ACM DL

Privacy and Security (TOPS)

Menu

Search Issue
enter search term and/or author name

Archive


ACM Transactions on Information and System Security (TISSEC), Volume 5 Issue 3, August 2002

Simple, state-based approaches to program-based anomaly detection
C. C. Michael, Anup Ghosh
Pages: 203-237
DOI: 10.1145/545186.545187
This article describes variants of two state-based intrusion detection algorithms from Michael and Ghosh [2000] and Ghosh et al. [2000], and gives experimental results on their performance. The algorithms detect anomalies in execution audit data. One...

Token-based scanning of source code for security problems
John Viega, J. T. Bloch, Tadayoshi Kohno, Gary McGraw
Pages: 238-261
DOI: 10.1145/545186.545188
We describe ITS4, a tool for statically scanning C and C++ source code for security vulnerabilities. Compared to other approaches, our scanning technique stakes out a new middle ground between accuracy and efficiency. This method is efficient...

Information leakage from optical emanations
Joe Loughry, David A. Umphress
Pages: 262-289
DOI: 10.1145/545186.545189
A previously unknown form of compromising emanations has been discovered. LED status indicators on data communication equipment, under certain conditions, are shown to carry a modulated optical signal that is significantly correlated with information...

Secure and selective dissemination of XML documents
Elisa Bertino, Elena Ferrari
Pages: 290-331
DOI: 10.1145/545186.545190
XML (eXtensible Markup Language) has emerged as a prevalent standard for document representation and exchange on the Web. It is often the case that XML documents contain information of different sensitivity degrees that must be selectively...

A graph-based formalism for RBAC
Manuel Koch, Luigi V. Mancini, Francesco Parisi-Presicce
Pages: 332-365
DOI: 10.1145/545186.545191
Role-Based Access Control (RBAC) is supported directly or in a closely related form, by a number of products. This article presents a formalization of RBAC using graph transformations that is a graphical specification technique based on a...