Sciweavers

ACSAC
1998
IEEE
14 years 3 months ago
NetSTAT: A Network-Based Intrusion Detection Approach
Network-based attacks have become common and sophisticated. For this reason, intrusion detection systems are now shifting their focus from the hosts and their operating systems to...
Giovanni Vigna, Richard A. Kemmerer
ACSAC
1998
IEEE
14 years 3 months ago
Role-Based Access Control Framework for Network Enterprises
A business's success depends on its ability to protect valuable business assets in an increasingly hostile environment. Protecting information requires a cost, not only in pu...
D. J. Thomsen, D. O'Brien, J. Bogle
ACSAC
1998
IEEE
14 years 3 months ago
A Certified E-Mail Protocol
Protocols to facilitate secure electronic delivery are necessary if the Internet is to achieve its true potential as a business communications tool. We present a protocol for secu...
Bruce Schneier, James Riordan
ACSAC
1998
IEEE
14 years 3 months ago
The RRA97 Model for Role-Based Administration of Role Hierarchies
Abstract Role-based access control RBAC has recently received a lot of attention due to its exibility, expressive power and simplicity in administration. In RBAC permissions are as...
Ravi S. Sandhu, Qamar Munawer
ACSAC
1998
IEEE
14 years 3 months ago
Security Services in an Open Service Environment
Emerging telecommunication services use, store, or transmit sensitive personal data to form individual network services. We suggest an add-on approach to realize secure telecommun...
Reiner Sailer
ACSAC
1998
IEEE
14 years 3 months ago
Electronic Submission Protocol Based on Temporal Accountability
This paper describes various possible attacks on temporal properties such as temporal records of payment times and declarations of the closing times for electronic submissions, an...
Michiharu Kudo
ACSAC
1998
IEEE
14 years 3 months ago
Protecting Web Servers from Security Holes in Server-Side Includes
This paper first investigates and analyzes security holes concerning the use of Server-Side Includes (SSI) in some of the most used Web server software packages. We show that, by ...
Jared Karro, Jie Wang
ACSAC
1998
IEEE
14 years 3 months ago
A Practical Approach to Measuring Assurance
1 Assurance has been defined as "the degree of confidence that security needs are satisfied"[2]. The problem with this definition is that, unless one has a way to specify...
G. F. Jelen, J. R. Williams
ACSAC
1998
IEEE
14 years 3 months ago
Application-Level Isolation to Cope with Malicious Database Users
System protection mechanisms such as access controls can be fooled by authorized but malicious users, masqueraders, and misfeasors. Intrusion detection techniques are therefore us...
Sushil Jajodia, Peng Liu, Catherine D. McCollum
ACSAC
1998
IEEE
14 years 3 months ago
Concentric Supervision of Security Applications: A New Security Management Paradigm
This paper questions the status quo regarding Security Management (SM) tools that function in an isolated, monolithic fashion. People work best by interacting with others and with...
P. C. Hyland, Ravi S. Sandhu