Privacy and Security (TOPS)


Search Issue
enter search term and/or author name


ACM Transactions on Information and System Security (TISSEC), Volume 6 Issue 4, November 2003

Clustering intrusion detection alarms to support root cause analysis
Klaus Julisch
Pages: 443-471
DOI: 10.1145/950191.950192
It is a well-known problem that intrusion detection systems overload their human operators by triggering thousands of alarms per day. This paper presents a new approach for handling intrusion detection alarms more efficiently. Central to this...

A secure and private system for subscription-based remote services
Pino Persiano, Ivan Visconti
Pages: 472-500
DOI: 10.1145/950191.950193
In this paper we study privacy issues regarding the use of the SSL/TLS protocol and X.509 certificates. Our main attention is placed on subscription-based remote services (e.g., subscription to newspapers and databases) where the service manager...

Flexible access control policy specification with constraint logic programming
Steve Barker, Peter J. Stuckey
Pages: 501-546
DOI: 10.1145/950191.950194
We show how a range of role-based access control (RBAC) models may be usefully represented as constraint logic programs, executable logical specifications. The RBAC models that we define extend the "standard" RBAC models that are described by Sandhu...

Public-key support for group collaboration
Carl Ellison, Steve Dohrmann
Pages: 547-565
DOI: 10.1145/950191.950195
This paper characterizes the security of group collaboration as being a product not merely of cryptographic algorithms and coding practices, but also of the man-machine process of group creation. We show that traditional security mechanisms do not...

Certificate-based authorization policy in a PKI environment
Mary R. Thompson, Abdelilah Essiari, Srilekha Mudumbai
Pages: 566-588
DOI: 10.1145/950191.950196
The major emphasis of public key infrastructure has been to provide a cryptographically secure means of authenticating identities. However, procedures for authorizing the holders of these identities to perform specific actions still need additional...