Privacy and Security (TOPS)


Search Issue
enter search term and/or author name


ACM Transactions on Information and System Security (TISSEC), Volume 6 Issue 2, May 2003

BlueBoX: A policy-driven, host-based intrusion detection system
Suresh N. Chari, Pau-Chen Cheng
Pages: 173-200
DOI: 10.1145/762476.762477
Detecting attacks against systems has, in practice, largely been delegated to sensors, such as network intrustion detection systems. However, due to the inherent limitations of these systems and the increasing use of encryption in communication,...

Administrative scope: A foundation for role-based administrative models
Jason Crampton, George Loizou
Pages: 201-231
DOI: 10.1145/762476.762478
We introduce the concept of administrative scope in a role hierarchy and demonstrate that it can be used as a basis for role-based administration. We then develop a family of models for role hierarchy administration (RHA) employing administrative...

Access control with IBM Tivoli access manager
Günter Karjoth
Pages: 232-257
DOI: 10.1145/762476.762479
Web presence has become a key consideration for the majority of companies and other organizations. Besides being an essential information delivery tool, the Web is increasingly being regarded as an extension of the organization itself, directly...

Efficient multicast stream authentication using erasure codes
Jung Min Park, Edwin K. P. Chong, Howard Jay Siegel
Pages: 258-285
DOI: 10.1145/762476.762480
We describe a novel method for authenticating multicast packets that is robust against packet loss. Our focus is to minimize the size of the communication overhead required to authenticate the packets. Our approach is to encode the hash values and...

A propositional policy algebra for access control
Duminda Wijesekera, Sushil Jajodia
Pages: 286-325
DOI: 10.1145/762476.762481
Security-sensitive environments protect their information resources against unauthorized use by enforcing access control mechanisms driven by access control policies. Due to the need to compare, contrast, and compose such protected information...