Sciweavers

CCS
2004
ACM
14 years 2 months ago
Synthesising verified access control systems in XACML
Nan Zhang 0003, Mark Ryan, Dimitar P. Guelev
CCS
2004
ACM
14 years 2 months ago
A PIN-entry method resilient against shoulder surfing
Magnetic stripe cards are in common use for electronic payments and cash withdrawal. Reported incidents document that criminals easily pickpocket cards or skim them by swiping the...
Volker Roth, Kai Richter, Rene Freidinger
CCS
2004
ACM
14 years 2 months ago
Group signatures with verifier-local revocation
Group signatures have recently become important for enabling privacy-preserving attestation in projects such as Microsoft's ngscb effort (formerly Palladium). Revocation is c...
Dan Boneh, Hovav Shacham
CCS
2004
ACM
14 years 4 months ago
Cryptanalysis of a provably secure CRT-RSA algorithm
We study a countermeasure proposed to protect Chinese remainder theorem (CRT) computations for RSA against fault attacks. The scheme was claimed to be provably secure. However, we...
David Wagner
CCS
2004
ACM
14 years 4 months ago
Comparing the expressive power of access control models
Comparing the expressive power of access control models is recognized as a fundamental problem in computer security. Such comparisons are generally based on simulations between di...
Mahesh V. Tripunitara, Ninghui Li
CCS
2004
ACM
14 years 4 months ago
Payload attribution via hierarchical bloom filters
Payload attribution is an important problem often encountered in network forensics. Given an excerpt of a payload, finding its source and destination is useful for many security ...
Kulesh Shanmugasundaram, Hervé Brönnim...
CCS
2004
ACM
14 years 4 months ago
Testing network-based intrusion detection signatures using mutant exploits
Misuse-based intrusion detection systems rely on models of attacks to identify the manifestation of intrusive behavior. Therefore, the ability of these systems to reliably detect ...
Giovanni Vigna, William K. Robertson, Davide Balza...
CCS
2004
ACM
14 years 4 months ago
On the effectiveness of address-space randomization
Address-space randomization is a technique used to fortify systems against bu er over ow attacks. The idea is to introduce arti cial diversity by randomizing the memory location o...
Hovav Shacham, Matthew Page, Ben Pfaff, Eu-Jin Goh...
CCS
2004
ACM
14 years 4 months ago
Private inference control
Access control can be used to ensure that database queries pertaining to sensitive information are not answered. This is not enough to prevent users from learning sensitive inform...
David P. Woodruff, Jessica Staddon
CCS
2004
ACM
14 years 4 months ago
Attestation-based policy enforcement for remote access
Intranet access has become an essential function for corporate users. At the same time, corporation’s security administrators have little ability to control access to corporate ...
Reiner Sailer, Trent Jaeger, Xiaolan Zhang, Leende...