Comp 620: Seminar in Secure Systems

Physical Security

Anderson 96

Ross J. Anderson and Markus G. Kuhn.
Tamper resistance - a cautionary note.
In The Second USENIX Workshop on Electronic Commerce Proceedings, pages 1-11, Oakland, California, November 1996.
See also, Low Cost Attacks on Tamper Resistant Devices by the same authors. The first paper has some nice color pictures.

Kuhn 98

Markus G. Kuhn and Ross J. Anderson.
Soft tempest: Hidden data transmission using electromagnetic emanations.
In Second Workshop on Information Hiding, Portland, Oregon, April 1998.

Various Attacks

Eichin 88

Mark W. Eichin and Jon A. Rochlis.
With microscope and tweezers: An analysis of the Internet virus of November 1988.
In Proceedings of the 1989 IEEE Symposium on Security and Privacy, pages 326-343, Oakland, California, May 1989.

Farmer 93

Dan Farmer and Wietse Venema.
Improving the security of your site by breaking into it.
December 1993.
Describes SATAN - Security Administrator's Tool for Analyzing Networks

Bellovin 95

Steven M. Bellovin.
Using the Domain Name System for system break-ins.
In Proceedings of the Fifth Usenix UNIX Security Symposium, pages 199-208, Salt Lake City, Utah, June 1995. Usenix.

Goldberg 96

Ian Goldberg and David Wagner.
Randomness and the Netscape browser.
Dr. Dobb's Journal, January 1996.

Security Basics

Lampson 71

Butler W. Lampson.
Protection.
In Proceedings of the Fifth Princeton Symposium on Information Sciences and Systems, pages 437-443, Princeton University, March 1971.
Reprinted in Operating Systems Review, 8 1 (Jan. 1974), pp. 18-24.

Lampson 73

Butler W. Lampson.
A note on the confinement problem.
Communications of the ACM, 16(10):613-615, October 1973.
Lampson has written a number of other great security-relevant papers, and he's got most of them online now.

Saltzer 75

The protection of information in computer systems. Jerome H. Saltzer and Michael D. Schroeder. Proceedings of the IEEE 63, 9 (September, 1975) pages 1278-1308.

Landwehr 81

Carl E. Landwehr.
Formal models for computer security.
Computing Surveys, 13(3):247-278, September 1981.

Security Policies

Bell 76

D. Elliot Bell and Leonard J. LaPadula.
Secure computer system: Unified exposition and Multics interpretation.
Technical Report MTR-2997 Rev. 1, MITRE Corporation, March 1976.
Earlier papers by the same authors, "reconstructed" with Microsoft Word.

Brewer 82

David F. C. Brewer and Michael J. Nash.
The Chinese wall security policy.
In Proceedings of the 1989 IEEE Symposium on Security and Privacy, pages 206-214, Oakland, California, May 1989.

Goguen 82

Joseph A. Goguen and José Meseguer.
Security policies and security models.
In Proceedings of the 1982 IEEE Symposium on Security and Privacy, pages 11-20, Oakland, California, May 1982.

Passwords

Morris 79

Robert Morris and Ken Thompson.
Password security: A case history.
Communications of the ACM, 22(11):594-597, November 1979.

Thompson 84

Ken Thompson.
Reflections on trusting trust.
Communication of the ACM, 27(8): 761-763, August 1984.

Haller 94

Neil Haller.
The S/Key one-time password system.
In Proceedings of the ISOC Symposium on Network and Distributed System Security, San Diego, California, February 1994. The Internet Society.

Capabilities

Wulf 74

W. Wulf, E. Cohen, W. Corwin, A. Jones, R. Levin, C. Pierson, and F. Pollack.
HYDRA: The kernel of a multiprocessor operating system.
Communications of the ACM, 17(6):337-345, June 1974.

Hardy 85

Norman Hardy.
KeyKOS architecture.
ACM Operating Systems Review, 19(4):8-25, October 1985.

Karger 87

Paul A. Karger.
Limiting the damage potential of discretionary trojan horses.
In Proceedings of the 1987 IEEE Symposium on Security and Privacy, pages 32-37, Oakland, California, May 1987.

Kain 87

Richard Y. Kain and Carl E. Landwehr.
On access checking in capability-based systems.
IEEE Transactions on Software Engineering, SE-13(2):202-207, February 1987.

Networking / Network Objects

Needham 78

Roger M. Needham and Michael D. Schroeder.
Using encryption for authentication in large networks of computers.
Communications of the ACM, 21(12):993-999, December 1978.

Rushby 81

John M. Rushby.
Design and verification of secure systems.
In Proceedings of the Eighth ACM Symposium on Operating Systems Principles, pages 12-21, December 1981.

Tanenbaum 86

Andrew S. Tanenbaum, Sape J. Mullender, and Robbert van Renesse.
Using sparse capabilities in a distributed operating system.
In 6th International Conference on Distributed Computing Systems, pages 558-563, Cambridge, Massachusetts, May 1986.

Lampson 92

Butler Lampson, Martín Abadi, Michael Burrows, and Edward Wobber.
Authentication in distributed systems: Theory and practice.
ACM Transactions on Computer Systems, 10(4):265-310, November 1992.

Deng 95

Robert H. Deng, Shailendra K. Bhonsle, Weiguo Wang, and Aurel A. Lazar.
Integrating security in CORBA based object architectures.
In Proceedings of the 1995 IEEE Symposium on Security and Privacy, pages 50-61, Oakland, California, May 1995.

van Doorn 96

Leendert van Doorn, Martín Abadi, Michael Burrows, and Edward Wobber.
Secure network objects.
In Proceedings of the 1996 IEEE Symposium on Security and Privacy, Oakland, California, May 1996.

Java

Dean 97a

Drew Dean, Edward W. Felten, Dan S. Wallach, and Dirk Balfanz.
Java security: Web browsers and beyond.
In Dorothy E. Denning and Peter J. Denning, editors, Internet Besieged: Countering Cyberspace Scofflaws, pages 241-269. ACM Press, New York, New York, October 1997.

Martin 97

David M. Martin Jr., Sivaramakrishnan Rajagopalan, and Aviel D. Rubin.
Blocking Java applets at the firewall.
In Internet Society Symposium on Network and Distributed System Security (NDSS '97), San Diego, California, 1997.

Wallach 97

Dan S. Wallach, Dirk Balfanz, Drew Dean, and Edward W. Felten,
Extensible Security Architectures for Java.
Technical Report 546-97, Department of Computer Science, Princeton University, April 1997.
(a more recent draft will likely be handed out)

Dean 97b

Drew Dean.
The Security of Static Typing with Dynamic Linking.
Proceedings of the Fourth ACM Conference on Computer and Communications Security, April 1997.

Malkhi 98

Dahlia Malkhi, Michael Reiter, and Avi Rubin.
The design and implementation of a Java playground.
In Proceedings of the 1998 IEEE Symposium on Security and Privacy, pages 40-51, Oakland, California, May 1998.

Hawblitzel 98

Chris Hawblitzel, Chi-Chao Chang, Grzegorz Czajkowski, Deyu Hu, and Thorsten von Eicken.
Implementing multiple protection domains in Java.
In USENIX Annual Technical Conference, New Orleans, Louisiana, June 1998. USENIX.

Myers 98

Andrew C. Myers and Barbara Liskov.
Complete, safe information flow with decentralized labels.
In Proceedings of the 1998 IEEE Symposium on Security and Privacy, pages 186-197, Oakland, California, May 1998.

Back 98

Godmar Back, Patrick Tullman, Leigh Stoller, Wilson C. Hseih, and Jay Lepreau.
Java operating systems: Design and implementation.
Technical Report UUCS-98-015, University of Utah, August 1998.

Sirer 98

Emin G. Sirer, Robert Grimm, Brian N. Bershad, Arthur J. Gregory, and Sean McDirmid.
Distributed virtual machines: A system architecture for network computing.
In Eighth ACM SIGOPS European Workshop, September 1998.

Mobile Code (in general)

Wahbe 93

R. Wahbe, S. Lucco, T. Anderson and S. Graham.
Efficient Software-Based Fault Isolation.
Proc. Fourteenth ACM Symposium on Operating System Principles pp. 203--216, 1993.

Bershad 95

Brian Bershad, Stefan Savage, Przemyslaw Pardyak, Emin G. Sirer, David Becker, Marc Fiuczynski, Craig Chambers, Susan Eggers.
Extensibility, Safety and Performance in the SPIN Operating System.
Proceedings of the 15th ACM Symposium on Operating System Principles (SOSP-15), pp. 267--284, 1995.

Necula 97

George C. Necula.
Proof-Carrying Code.
Conference Record of POPL '97: The 24th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pp. 106-119, January 1997.
Several other interesting papers about proof carrying code are also available.

Other Resources