Sciweavers

ACSAC
2009
IEEE
13 years 10 months ago
RoleVAT: Visual Assessment of Practical Need for Role Based Access Control
Abstract--Role based access control (RBAC) is a powerful security administration concept that can simplify permission assignment management. Migration to and maintenance of RBAC re...
Dana Zhang, Kotagiri Ramamohanarao, Steven Verstee...
ACSAC
2009
IEEE
14 years 4 months ago
Reflections on UNIX Vulnerabilities
The UNIX operating system was developed in a friendly, collaborative environment without any particular predefined objectives. As it entered less friendly environments, expanded it...
Matt Bishop
ACSAC
2009
IEEE
14 years 4 months ago
Justifying Integrity Using a Virtual Machine Verifier
Emerging distributed computing architectures, such as grid and cloud computing, depend on the high integrity execution of each system in the computation. While integrity measuremen...
Joshua Schiffman, Thomas Moyer, Christopher Shal, ...
ACSAC
2009
IEEE
14 years 4 months ago
A Network Access Control Mechanism Based on Behavior Profiles
Abstract--Current Network Access Control (NAC) technologies manage the access of new devices into a network to prevent rogue devices from attacking network hosts or services. Typic...
Vanessa Frías-Martínez, Joseph Sherr...
ACSAC
2009
IEEE
14 years 4 months ago
RAD: Reflector Attack Defense Using Message Authentication Codes
Reflector attacks are a variant of denial-of-service attacks that use unwitting, legitimate servers to flood a target. The attacker spoofs the target's address in legitimate s...
Erik Kline, Matt Beaumont-Gay, Jelena Mirkovic, Pe...
ACSAC
2009
IEEE
14 years 4 months ago
BAF: An Efficient Publicly Verifiable Secure Audit Logging Scheme for Distributed Systems
Audit logs, providing information about the current and past states of systems, are one of the most important parts of modern computer systems. Providing security for audit logs on...
Attila Altay Yavuz, Peng Ning
ACSAC
2009
IEEE
14 years 5 months ago
A Guided Tour Puzzle for Denial of Service Prevention
Abstract—Various cryptographic puzzle schemes are proposed as a defense mechanism against denial of service attack. But, all these puzzle schemes face a dilemma when there is a l...
Mehmud Abliz, Taieb Znati
ACSAC
2009
IEEE
14 years 7 months ago
Computer-Related Risk Futures
: This paper reflects on many risks in the development and use of computer-related systems. It considers past and future alternatives, suggests some remedial approaches, and offe...
Peter G. Neumann
ACSAC
2009
IEEE
14 years 7 months ago
Protecting Kernel Code and Data with a Virtualization-Aware Collaborative Operating System
Abstract—The traditional virtual machine usage model advocates placing security mechanisms in a trusted VM layer and letting the untrusted guest OS run unaware of the presence of...
Daniela Alvim Seabra de Oliveira, Shyhtsun Felix W...
ACSAC
2009
IEEE
14 years 7 months ago
Deploying and Monitoring DNS Security (DNSSEC)
—SecSpider is a DNSSEC monitoring system that helps identify operational errors in the DNSSEC deployment and discover unforeseen obstacles. It collects, verifies, and publishes ...
Eric Osterweil, Daniel Massey, Lixia Zhang