ACM DL

Privacy and Security (TOPS)

Menu

Search Issue
enter search term and/or author name

Archive


ACM Transactions on Information and System Security (TISSEC), Volume 7 Issue 3, August 2004

The session token protocol for forensics and traceback
Brian Carrier, Clay Shields
Pages: 333-362
DOI: 10.1145/1015040.1015041
In this paper we present the Session Token Protocol (STOP), a new protocol that can assist in the forensic analysis of a computer involved in malicious network activity. It has been designed to help automate the process of tracing attackers who log...

Modular authorization and administration
Horst F. Wedde, Mario Lischka
Pages: 363-391
DOI: 10.1145/1015040.1015042
In large organizations the administration of access privileges (such as the assignment of access rights to a user in a particular role) is handled cooperatively through distributed administrators in various different capacities. A quorum may be...

An integrated approach to engineer and enforce context constraints in RBAC environments
Mark Strembeck, Gustaf Neumann
Pages: 392-427
DOI: 10.1145/1015040.1015043
We present an approach that uses special purpose role-based access control (RBAC) constraints to base certain access control decisions on context information. In our approach a context constraint is defined as a dynamic RBAC constraint that...

Content-triggered trust negotiation
Adam Hess, Jason Holt, Jared Jacobson, Kent E. Seamons
Pages: 428-456
DOI: 10.1145/1015040.1015044
The focus of access control in client/server environments is on protecting sensitive server resources by determining whether or not a client is authorized to access those resources. The set of resources is usually static, and an access control policy...

On the performance of group key agreement protocols
Yair Amir, Yongdae Kim, Cristina Nita-Rotaru, Gene Tsudik
Pages: 457-488
DOI: 10.1145/1015040.1015045
Group key agreement is a fundamental building block for secure peer group communication systems. Several group key management techniques were proposed in the last decade, all assuming the existence of an underlying group communication infrastructure...