review (1), p. 7 (Jan. 1987).
[biblio01entry766] 766. and , “The Cambridge CAP Computer and Its Protection System,” Proceedings of the 5th Symposium on Operating System Principles, pp. 1–10 (Nov. 1975).
[biblio01entry767] 767. and , UNIX System Administration Handbook, Prentice-Hall, Upper Saddle River, NJ (<year>2000</year>).
[biblio01entry768] 768. and , “A Note on the Use of Timestamps as Nonces,” Operating Systems Review (2), pp. 10–14 (Apr. 1993).
[biblio01entry769] 769. , “Computer Security Evaluation,” 1978 National Computer Conference, AFIPS Conference Proceedings , pp. 1087–1095 (June 1978).
[biblio01entry770] 770. and , “Software Development and Proofs of Multi-Level Security,” Proceedings of the 2nd International Conference on Software Engineering, pp. 421–428 (Oct. 1976).
[biblio01entry771] 771. , “Rainbows and Arrows: How the Security Criteria Address Computer Misuse,” Proceedings of the 13th National Computer Security Conference, pp. 414–422 (Oct. 1990).
[biblio01entry773] 773. and , “A Provably Secure Operating System: The System, Its Applications, and Proofs,” Technical Report, SRI International, Menlo Park, CA (June 1975).
[biblio01entry774] 774. , The World of Mathematics: A Small Library of the Literature of Mathematics from A'h-mosé the Scribe to Albert Einstein, Simon and Schuster, New York, NY (<year>1956</year>).
[biblio01entry775] 775. and , “The Knowledge Path to Mission Success: Overview of the NASA PBMA-KMS,” Proceedings of the 2002 Annual Reliability and Maintainability Symposium, pp. 601–606 (Jan. 2002).
[biblio01entry777] 777. , “Testing Safety-Critical Software,” Hewlett-Packard Journal (3), pp. 89–94 (June 1997).
[biblio01entry779] 779. , Computer Security Incident Handling: Step by Step, Version 1.5, The SANS Institute, Bethesda, MD (May 1998).
[biblio01entry780] 780. , Network Intrusion Detection: An Analyst's Handbook, 2nd Edition, New Riders Publishing, Indianapolis, IN (<year>2000</year>).
[biblio01entry781] 781. and , “Merging Models: Integrity, Dynamic Separation of Duty, and Trusted Data Management,” Journal of Computer Security (2, 3), pp. 207–230 (1994/1995).
[biblio01entry782] 782. and , “Role-Based Security, Object Oriented Databases and Separation of Duty,” SIGMOD Record (4), pp. 45–51 (Dec. 1993).
[biblio01entry783] 783. , “DVD Hackers Hit with Lawsuit,” Wired News (Dec. 28, 1999); available at http://www.wired.com/news/business/0,1367,33303,00.html.
[biblio01entry784] 784. , “Recognizing and Recovering from Rootkit Attacks,” SysAdmin (11), pp. 8–20 (Nov. 1996).
[biblio01entry785] 785. and , “Developing Applications on LOCK,” Proceedings of the 14th National Computer Security Conference, pp. 147–156 (Oct. 1991).
[biblio01entry786] 786. and , “Universal Electronic Cash,” Advances in Cryptology—Proceedings of CRYPTO '91, pp. 324–337 (Aug. 1992).
[biblio01entry787] 787. , “Security at the Internet Layer,” IEEE Computer (9), pp. 43–47 (Sep. 1998).
[biblio01entry788] 788. , The MULTICS System: An Examination of Its Structure, The MIT Press, Cambridge, MA (<year>1972</year>).
[biblio01entry789] 789. , Computer System Organization: The B5700/6700 Series, Academic Press, New York, NY (<year>1973</year>).
[biblio01entry791] 791. and , “Efficient and Timely Mutual Authentication,” Operating Systems Review (1), pp. 8–10 (Jan. 1987).
[biblio01entry792] 792. and , “PVS: A Prototype Verification System,” Proceedings of the 11th International Conference on Automated Deduction, pp. 748–752 (June 1992).
[biblio01entry793] 793. , “An Assured Pipeline Integrity Scheme for Virus Protection,” Proceedings of the 12th National Computer Security Conference, pp. 369–377 (Oct. 1989).
[biblio01entry794] 794. and , “Providing Fine-Grained Access Control for Java Programs,” Proceedings of the 13th European Conference on Object-Oriented Programming, pp. 449–473 (June 1999).
[biblio01entry795] 795. and , “Tools for Information Security Assurance Arguments,” Proceedings of the DARPA Information Survivability Conference and Exposition II, pp. 287–296 (June 2001).
[biblio01entry796] 796. and , “Smart Certificates: Extending X.509 for Secure Attribute Services on the Web,” Proceedings of the 22nd National Information Systems Security Conference, pp. 337–348 (Oct. 1999).
[biblio01entry797] 797. and , “Random Number Generators: Good Ones Are Hard to Find,” Communications of the ACM (10), pp. 1192–1201 (Oct. 1988).
[biblio01entry798] 798. , “Cease and DeCSS: DVD's Encryption Code Cracked,” eMedia Industry News (Nov. 4, 1999); available at http://www.emediapro.net/news99/news111.html.
[biblio01entry799] 799. , Crime by Computer, Macmillan Publishing Co., New York, NY (<year>1978</year>).
[biblio01entry800] 800. , “An Overview of PKI Trust Models,” IEEE Network (6), pp. 38–43 (Nov. 1999).
[biblio01entry801] 801. and , Virtual Private Networking, Prentice-Hall, Upper Saddle River, NJ (<year>2000</year>).
[biblio01entry802] 802. , “Canonical Security Modeling for Federated Databases,” Proceedings of the IFIP WG2.6 Database Semantics Conference, pp. 207–222 (Nov. 1992).
[biblio01entry803] 803. and , “Human Face Recognition Using a Multilayer Perceptron,” International Conference on Neural Networks , p. 413 (1990); cited in “Biometrics for Automated Identity Verification” [726].
[biblio01entry804] 804. , Fatal Defects: Chasing Killer Computer Bugs, Vintage Books, New York, NY 10022 (<year>1996</year>).
[biblio01entry805] 805. and , Operating Systems Concepts (6th Edition), John Wiley and Sons, New York, NY (<year>2002</year>).
[biblio01entry806] 806. , “Comparison of Trusted Systems Evaluation Criteria,” Proceedings of the 5th Annual Conference on Computer Assurance, Systems Integrity, Software Safety and Process Security, pp. 135–143 (June 1990).
[biblio01entry807] 807. , Software Engineering: The Production of Quality Software, 2nd Edition, Macmillan Publishing Co., New York, NY (<year>1991</year>).
[biblio01entry808] 808. , “The Design of an Effective Auditing Subsystem,” Proceedings of the 1987 IEEE Symposium on Security and Privacy, pp. 13–22 (<year>1987</year>).
[biblio01entry809] 809. , “Approximating Clark-Wilson 'Access Triples' with Basic UNIX Controls,” Proceedings of the 4th USENIX UNIX Security Symposium, pp. 145–154 (Oct. 1993).
[biblio01entry810] 810. and , “Formal Requirements for Virtualizable Third Generation Architectures,” Communications of the ACM (7), pp. 412–421 (July 1974).
[biblio01entry811] 811. and , The LOCUS Distributed System Architecture, The MIT Press, Cambridge, MA (<year>1985</year>).
[biblio01entry812] 812. and , “Covert Flow Trees: A Technique for Identifying and Analyzing Covert Storage Channels,” Proceedings of the 1991 IEEE Symposium on Security and Privacy, pp. 36–51 (May 1991).
[biblio01entry813] 813. , Standard for Information Technology Portable Operating System Interface (POSIX) Part I: System Application Program Interface (API), Report 1003.1e (Apr. 1994).
[biblio01entry816] 816. and , “Configuring a Trusted System Using the TNI,” Proceedings of the 4th Aerospace Computer Security Applications Conference, pp. 256–261 (Dec. 1988).
[biblio01entry817] 817. and , “A Model for the Containment of Computer Viruses,” Proceedings of the AIAA/ASIS/DODCI 2nd Aerospace Computer Security Conference, pp. 11–18 (Dec. 1986).
[biblio01entry818] 818. and , “An Approach to Containing Computer Viruses,” Computers and Security (4), pp. 321–331 (Aug. 1987).
[biblio01entry819] 819. , “Pentium FDIV Flaw—Lessons Learned,” IEEE Micro (2), pp. 86–88 (Apr. 1995).
[biblio01entry820] 820. , “The Restricted Access Processor: An Example of Formal Verification,” Proceedings of the 1985 IEEE Symposium on Security and Privacy, pp. 49–53 (Apr. 1985).
[biblio01entry821] 821. , The Practical Intrusion Detection Handbook, Prentice-Hall, Upper Saddle River, NJ (<year>2001</year>).
[biblio01entry822] 822. and , Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection, Technical Report, Secure Networks, Inc., Calgary, Alberta, Canada (Jan. 1998).
[biblio01entry823] 823. and , “A Software Platform for Testing Intrusion Detection Systems,” IEEE Software (5), pp. 43–51 (Sep. 1997).
[biblio01entry824] 824. , Cyber Crime: How to Protect Yourself from Computer Criminals, Tiare Publications, Lake George, WI (<year>1996</year>).
[biblio01entry825] 825. , “Probabilistic Algorithms for Primality Testing,” Journal of Number Theory (1), pp. 128–138 (Feb. 1980).
[biblio01entry826] 826. and , “Security in KeyKOS,” Proceedings of the 1986 IEEE Symposium on Security and Privacy, pp. 78–85 (Apr. 1986).
[biblio01entry827] 827. , “Practical Steps Toward Providing a Cost-Effective Security Architecture Based on the Common Criteria,” Proceedings of the 21st National Information Systems Security Conference, pp. 30–41 (Oct. 1998).
[biblio01entry828] 828. , A Million Random Digits with 100,000 Normal Deviates, Free Press Publishers, Glencoe, IL (<year>1955</year>).
[biblio01entry829] 829. and , “A Toolkit and Methods for Internet Firewalls,” Proceedings of the Summer 1994 USENIX Conference, pp. 37–44 (June 1994).
[biblio01entry830] 830. and , “Implementing a Generalized Tool for Network Monitoring,” Proceedings of the 11th Systems Administration Conference (LISA 1997), pp. 26–31 (Dec. 1997).
[biblio01entry831] 831. , “Security Audit for Embedded Avionics Systems,” Proceedings of the 5th Annual Computer Security Applications Conference, pp. 78–84 (Dec. 1989).
[biblio01entry832] 832. and , Mac OS X Unleashed, SAMS Publishing, Indianapolis, IN (<year>2001</year>).
[biblio01entry833] 833. and , “Selective Revocation and Capabilities,” Proceedings of the International Workshop on Protection in Operating Systems, pp. 197–209 (Aug. 1974).
[biblio01entry834] 834. , “Cracking a Random Number Generator,” Cryptologia (1), pp. 20–26 (Jan. 1977); cited in Applied Cryptography [888].
[biblio01entry835] 835. , “Reflections on Some Recent Widespread Computer Break-Ins,” Communications of the ACM (2), pp. 103–105 (Feb. 1987).
[biblio01entry836] 836. , “A Mechanism for Information Control in Parallel Programs,” Proceedings of the 7th Symposium on Operating Systems Principles, pp. 55–62 (Dec. 1979).
[biblio01entry838] 838. and , “Meta Objects for Access Control: Extending Capability-Based Security,” Proceedings of the 1997 New Security Paradigms Workshop, pp. 17–22 (Sep. 1997).
[biblio01entry840] 840. , “On the Security of UNIX,” UNIX System Manager's Manual, pp. SM17: 1–3 (<year>1979</year>).
[biblio01entry843] 843. and , “Responses to NIST's Proposal,” Communications of the ACM (7), pp. 41–54 (July 1992).
[biblio01entry844] 844. and , “A Method for Obtaining Digital Signatures and Public-Key Cryptosystems,” Communications of the ACM (2), pp. 120–126 (Feb. 1978).
[biblio01entry845] 845. and , “The Internet Worm, with Microscope and Tweezers: the Worm from MIT's Perspective,” Communications of the ACM (6), pp. 689–698 (June 1989).
[biblio01entry846] 846. , “Assuring Safety and Mission Success for Space Station Freedom,” Proceedings of the 1990 International Symposium on Reliability and Maintainability, pp. 7–12 (June 1990).
[biblio01entry847] 847. and , “The Persistent Hacker: An Intruder Attacks a New Internet Host,” Proceedings of the 4th USENIX UNIX Security Symposium, pp. 131–138 (Oct. 1993).
[biblio01entry848] 848. , “Modelling and Verifying Key-Exchange Protocols Using CSP and FDR,” Proceedings of the 8th IEEE Computer Security Foundations Workshop, pp. 98–107 (June 1995).
[biblio01entry849] 849. and , “Non-Interference Through Determinism,” Journal of Computer Security (1), pp. 27–53 (1996).
[biblio01entry850] 850. and , “A Test for Non-Disclosure in Security Level Transitions,” Proceedings of the 1999 IEEE Symposium on Security and Privacy, pp. 1–10 (May 1999).
[biblio01entry851] 851. , “Managing the Development of Large Software Systems,” 1970 WESTCON Technical Papers , p. 8 (Aug. 1970).
[biblio01entry852] 852. and , “The DEDICA Project: The Solution to the Interoperability Problems Between the X.509 and EDIFACT Public Key Infrastructures,” Proceedings of Secure Networking—CQRE [Secure] '99 International Exhibition and Congress, pp. 242–250 (Nov. 1999).
[biblio01entry853] 853. and , “SECURE: A Simulation Tool for PKI Design,” Proceedings of Secure Networking—CQRE [Secure] '99 International Exhibition and Congress, pp. 17–29 (Nov. 1999).
[biblio01entry854] 854. , “Independent One-Time Passwords,” Computing Systems (1), pp. 15–27 (Winter 1996).
[biblio01entry855] 855. and , Web Security Sourcebook, John Wiley and Sons, New York, NY (<year>1997</year>).
[biblio01entry856] 856. , “UNIX System V with B2 Security,” Proceedings of the 13th National Computer Security Conference, pp. 1–9 (Oct. 1990).
[biblio01entry857] 857. , “Stream Ciphers,” in Contemporary Cryptology: The Science of Information Integrity [927], pp. 65–134.
[biblio01entry858] 858. , “Noninterference, Transitivity, and Channel-Control Security Policies,” Technical Report CSL-92-02, Computer Science Laboratory, SRI International, Menlo Park, CA (Dec. 1992).
[biblio01entry859] 859. , Windows NT Security: A Practical Guide to Securing Windows NT Servers and Workstations, McGraw-Hill, New York, NY (<year>1997</year>).
[biblio01entry860] 860. and , “The TAMU Security Package: An Ongoing Response to Internet Intruders in an Academic Environment,” Proceedings of the 4th USENIX UNIX Security Symposium, pp. 91–118 (Oct. 1993).
[biblio01entry862] 862. , “Modeling Spreadsheet Audit: A Rigorous Approach to Automatic Visualization,” Journal of Visual Languages and Computing (1), pp. 49–82 (Feb. 2000).
[biblio01entry863] 863. , “Accuracy, Integrity and Security in Computerized Vote-Tallying,” Communications of the ACM (10), pp. 1184–1191 (Oct. 1988).
[biblio01entry864] 864. , “Protection and the Control of Information Sharing in Multics,” Communications of the ACM (7), pp. 388–402 (July 1974).
[biblio01entry865] 865. and , “The Protection of Information in Computer Systems,” Proceedings of the IEEE (9), pp. 1278–1308 (Sep. 1975).
[biblio01entry867] 867. and , “Automatic Recognition and Analysis of Human Faces and Facial Expressions: A Survey,” Pattern Recognition , pp. 65–77 (1992); cited in “Biometrics for Automatic Identity Verification” [726].
[biblio01entry868] 868. , “Unified Login with Pluggable Authentication Modules (PAM),” Proceedings of the 3rd ACM Conference on Computer and Communications Security, pp. 1–10 (Mar. 1996).
[biblio01entry869] 869. , “Analysis of Acyclic Attenuating Systems for the SSR Protection Model,” Proceedings of the 1985 IEEE Symposium on Security and Privacy, pp. 197–206 (Apr. 1985).
[biblio01entry870] 870. , “The Schematic Protection Model: Its Definition and Analysis for Acyclic Attenuating Schemes,” Journal of the ACM (2), pp. 404–432 (Apr. 1988).
[biblio01entry871] 871. , “The Demand Operation in the Schematic Protection Model,” Information Processing Letters (4), pp. 213–219 (Apr. 1989).
[biblio01entry872] 872. , “Expressive Power of the Schematic Protection Model,” Journal of Computer Security (1), pp. 59–98 (1992).
[biblio01entry873] 873. , “Transformation of Access Rights,” Proceedings of the 1989 IEEE Symposium on Security and Privacy, pp. 259–268 (May 1989).
[biblio01entry874] 874. , “Non-Monotonic Transformation of Access Rights,” Proceedings of the 1992 IEEE Symposium on Research in Security and Privacy, pp. 148–161 (Apr. 1992).
[biblio01entry875] 875. , “The Typed Access Matrix Model,” Proceedings of the 1992 IEEE Symposium on Security and Privacy, pp. 122–136 (Apr. 1992).
[biblio01entry876] 876. and , “Decentralized Group Hierarchies in UNIX: An Experiment and Lessons Learned,” Proceedings of the 21st National Information Systems Security Conference, pp. 486–502 (Oct. 1998).
[biblio01entry877] 877. and , “On Testing for the Absence of Rights in Access Control Models,” Proceedings of the Computer Security Foundations Workshop IV, pp. 109–118 (June 1993).
[biblio01entry878] 878. and , “On the Minimality of Testing for Rights in Transformation Models,” Proceedings of the 1994 IEEE Symposium on Research in Security and Privacy, pp. 230–241 (Apr. 1994).
[biblio01entry879] 879. , “Building an FTP Guard,” Proceedings of the 21st National Information Systems Security Conference, pp. 432–442 (Oct. 1998).
[biblio01entry880] 880. and , “Practical Network Support for IP Traceback,” Computer Communication Review (4) pp. 295–306 (Aug. 2000).
[biblio01entry881] 881. and “Locking Computers Securely,” Proceedings of the 10th National Computer Security Conference, pp. 129–141 (Sep. 1987).
[biblio01entry882] 882. and , “LOCK Trek: Navigating Uncharted Space,” Proceedings of the 1989 Symposium on Security and Privacy, pp. 167–175 (May 1989).
[biblio01entry883] 883. and , “Program Confinement in KVM/370,” Proceedings of the 1977 ACM Annual Conference, pp. 404–410 (Oct. 1977).
[biblio01entry884] 884. , “Is Centralized System Administration the Answer?” Proceedings of the 6th Systems Administration Conference (LISA 1992), pp. 55–61 (Oct. 1992).
[biblio01entry885] 885. and , “Designing the GEMSOS Security Kernel for Security and Performance,” Proceedings of the 8th National Computer Security Conference, pp. 108–119 (Oct. 1985).
[biblio01entry886] 886. , “The Clipper Chip: Cryptography, Technology and the Constitution—the Government's Answer to Encryption 'Chips' Away at Constitutional Rights,” Rutgers Computer and Technology Law Journal (1), pp. 263–292 (1995).
[biblio01entry887] 887. and , “Infrastructure for Intrusion Detection and Response,” Proceedings of the DARPA Information Survivability Conference and Exposition , pp. 3–11 (Jan. 2000).
[biblio01entry888] 888. , Applied Cryptography, 2nd Edition, John Wiley and Sons, New York, NY (<year>1996</year>).
[biblio01entry889] 889. and , “The 'Worm' Programs—Early Experiences with a Distributed Computation,” Communications of the ACM (3), pp. 172–180 (Mar. 1982).
[biblio01entry890] 890. , “SSL/TLS Protocol Enablement for Key Recovery,” Computers and Security (1), pp. 100–104 (Jan./Feb. 2000).
[biblio01entry891] 891. and , Life and Death on the Internet, Supple Publishing, Menosha, WI (<year>1998</year>).
[biblio01entry892] 892. , “Addressing Weaknesses in the Domain Name System Protocol,” Master's thesis, Department of Computer Sciences, Purdue University, West Lafayette, IN (Aug. 1993).
[biblio01entry893] 893. and , “Analysis of a Denial of Service Attack on TCP,” Proceedings of the 1997 IEEE Symposium on Security and Privacy, pp. 208–223 (May 1997).
[biblio01entry894] 894. and , “A Reference Model for Firewall Technology,” Proceedings of the 13th Annual Computer Security Applications Conference, pp. 133–145 (Dec. 1997).
[biblio01entry895] 895. , “Wide Open Encryption Design Offers Flexible Implementations,” Cryptologia (1), pp. 75–90 (Jan. 1985).
[biblio01entry896] 896. and , Virtual Private Networks, O'Reilly & Associates, Sebastopol, CA (<year>1998</year>).
[biblio01entry897] 897. and , Cryptography: An Introduction to Computer Security, Prentice-Hall, Englewood Cliffs, NJ (<year>1989</year>).
[biblio01entry898] 898. , “Secure Software Engineering Capability Maturity Model Web Page,” http://www.sse-cmm.org (2001).
[biblio01entry899] 899. and , “The Auditing Facility for a VMM Security Kernel,” Proceedings of the 1990 IEEE Symposium on Research in Security and Privacy, pp. 262–277 (<year>1990</year>).
[biblio01entry900] 900. , “Password Cracking: A Game of Wits,” Communications of the ACM (6), pp. 700–703 (June 1989).
[biblio01entry901] 901. , “A Tour of the Worm,” Proceedings of the 1989 Winter USENIX Conference, pp. 287–304 (Jan. 1989).
[biblio01entry902] 902. and , “On Preventing Intrusions by Process Behavior Monitoring,” Proceedings of the Workshop on Intrusion Detection and Network Monitoring, pp. 29–40 (Apr. 1999).
[biblio01entry903] 903. , “Rating Network Components,” Proceedings of the 18th National Information Systems Security Conference, pp. 344–355 (Oct. 1995).
[biblio01entry904] 904. , SET Secure Electronic Transaction Specification, Book 1: Business Description, Version 1.0 (May 1997).
[biblio01entry905] 905. , SET Secure Electronic Transaction Specification, Book 2: Programmers' Guide, Version 1.0 (May 1997).
[biblio01entry906] 906. , SET Secure Electronic Transaction Specification, Book 3: Formal Protocol Definition, Version 1.0 (May 1997).
[biblio01entry908] 908. , “A Mathematical Theory of Communication,” Bell Systems Technical Journal , pp. 379–423, 623–656 (Oct. 1948).
[biblio01entry909] 909. , “Communication Theory of Secrecy Systems,” Bell Systems Technical Journal , pp. 656–715 (Oct. 1949).
[biblio01entry910] 910. and , “EROS: A Principle-Driven Operating System from the Ground Up,” IEEE Software (1), pp. 26–33 (Jan./Feb. 2002).
[biblio01entry911] 911. and , “EROS: A Fast Capability System,” Proceedings of the 17th ACM Symposium on Operating Systems Principles, pp. 170–185 (Dec. 1999).
[biblio01entry912] 912. and , “Verifying the EROS Confinement Mechanism,” Proceedings of the 2000 IEEE Symposium on Security and Privacy, pp. 166–176 (May 2000).
[biblio01entry913] 913. and , “Detecting Illicit Leakage of Information in Operating Systems,” Journal of Computer Security (2, 3), pp. 123–148 (Dec. 1996).
[biblio01entry914] 914. and , Takedown: The Pursuit and Capture of Kevin Mitnick, America's Most Wanted Computer Outlaw—By the Man Who Did It, Hyperion Books, New York, NY (<year>1996</year>).
[biblio01entry915] 915. and , “Fast Data Encipherment Algorithm FEAL,” Advances in Cryptology—Proceedings of EUROCRYPT '87, pp. 267–278 (<year>1987</year>).
[biblio01entry916] 916. , Security Architecture for Internet Protocols: A Guide for Protocol Designs and Standards, Internet Draft: draft-irtf-psrg-secarch-sect1-00.txt (Nov. 1994).
[biblio01entry917] 917. , Designing the User Interface: Strategies for Effective Human-Computer-Interaction, 3rd Edition, Addison Wesley Longman, Reading, MA (<year>1998</year>).
[biblio01entry918] 918. , “Inter-Network Naming, Addressing, and Routing,” Proceedings of COMPCON '78, pp. 72–79 (<year>1978</year>).
[biblio01entry919] 919. , “IGOR: The Intelligence Guard for ONI Replication,” Proceedings of the 19th National Computer Security Conference, pp. 607–619 (Oct. 1996).
[biblio01entry920] 920. , “Auditing in a Distributed System: Secure SunOS Audit Trails,” Proceedings of the 11th National Computer Security Conference, pp. 81–91 (Oct. 1988).
[biblio01entry921] 921. and , “A Multilevel Secure Local Area Network,” Proceedings of the 1982 IEEE Symposium on Privacy and Security, pp. 137–143 (Apr. 1982).
[biblio01entry922] 922. , sendmail 8.9.3 for IRIX 6.5.7, SGI Security Advisory 20000302-01-P3865 (Mar. 2000).
[biblio01entry923] 923. , “Forward Search as a Cryptanalytic Tool Against a Public Key Privacy Channel,” Proceedings of the 1982 IEEE Symposium on Security and Privacy, pp. 117–128 (Apr. 1982).
[biblio01entry924] 924. , “How to (Really) Share a Secret,” Advances in Cryptology—Proceedings of CRYPTO '88, pp. 390–448 (Aug. 1988).
[biblio01entry925] 925. , “Prepositioned Secret Sharing Schemes and/or Shared Control Schemes,” Advances in Cryptology—Proceedings of EUROCRYPT '89, pp. 436–467 (Apr. 1989).
[biblio01entry926] 926. , “Geometric Shared Secret and/or Shared Control Schemes,” Advances in Cryptology—Proceedings of CRYPTO '90, pp. 216–241 (<year>1990</year>).
[biblio01entry927] 927. , Contemporary Cryptology: The Science of Information Integrity, IEEE Press, Piscataway, NJ (<year>1992</year>).
[biblio01entry928] 928. and , “Separation of Duty in Role-Based Environments,” Proceedings of the Computer Security Foundations Workshop, MITRE Technical Report M88-37, MITRE Corporation, Bedford, MA, pp. 183–194 (June 1997).
[biblio01entry929] 929. , Elementary Cryptanalysis: A Mathematical Approach, Random House, New York, NY (<year>1968</year>).
[biblio01entry930] 930. and , “Trailer—an Inspection and Audit Tool for System-Usage Logs,” Proceedings of the 2nd European Conference, pp. 151–161 (June 1988).
[biblio01entry931] 931. and , Masters of Deception: The Gang That Ruled Cyberspace, Harperperennial Library, New York, NY (<year>1996</year>).
[biblio01entry932] 932. , “Policy Driven Management for Distributed Systems,” Journal of Network and Systems Management (4), pp. 333–360 (Dec. 1994).
[biblio01entry933] 933. , “Haystack: An Intrusion Detection System,” Proceedings of the 4th Aerospace Computer Security Applications Conference, pp. 37–44 (Dec. 1988).
[biblio01entry934] 934. , “Misfit: A Tool for Constructing Safe Extensible C++ Systems,” Proceedings of the 3rd USENIX Conference on Object-Oriented Technologies, pp. 38–48 (June 1997).
[biblio01entry935] 935. and , “Secure Information Flow in a Multi-Threaded Imperative Language,” Proceedings of the 25th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pp. 355–364 (Jan. 1998).
[biblio01entry936] 936. and , “Entity Modelling in the MLS Relational Model,” Proceedings of the 18th International Conference Very Large Data Bases, pp. 199–210 (Aug. 1992).
[biblio01entry937] 937. , “Constructing a High Assurance Mail Guard,” Proceedings of the 17th National Computer Security Conference, pp. 247–253 (Oct. 1994).
[biblio01entry938] 938. , “Cost Profile of a Highly Assured, Secure Operating System,” ACM Transactions on Information and Systems Security (1), pp. 72–101 (Feb. 2001).
[biblio01entry939] 939. , “User Definable Domains as a Mechanism for Implementing the Least Privilege Principle,” Proceedings of the 9th National Computer Security Conference, pp. 143–148 (Sep. 1986).
[biblio01entry940] 940. and “DIDS (Distributed Intrusion Detection System): Motivation, Architecture, and an Early Prototype,” Proceedings of the 14th National Computer Security Conference, pp. 167–176 (Oct. 1991).
[biblio01entry941] 941. , “The Future Is Not Assured—But It Should Be,” Proceedings of the 1999 IEEE Symposium on Security and Privacy, pp. 240–241 (May 1999).
[biblio01entry942] 942. , “On the Synthesis and Analysis of Protection Systems,” Proceedings of the Sixth Symposium on Operating Systems Principles, pp. 141–150 (Nov. 1977).
[biblio01entry943] 943. , “Formal Models of Capability-Based Protection Systems,” IEEE Transactions on Computers (3), pp. 172–181 (Mar. 1981).
[biblio01entry944] 944. , “Theft and Conspiracy in the Take-Grant Protection Model,” Journal of Computer and System Science (3), pp. 333–347 (Dec. 1981).
[biblio01entry945] 945. and , “Pseudonymous Audit for Privacy Enhanced Intrusion Detection,” Information Security in Research and Business—Proceedings of the IFIP TC11 13th International Conference on Information Security, pp. 151–163 (May 1997).
[biblio01entry946] 946. and , “On Blind Signatures and Perfect Crimes,” Computers and Security (6), pp. 581–583 (Oct. 1992).
[biblio01entry947] 947. and , Inside Microsoft Windows 2000, 3rd Edition, Microsoft Press, Redmond, WA (<year>2000</year>).
[biblio01entry948] 948. and , “Automated Response Using System-Call Delays,” Proceedings of the 9th USENIX Security Symposium, pp. 185–197 (Aug. 2000).
[biblio01entry949] 949. and , “Principles of a Computer Immune System,” Proceedings of the 1997 New Security Paradigms Workshop, pp. 75–82 (Sep. 1997).
[biblio01entry950] 950. , Software Engineering, 6th Edition, Addison-Wesley, Boston, MA (<year>2001</year>).
[biblio01entry951] 951. and , “Partial Security Policies to Support Timeliness in Secure Real-Time Databases,” Proceedings of the 1998 IEEE Symposium on Security and Privacy, pp. 136–147 (May 1998).
[biblio01entry952] 952. , “The Internet Worm Program: An Analysis,” Computer Communications Review (1), pp. 17–57 (Jan. 1989).
[biblio01entry953] 953. , “Crisis and Aftermath,” Communications of the ACM (6), pp. 678–687 (June 1989).
[biblio01entry954] 954. , “Observing Reusable Password Choices,” Proceedings of the 3rd UNIX Security Symposium, pp. 299–312 (Sep. 1992).
[biblio01entry955] 955. , “OPUS: Preventing Weak Password Choices,” Computers and Security (3), pp. 273–278 (June 1992).
[biblio01entry956] 956. and , Computer Viruses: Dealing with Electronic Vandalism and Programmed Threats, ADAPSO, Arlington, VA (<year>1989</year>).
[biblio01entry957] 957. and , “Software Forensics: Can We Track Code to Its Authors?” Proceedings of the 15th National Information Systems Security Conference, pp. 641–650 (Oct. 1992).
[biblio01entry958] 958. and , “Intrusion Detection Using Autonomous Agents,” Computer Networks (4), pp. 547–570 (Oct. 2000).
[biblio01entry959] 959. and , Traditional IP Network Address Translator (Traditional NAT), RFC 3022 (Jan. 2001).
[biblio01entry960] 960. , Network Security Essentials: Applications and Standards, Prentice-Hall, Upper Saddle River, NJ (<year>2000</year>).
[biblio01entry961] 961. , “The Right to Read,” Communications of the ACM (2), pp. 85–87 (Dec. 1997).
[biblio01entry962] 962. and , “Debugging with GDB: The GNU Source-Level Debugger,” www.Iuniverse.com, New York, NY (Dec. 2000).
[biblio01entry963] 963. and , “GrIDS—A Graph-Based Intrusion Detection System for Large Networks,” Proceedings of the 19th National Information Systems Security Conference, pp. 361–370 (Oct. 1996).
[biblio01entry964] 964. and , “Holding Intruders Accountable on the Internet,” Proceedings of the 1995 IEEE Symposium on Security and Privacy, pp. 39–49 (May 1995).
[biblio01entry965] 965. , Toward Zero-Defect Programming, Addison-Wesley, Reading, MA (<year>1998</year>).
[biblio01entry966] 966. , Web Security: A Step-by-Step Reference Guide, Addison-Wesley Publishing Co., Reading, MA (<year>1998</year>).
[biblio01entry967] 967. and , “Kerberos: An Authentication Service for Open Network Systems,” Proceedings of the 1988 Winter USENIX Conference, pp. 191–202 (Feb. 1988).
[biblio01entry968] 968. , The Hacker Crackdown: Law and Disorder on the Electronic Frontier, Bantam Books, New York, NY (<year>1993</year>).
[biblio01entry969] 969. and , Managing NFS and NIS, 2nd Edition, O'Reilly and Associates, Sebastopol, CA (<year>2001</year>).
[biblio01entry970] 970. , “On the Buzzword 'Security Policy',” Proceedings of the 1991 IEEE Symposium on Security and Privacy, pp. 219–230 (May 1991).
[biblio01entry971] 971. , “Cryptanalysis of Contents Scrambling System” (Nov. 8, 1999); available at http://www.lemuria.org/DeCSS/crypto.gq.nu/.
[biblio01entry972] 972. , “A Structure for Access Control Lists,” Software—Practice and Experience (10), pp. 813–819 (Oct. 1979).
[biblio01entry973] 973. , “Stalking the Wily Hacker,” Communications of the ACM (5), pp. 484–497 (May 1988).
[biblio01entry974] 974. , “An Epidemiology of Viruses and Network Worms,” Proceedings of the 12th National Computer Security Conference, pp. 369–377 (Oct. 1989).
[biblio01entry975] 975. , The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage, Pocket Books, New York, NY (<year>1995</year>).
[biblio01entry976] 976. , “The Draft Federal Criteria and the ITSEC: Progress Towards Alignment,” Proceedings of the 16th National Computer Security Conference, pp. 311–323 (Sep. 1993).
[biblio01entry977] 977. , “Denial of Service Protection—The Nozzle,” Proceedings of the 16th Annual Computer Security Applications Conference, pp. 32–41 (Dec. 2000).
[biblio01entry978] 978. and , “Self-Securing Storage: Protecting Data in Compromised Systems,” Proceedings of the 4th Symposium on Operating Systems Design and Implementation, pp. 165–179 (Oct. 2000).
[biblio01entry979] 979. and , “How to Encrypt /usr/dict/words in About a Second,” Technical Report PCS-TR92-182, Department of Mathematics and Computer Science, Dartmouth College, Hanover, NH (Jan. 1992).
[biblio01entry980] 980. and , “Virtualizing I/O Devices on VMware Workstation's Hosted Virtual Machine Monitor,” Proceedings of the 2001 USENIX Annual Technical Conference, pp. 1–14 (June 2001).
[biblio01entry982] 982. , Installing, Administering, and Using the Basic Security Module, Sun Microsystems, Inc., Mountain View, CA (April 1992).
[biblio01entry983] 983. , Version 8.8.8 Sendmail for SunOS™ 5.6 and 5.5.1, Security Bulletin #00187 (June 1999).
[biblio01entry984] 984. , “A Model of Information,” Proceedings of the 9th National Computer Security Conference, pp. 175–183 (Sep. 1986).
[biblio01entry985] 985. , Systems Security Engineering Capability Maturity Model, Version 2.0 (Apr. 1999).
[biblio01entry986] 986. , “Limitations on Design Principles for Public Key Protocols,” Proceedings of the 1996 Symposium on Privacy and Security, pp. 62–72 (May 1996).
[biblio01entry987] 987. and , “Tudumi: Log Information Visualization System for Intrusion Detection,” Technical Report UEC-IS-TR-2000-08, Graduate School of Information Systems, University of Electro-Communications, Chofu, Tokyo, Japan (Sep. 2000).
[biblio01entry988] 988. and , “MieLog: Visual Log Information Browsing System With their Characteristics,” Transactions of the Information Processing Society of Japan, (12), pp. 3265–3275 (Dec. 2000).
[biblio01entry989] 989. , Modern Operating Systems, Prentice-Hall, Englewood Cliffs, NJ (<year>1992</year>).
[biblio01entry990] 990. , Computer Networks, 3rd Edition, Prentice-Hall, Upper Saddle River, NJ (<year>1996</year>).
[biblio01entry991] 991. and , “SPX: Global Authentication Using Public Key Certificates,” Proceedings of the 1991 IEEE Symposium on Research in Security and Privacy, pp. 232–244 (May 1991).
[biblio01entry992] 992. , “Comparison Paper Between the Bell and LaPadula Model and the SRI Model,” Proceedings of the 1984 Symposium on Security and Privacy, pp. 195–202 (Apr. 1984).
[biblio01entry993] 993. and , “Adaptive Real-Time Anomaly Detection Using Inductively Generated Sequential Patterns,” Proceedings of the 1990 IEEE Symposium on Research in Security and Privacy, pp. 278–284 (May 1990).
[biblio01entry994] 994. and , “Trusted RUBIX Architecture and Policy Model Interpretation,” Proceedings of the 8th Annual Computer Security Applications Conference, pp. 97–110 (Nov./Dec. 1992).
[biblio01entry995] 995. , “Reflections on Trusting Trust,” Communications of the ACM (8), pp. 761–763 (Aug. 1984).
[biblio01entry996] 996. , “Sidewinder: Combining Type Enforcement and UNIX,” Proceedings of the 11th Annual Computer Security Applications Conference, pp. 14–20 (Dec. 1995).
[biblio01entry997] 997. and , “How to Share a Secret with Cheaters,” Journal of Cryptology (2), pp. 133–138 (1988).
[biblio01entry998] 998. and , Introduction to Cryptography with Coding Theory, Prentice-Hall, Upper Saddle River, NJ (<year>2002</year>).
[biblio01entry999] 999. , “Modelling a Fuzzy Time System,” Proceedings of the 1993 IEEE Symposium on Research in Security and Privacy, pp. 82–89 (May 1993).
[biblio01entry1000] 1000. , Trusted Computing Platform Alliance (TCPA) Main Specification, Version 1.1a (Dec. 2001).
[biblio01entry1001] 1001. , A Proposed Interpretation of the TCSEC for Virtual Machine Monitor Architectures, Trusted Information Systems, Glenwood, MD (May 1990).
[biblio01entry1002] 1002. and , “A Formal Method for the Identification of Covert Storage Channels in Source Code,” Proceedings of the 1987 Symposium on Security and Privacy, pp. 108–121 (Apr. 1987).
[biblio01entry1003] 1003. and , “A Bandwidth Computation Model for Covert Storage Channels and Its Applications,” Proceedings of the 1988 Symposium on Security and Privacy, pp. 74–86 (Apr. 1988).
[biblio01entry1004] 1004. and , “Knowledge-Based Software Architectures: Acquisition, Specification, and Verification,” IEEE Transactions on Knowledge and Data Engineering (1), pp. 187–201 (Jan./Feb. 1999).
[biblio01entry1005] 1005. , “Hellman Presents No Shortcut Solutions to DES,” IEEE Spectrum (7), pp. 40–41 (July 1979).
[biblio01entry1006] 1006. and , “Efficacy of the Data Encryption Standard in Data Processing,” Proceedings of Compcon '78, pp. 340–347 (Sep. 1978).
[biblio01entry1007] 1007. K.Turner (ed.), Using Formal Description Techniques: An Introduction to Estelle, LOTOS, and SDL, John Wiley and Sons, Chichester, UK (<year>1993</year>).
[biblio01entry1008] 1008. , iAPX 432 General Data Processor Architecture Reference Manual, Intel Corporation, Aloha, OR (<year>1981</year>).
[biblio01entry1009] 1009. and , “Detection of Anomalous Computer Session Activity,” Proceedings of the 1989 IEEE Symposium on Security and Privacy, pp. 280–289 (May 1989).
[biblio01entry1010] 1010. and , Incident Response, O'Reilly and Associates, Inc., Sebastopol, CA 95472 (Aug. 2001).
[biblio01entry1011] 1011. , “Security Enhanced Mobile Agents,” Proceedings of the 7th ACM Conference on Computer and Communications Security, pp. 200–209 (Nov. 2000).
[biblio01entry1012] 1012. , “TCP Wrapper: Network Monitoring, Access Control, and Booby Traps,” Proceedings of the 3rd USENIX UNIX Security Symposium, pp. 85–92 (Sep. 1992).
[biblio01entry1013] 1013. and , “Capacity Estimation and Auditability of Network Covert Channels,” Proceedings of the 1995 Symposium on Security and Privacy, pp. 186–198 (May 1995).
[biblio01entry1014] 1014. and , Building Secure Software: How to Avoid Security Problems the Right Way, Addison-Wesley, Boston, MA (<year>2002</year>).
[biblio01entry1015] 1015. and , “STEL: Secure TELnet,” Proceedings of the 5th USENIX UNIX Security Symposium, pp. 75–83 (June 1995).
[biblio01entry1016] 1016. , The Aeneid (translated by ), Vintage Books, New York, NY (<year>1983</year>).
[biblio01entry1017] 1017. and , “Safety Case for the NERC Air Traffic Control System,” Proceedings of the 15th International Conference on Computer Safety, Reliability and Security, pp. 345–362 (Oct. 1996).
[biblio01entry1018] 1018. , “DNS and BIND Security Issues,” Proceedings of the 5th USENIX UNIX Security Symposium, pp. 209–216 (June 1995).
[biblio01entry1019] 1019. and , “Software Fault Injection for Survivability,” Proceedings of the DARPA Information Survivability Conference and Exposition, pp. 338–346 (Jan. 2000).
[biblio01entry1020] 1020. and , “Defining an Adaptive Software Security Metric from a Dynamic Software Failure Tolerance Measure,” Proceedings of the 11th Annual Conference on Computer Assurance, pp. 250–263 (June 1996).
[biblio01entry1021] 1021. and , “Reducing Uncertainty About Common-Mode Failures,” Proceedings of the 8th International Symposium on Software Reliability Engineering, pp. 308–319 (Nov. 1997).
[biblio01entry1022] 1022. , “PUMA: A Capability-Based Architecture to Support Security and Fault Tolerance,” Proceedings of the International Workshop on Computer Architectures to Support Security and Persistence of Information, pp. 217–228 (May 1990).
[biblio01entry1023] 1023. and , “A Sound Type System for Secure Flow Analysis,” Journal of Computer Security (2, 3), pp. 167–187 (1996).
[biblio01entry1024] 1024. and , “Security Mechanisms in High-Level Network Protocols,” Computing Surveys (2), pp. 135–171 (June 1983).
[biblio01entry1025] 1025. and , Computer Viruses and Related Threats: A Management Guide, NIST Special Publication 500–166, National Institute of Standards and Technology, Washington, DC (Aug. 1989).
[biblio01entry1026] 1026. and , “A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities,” Proceedings of the 2000 Symposium on Network and Distributed System Security, pp. 1–15 (Feb. 2000).
[biblio01entry1027] 1027. and , “Analysis of the SSL 3.0 Protocol,” Proceedings of the 2nd USENIX Workshop on Electronic Commerce, pp. 29–40 (Nov. 1996).
[biblio01entry1028] 1028. and , “Efficient Software-Based Fault Isolation,” Proceedings of the 14th Symposium on Operating Systems Principles, pp. 202–216 (Dec. 1993).
[biblio01entry1029] 1029. and , Lightweight Directory Access Protocol (v3): UTF-8 String Representation of Distinguished Names, RFC 2253 (Dec. 1997).
[biblio01entry1030] 1030. and , “The Dining Cryptographers in the Disco: Unconditional Sender and Recipient Untraceability with Computationally Secure Serviceability,” Advances in Cryptology—Proceedings of EUROCRYPT '89, pp. 690 (Apr. 1989).
[biblio01entry1031] 1031. and , “Confining Root Programs with Domain and Type Enforcement (DTE),” Proceedings of the 6th USENIX Security Symposium, pp. 21–36 (<year>1996</year>).
[biblio01entry1032] 1032. and , “Commercial Key Recovery,” Communications of the ACM (3), pp. 41–47 (Mar. 1996).
[biblio01entry1033] 1033. and , Programming Perl, 2nd Edition, O'Reilly and Associates, Sebastopol, CA (Sep. 1996).
[biblio01entry1035] 1035. , “LAFS: A Logging and Auditing File System,” Proceedings of the 11th Annual Computer Security Applications Conference, pp. 231–240 (Dec. 1995).
[biblio01entry1036] 1036. , “Program Slicing,” IEEE Transactions on Software Engineering, (4), pp. 352–357 (July 1984).
[biblio01entry1037] 1037. , “Security Controls in the ADEPT-50 Time-Sharing System,” Proceedings of the 1969 Fall Joint Computer Conference, pp. 119–133 (Nov. 1969).
[biblio01entry1038] 1038. , “Security Penetration Testing Guideline,” Chapter 10, Handbook for the Computer Security Certification of Trusted Systems, TM 5540:082A, Naval Research Laboratory, Washington, DC (Jan. 1995).
[biblio01entry1039] 1039. , “Penetration Testing,” in Information Security:An Integrated Collection of Essays [6], pp. 269–296.
[biblio01entry1040] 1040. , “Secure Programming for Linux and UNIX HOWTO”; available at http://www.dwheeler.com/secure-programs.
[biblio01entry1041] 1041. , Computer Capers: Tales of Electronic Thievery, Embezzlement, and Fraud, Crowell Publishers, New York, NY (<year>1978</year>).
[biblio01entry1042] 1042. and , “Why Johnny Can't Encrypt: A Usability Evaluation of PGP 5.0,” Proceedings of the 8th USENIX Security Symposium (Aug. 1999).
[biblio01entry1043] 1043. and , “PACLs: An Access Control List Approach to Anti-Viral Security,” Proceedings of the 13th National Computer Security Conference, pp. 340–349 (Oct. 1990).
[biblio01entry1044] 1044. and , “Wiemer-Murray Domain Security Policy Model for International Interoperability,” Proceedings of the 21st National Information Systems Security Conference, pp. 526–536 (Oct. 1998).
[biblio01entry1045] 1045. and , “A System for Automatic Iris Recognition,” Pattern Recognition , pp. 121–128 (1994).
[biblio01entry1046] 1046. , Time-Sharing Computing Systems, 3rd Edition, Elsevier McDonald Publishing Co., New York, NY (<year>1975</year>).
[biblio01entry1047] 1047. and , “A Penetration Analysis of a Burroughs Large System,” Operating Systems Review (1), pp. 14–25 (Jan. 1981).
[biblio01entry1048] 1048. and , “P/sup 3/I–Protection Profile Process Improvement,” Proceedings of the 22nd National Information Systems Security Conference, pp. 175–188 (Oct. 1999).
[biblio01entry1049] 1049. and , Windows 2000 System Administration Handbook, Prentice-Hall, Upper Saddle River, NJ (<year>2000</year>).
[biblio01entry1050] 1050. and , “Computer Based Support for Standards and Processes in Safety Critical Systems,” Proceedings of the16th International Conference on Computer Safety, Reliability and Security, pp. 197–209 (Sep. 1997).
[biblio01entry1051] 1051. , “A Symbiotic Relationship Between Formal Methods and Security,” Proceedings of Computer Security, Dependability, and Assurance: From Needs to Solutions, pp. 26–38 (Nov. 1998).
[biblio01entry1052] 1052. , “The Non-Technical Threat to Computing Systems,” Computing Systems (1), pp. 3–14 (Winter 1996).
[biblio01entry1053] 1053. , “SYBASE: The Trusted Subject DBMS,” Proceedings of the 13th National Computer Security Conference, pp. 589–593 (Oct. 1990).
[biblio01entry1054] 1054. , “A Secure Capability Computer System,” Proceedings of the 1986 IEEE Symposium on Security and Privacy, pp. 86–94 (Apr. 1986).
[biblio01entry1055] 1055. , “Preventing Viruses in Computer Systems,” Computers and Security (5), pp. 427–432 (Aug. 1989).
[biblio01entry1056] 1056. and , “Authentication for Distributed Systems,” IEEE Computer (1), pp. 39–52 (Jan. 1992).
[biblio01entry1057] 1057. , “Principles of Secure Information Systems Design,” Computers and Security (1), pp. 13–24 (Feb. 1990).
[biblio01entry1058] 1058. , “Principles of Secure Information Systems Design with Groupware Examples,” Computers and Security (7), pp. 663–678 (Nov. 1993).
[biblio01entry1059] 1059. , Information Security Policies Made Easy: A Comprehensive Set of Information Security Policies, Version 4, Baseline Software, Sausalito, CA (<year>1994</year>).
[biblio01entry1060] 1060. and , UNIX System Security, Hayden Books, Indianapolis, IN (<year>1985</year>).
[biblio01entry1061] 1061. , “An Analysis of Covert Timing Channels,” Proceedings of the 1991 IEEE Symposium on Research in Security and Privacy, pp. 2–6 (May 1991).
[biblio01entry1062] 1062. and , “HYDRA: The Kernel of a Multiprocessor System,” Communications of the ACM (6), pp. 337–345 (June 1974).
[biblio01entry1063] 1063. and , “Key Applications for High-Assurance Systems,” IEEE Computer (4), pp. 35–46 (Apr. 1998).
[biblio01entry1064] 1064. , “Polymorphic Viruses: Implementation, Detection, and Protection,” VDS Advanced Research Group, Baltimore, MD (Jan. 1993).
[biblio01entry1065] 1065. , “SSH—Secure Login Connections over the Internet,” Proceedings of the 6th Annual USENIX Security Symposium, pp. 37–42 (June 1996).
[biblio01entry1066] 1066. , “Taxonomy of Computer Virus Defense Mechanisms,” Proceedings of the 10th National Computer Security Conference, pp. 220–225 (Sep. 1987).
[biblio01entry1067] 1067. and , “Intrusion-Detection for Incident-Response, Using a Military Battlefield-Intelligence Process,” Computer Networks (4), pp. 671–697 (Oct. 2000).
[biblio01entry1068] 1068. and , “Feature Extraction Using a Multilayer Perceptron,” Computer Vision and Pattern Recognition, pp. 104–109 (<year>1989</year>).
[biblio01entry1069] 1069. and , “The Composability of Non-Interference,” Proceedings of the 8th IEEE Computer Security Foundations Workshop, pp. 2–8 (June 1995).
[biblio01entry1070] 1070. and , “Four Dark Corners of Requirements Engineering,” ACM Transactions on Software Engineering and Methodology (1), pp. 1–30 (Jan. 1997).
[biblio01entry1071] 1071. and , “HAVAL—A One-Way Hashing Algorithm with Variable Length of Output,” Advances in Cryptology—Proceedings of AUSCRYPT '92, pp. 83–104 (Dec. 1992).
[biblio01entry1073] 1073. , PGP Source Code and Internals, MIT Press, Boston, MA (<year>1995</year>).
[biblio01entry1074] 1074. and , “User-Centered Security,” Proceedings of the 1996 New Security Paradigms Workshop, pp. 27–33 (Sep. 1996).