Privacy and Security (TOPS)


Search Issue
enter search term and/or author name


ACM Transactions on Information and System Security (TISSEC), Volume 15 Issue 2, July 2012

LOT: A Defense Against IP Spoofing and Flooding Attacks
Yossi Gilad, Amir Herzberg
Article No.: 6
DOI: 10.1145/2240276.2240277

We present LOT, a lightweight plug and play secure tunneling protocol deployed at network gateways. Two communicating gateways, A and B, running LOT would automatically detect each other and establish an efficient tunnel, securing communication...

Towards Practical Identification of HF RFID Devices
Boris Danev, Srdjan Capkun, Ramya Jayaram Masti, Thomas S. Benjamin
Article No.: 7
DOI: 10.1145/2240276.2240278

The deployment of RFID poses a number of security and privacy threats such as cloning, unauthorized tracking, etc. Although the literature contains many investigations of these issues on the logical level, few works have explored the security...

On Protection by Layout Randomization
Martín Abadi, Gordon D. Plotkin
Article No.: 8
DOI: 10.1145/2240276.2240279

Layout randomization is a powerful, popular technique for software protection. We present it and study it in programming-language terms. More specifically, we consider layout randomization as part of an implementation for a high-level programming...

BAF and FI-BAF: Efficient and Publicly Verifiable Cryptographic Schemes for Secure Logging in Resource-Constrained Systems
Attila A. Yavuz, Peng Ning, Michael K. Reiter
Article No.: 9
DOI: 10.1145/2240276.2240280

Audit logs are an integral part of modern computer systems due to their forensic value. Protecting audit logs on a physically unprotected machine in hostile environments is a challenging task, especially in the presence of active adversaries. It...

Corrective Enforcement: A New Paradigm of Security Policy Enforcement by Monitors
Raphaël Khoury, Nadia Tawbi
Article No.: 10
DOI: 10.1145/2240276.2240281

Runtime monitoring is an increasingly popular method to ensure the safe execution of untrusted codes. Monitors observe and transform the execution of these codes, responding when needed to correct or prevent a violation of a user-defined security...