|
|
Reading List -
print $course_and_sem ?>
|
|
(The paper list is subject to change! Please check regularly for
additions/deletions during the semester.)
|
|
Cryptography
|
- [Garfinkel04a]
Simson Garfinkel.
Is Encryption Doomed?
Technology Review (MIT's Magazine of Innovation), September 2004.
ACM/IEEE Transactions on Networking, 9(3), June 2001.
| |
Key Management
|
- [Needham78a]
R. M. Needham and M. D. Schroeder.
Using Encryption for Authentication in Large Networks of Computers.
Communications of the ACM, Vol. 21, No. 12, pages 993-999 , December 1978.
- [Lamport81a]
L. Lamport.
Password Authentication with Insecure Communication.
Communications of the ACM, Vol. 24, No. 11, pages 770-772 , November 1981.
- [Rafaeli03a]
S. Rafaeli and D. Hutchison.
A Survey of Key Management for Secure Group Communication.
ACM Computing Surveys, Vol. 35, No. 3, pages 309-329, September 2003.
| |
Authentication
|
- [Neuman94a]
B. C. Neuman and T. Ts'o.
Kerberos: An Authentication Service for Computer Networks.
IEEE Communications Magazine, Vol. 32, No. 9, pages 33-38, September 1994.
- [Neuman93a]
B. C. Neuman and S. G. Stubblebine.
A note on the use of timestamps as nonces.
ACM SIGOPS Operating Systems Review, Vol. 27, No. 2, pages 10-14,
April 1993.
- [Freitas04a]
S. de Freitas and M. Levene.
Spam on the internet: Is it here to stay or can it be eradicated?
JISC Technology and Standards Watch Reports, TSW 04-01, 2004.
- [Kormann00a]
D. P. Kormann and A. D. Rubin.
Risks of the Passport single signon protocol.
Computer Networks, Elsevier Science Press, Vol. 33, pages 51-58, 2000.
| |
Authorization and Policy
|
- [Barkley97a]
J. Barkley.
Comparing Simple Role Based Access Control Models and Access
Control Lists.
Proceedings of the 2nd ACM Workshop on Role-based Access Control,
pages 127-132, Fairfax, VA, August 1997.
| |
Intrusion Prevention, Detection,
and Response
|
- [Aslam96a]
T. Aslam, I. Krsul, and E. Spafford.
Use of a Taxonomy of Security Faults.
Proceedings of the 19th NIST-NCSC National Information Systems Security
Conference, September 1996.
- [Ko94a]
C. Ko, G. Fink, K. Levitt.
Automated Detection of Vulnerabilities in Privileged Programs
by Execution Monitoring.
Proceedings of the 10th Annual Computer Security Applications Conference,
pages 134-144, Orlando, FL, December 1994.
- [Anderson95a]
D. Anderson, T. Frivold, and A. Valdes.
Next-generation Intrusion Detection Expert System (NIDES) --
A Summary.
SRI-CSL-95-07, SRI International, Menlo Park, CA, May 1995.
Supplementary
- [Yegneswaran03a]
V. Yegneswaran, P. Barford, and J. Ullrich.
Internet Intrusions: Global Characteristics and Prevalence.
In Proceedings of the 2003 ACM SIGMETRICS, pages 138-147, 2003.
- [Moore01a]
D. Moore, G. Voelker, S. Savage.
Inferring Internet Denial-of-Service Activity.
In proceedings of the 2001 USENIX Security Symposium, pages 9-22, 2001.
- [Hussain03b]
A. Hussain, J. Heidemann, and C. Papadopoulos.
A Framework for Classifying Denial of Service Attacks.
In proceedings of SIGCOMM 2003, Karlsruhe, Germany, August 2003.
- [Savage01a]
S. Savage, D. Wetherall, A. Karlin, and T. Anderson.
Network Support for IP Traceback.
ACM/IEEE Transactions on Networking, 9(3), June 2001.
| |
Wireless
|
- [Xydis02a]
T. G. Xydis and S. Blake-Wilson.
Security Comparisons: Bluetooth Communications vs. 802.11.
White paper, November 2001, February 2002 (revised).
Supplementary
- [Berghel04a]
H. Berghel.
Wireless Infidelity I: War Driving.
Communications of the ACM, Volume 47, Issue 9, pages 21-26, September 2004.
- [Berghel04b]
H. Berghel and J. Uecker.
Wireless Infidelity II: Airjacking.
Communications of the ACM, Volume 47, Issue 12, pages 15-20, December 2004.
- [Fluhrer01a]
S. Fluhrer, I. Mantin, and A. Shamir.
Weaknesses in the Key Scheduling Algorithm of RC4.
Proceedings of the 8th Workshop on Selected Areas in Cryptography,
LNCS 2259. Springer-Verlag, 2001.
| |
Scalable Upload
|
- [Cheng01a]
W. C. Cheng, C.-F. Chou, L. Golubchik, and S. Khuller.
A Secure and Scalable Wide-Area Upload Service.
In Proceedings of the 2nd International Conference on Internet Computing,
Vol. 2, pages 733-739, Las Vegas, Nevada, June 25-28, 2001.
Supplementary
- [Bhattacharjee00a]
B. Bhattacharjee, W. C. Cheng, C.-F. Chou, L. Golubchik, and S. Khuller.
Bistro: a Platform for Building Scalable Wide-Area Upload
Applications.
In Performance Evaluation Review (also presented at the Workshop
on Performance and Architecture of Web Servers (PAWS) in June 2000),
Vol. 28, No. 2, pages 29-35, September, 2000.
| |
Privacy
|
- [Cheng04a]
W. C. Cheng, L. Golubchik, and D. G. Kay.
Total Recall: Are Privacy Changes Inevitable?
In Proceedings of the First ACM Workshop on Continuous Archival and
Retrieval of Personal Experiences, New York, New York, October 15th 2004.
Supplementary
- [Kumagai04a]
J. Kumagai and S. Cherry.
Sensors and Sensibility.
IEEE Spectrum, pages 22-28, July 2004.
- [Goldstein04a]
H. Goldstein.
We Like to Watch.
IEEE Spectrum, pages 30-34, July 2004.
- [Vinge04a]
V. Vinge.
Synthetic Serendipity.
IEEE Spectrum, pages 35-44, July 2004.
- [Goldstein04b]
H. Goldstein.
Mike Villas's World.
IEEE Spectrum, pages 45-48, July 2004.
| |
|