ACM Transactions on Information and System Security (TISSEC)

2005

Editorial
by: Ravi S. Sandhu v. 8 i. 1 p. 1 - 1
Preface
by: Vijay Atluri v. 8 i. 1 p. 2 - 2
Randomized instruction set emulation
by: Elena Gabriela Barrantes, David H. Ackley, Stephanie Forrest, Darko Stefanovic v. 8 i. 1 p. 3 - 40
Establishing pairwise keys in distributed sensor networks
by: Donggang Liu, Peng Ning, Rongfang Li v. 8 i. 1 p. 41 - 77
Incentive-based modeling and inference of attacker intent, objectives, and strategies
by: Peng Liu, Wanyu Zang, Meng Yu v. 8 i. 1 p. 78 - 118
Modeling and assessing inference exposure in encrypted databases
by: Alberto Ceselli, Ernesto Damiani, Sabrina De Capitani di Vimercati, Sushil Jajodia, Stefano Paraboschi, Pierangela Samarati v. 8 i. 1 p. 119 - 152
Trusted paths for browsers
by: Zishuang (Eileen) Ye, Sean Smith, Denise Anthony v. 8 i. 2 p. 153 - 186
X-GTRBAC: an XML-based policy specification framework and architecture for enterprise-wide access control
by: Rafae Bhatti, Arif Ghafoor, Elisa Bertino, James Joshi v. 8 i. 2 p. 187 - 227
A pairwise key predistribution scheme for wireless sensor networks
by: Wenliang Du, Jing Deng, Yunghsiang S. Han, Pramod K. Varshney, Jonathan Katz, Aram Khalili v. 8 i. 2 p. 228 - 258

2004

Verifiable encryption of digital signatures and applications
by: Giuseppe Ateniese v. 7 i. 1 p. 1 - 20
Use of nested certificates for efficient, dynamic, and trust preserving public key infrastructure
by: Albert Levi, M. Ufuk Çaglayan, Çetin Kaya Koç v. 7 i. 1 p. 21 - 59
Tree-based group key agreement
by: Yongdae Kim, Adrian Perrig, Gene Tsudik v. 7 i. 1 p. 60 - 96
Crypto-based identifiers (CBIDs): Concepts and applications
by: Gabriel Montenegro, Claude Castelluccia v. 7 i. 1 p. 97 - 127
The UCONABC usage control model
by: Jaehong Park, Ravi S. Sandhu v. 7 i. 1 p. 128 - 174
Consistency analysis of authorization hook placement in the Linux security modules framework
by: Trent Jaeger, Antony Edwards, Xiaolan Zhang v. 7 i. 2 p. 175 - 205
Breaking and provably repairing the SSH authenticated encryption scheme: A case study of the Encode-then-Encrypt-and-MAC paradigm
by: Mihir Bellare, Tadayoshi Kohno, Chanathip Namprempre v. 7 i. 2 p. 206 - 241
Just fast keying: Key agreement in a hostile internet
by: William Aiello, Steven M. Bellovin, Matt Blaze, Ran Canetti, John Ioannidis, Angelos D. Keromytis, Omer Reingold v. 7 i. 2 p. 242 - 273
Techniques and tools for analyzing intrusion alerts
by: Peng Ning, Yun Cui, Douglas S. Reeves, Dingbang Xu v. 7 i. 2 p. 274 - 318
A key recovery attack on the 802.11b wired equivalent privacy protocol (WEP)
by: Adam Stubblefield, John Ioannidis, Aviel D. Rubin v. 7 i. 2 p. 319 - 332
The session token protocol for forensics and traceback
by: Brian Carrier, Clay Shields v. 7 i. 3 p. 333 - 362
Modular authorization and administration
by: Horst F. Wedde, Mario Lischka v. 7 i. 3 p. 363 - 391
An integrated approach to engineer and enforce context constraints in RBAC environments
by: Mark Strembeck, Gustaf Neumann v. 7 i. 3 p. 392 - 427
Content-triggered trust negotiation
by: Adam Hess, Jason Holt, Jared Jacobson, Kent E. Seamons v. 7 i. 3 p. 428 - 456
On the performance of group key agreement protocols
by: Yair Amir, Yongdae Kim, Cristina Nita-Rotaru, Gene Tsudik v. 7 i. 3 p. 457 - 488
The predecessor attack: An analysis of a threat to anonymous communications systems
by: Matthew Wright, Micah Adler, Brian Neil Levine, Clay Shields v. 7 i. 4 p. 489 - 522
A key-chain-based keying scheme for many-to-many secure group communication
by: Dijiang Huang, Deep Medhi v. 7 i. 4 p. 523 - 552
Client-side caching for TLS
by: Hovav Shacham, Dan Boneh, Eric Rescorla v. 7 i. 4 p. 553 - 575
Traducement: A model for record security
by: Tom Walcott, Matt Bishop v. 7 i. 4 p. 576 - 590
Hypothesizing and reasoning about attacks missed by intrusion detection systems
by: Peng Ning, Dingbang Xu v. 7 i. 4 p. 591 - 627

2003

Supporting structured credentials and sensitive policies through interoperable strategies for automated trust negotiation
by: Ting Yu, Marianne Winslett, Kent E. Seamons v. 6 i. 1 p. 1 - 42
On the relationship between strand spaces and multi-agent systems
by: Joseph Y. Halpern, Riccardo Pucella v. 6 i. 1 p. 43 - 70
A logical framework for reasoning about access control models
by: Elisa Bertino, Barbara Catania, Elena Ferrari, Paolo Perlasca v. 6 i. 1 p. 71 - 127
Delegation logic: A logic-based approach to distributed authorization
by: Ninghui Li, Benjamin N. Grosof, Joan Feigenbaum v. 6 i. 1 p. 128 - 171
BlueBoX: A policy-driven, host-based intrusion detection system
by: Suresh Chari, Pau-Chen Cheng v. 6 i. 2 p. 173 - 200
Administrative scope: A foundation for role-based administrative models
by: Jason Crampton, George Loizou v. 6 i. 2 p. 201 - 231
Access control with IBM Tivoli access manager
by: Günter Karjoth v. 6 i. 2 p. 232 - 257
Efficient multicast stream authentication using erasure codes
by: Jung Min Park, Edwin K. P. Chong, Howard Jay Siegel v. 6 i. 2 p. 258 - 285
A propositional policy algebra for access control
by: Duminda Wijesekera, Sushil Jajodia v. 6 i. 2 p. 286 - 325
Policy management using access control spaces
by: Trent Jaeger, Xiaolan Zhang, Fidel Cacheda v. 6 i. 3 p. 327 - 364
OCB: A block-cipher mode of operation for efficient authenticated encryption
by: Phillip Rogaway, Mihir Bellare, John Black v. 6 i. 3 p. 365 - 403
A rule-based framework for role-based delegation and revocation
by: Longhua Zhang, Gail-Joon Ahn, Bei-tseng Chu v. 6 i. 3 p. 404 - 441
Clustering intrusion detection alarms to support root cause analysis
by: Klaus Julisch v. 6 i. 4 p. 443 - 471
A secure and private system for subscription-based remote services
by: Pino Persiano, Ivan Visconti v. 6 i. 4 p. 472 - 500
Flexible access control policy specification with constraint logic programming
by: Steve Barker, Peter J. Stuckey v. 6 i. 4 p. 501 - 546
Public-key support for group collaboration
by: Carl M. Ellison, Steve Dohrmann v. 6 i. 4 p. 547 - 565
Certificate-based authorization policy in a PKI environment
by: Mary R. Thompson, Abdelilah Essiari, Srilekha Mudumbai v. 6 i. 4 p. 566 - 588

2002

An algebra for composing access control policies
by: Piero A. Bonatti, Sabrina De Capitani di Vimercati, Pierangela Samarati v. 5 i. 1 p. 1 - 35
Remus: a security-enhanced operating system
by: Massimo Bernaschi, Emanuele Gabrielli, Luigi V. Mancini v. 5 i. 1 p. 36 - 61
An authorization model for temporal and derived data: securing information portals
by: Vijayalakshmi Atluri, Avigdor Gal v. 5 i. 1 p. 62 - 94
Trust management for IPsec
by: Matt Blaze, John Ioannidis, Angelos D. Keromytis v. 5 i. 2 p. 95 - 118
An algebraic approach to IP traceback
by: Drew Dean, Matthew K. Franklin, Adam Stubblefield v. 5 i. 2 p. 119 - 137
Termination in language-based systems
by: Algis Rudys, Dan S. Wallach v. 5 i. 2 p. 138 - 168
A fine-grained access control system for XML documents
by: Ernesto Damiani, Sabrina De Capitani di Vimercati, Stefano Paraboschi, Pierangela Samarati v. 5 i. 2 p. 169 - 202
Simple, state-based approaches to program-based anomaly detection
by: C. C. Michael, Anup K. Ghosh v. 5 i. 3 p. 203 - 237
Token-based scanning of source code for security problems
by: John Viega, J. T. Bloch, Tadayoshi Kohno, Gary McGraw v. 5 i. 3 p. 238 - 261
Information leakage from optical emanations
by: Joe Loughry, David A. Umphress v. 5 i. 3 p. 262 - 289
Secure and selective dissemination of XML documents
by: Elisa Bertino, Elena Ferrari v. 5 i. 3 p. 290 - 331
A graph-based formalism for RBAC
by: Manuel Koch, Luigi V. Mancini, Francesco Parisi-Presicce v. 5 i. 3 p. 332 - 365
User authentication through keystroke dynamics
by: Francesco Bergadano, Daniele Gunetti, Claudia Picardi v. 5 i. 4 p. 367 - 397
Improving the granularity of access control for Windows 2000
by: Michael M. Swift, Anne Hopkins, Peter Brundrett, Cliff Van Dyke, Praerit Garg, Shannon Chan, Mario Goertzel, Gregory Jensenworth v. 5 i. 4 p. 398 - 437
The economics of information security investment
by: Lawrence A. Gordon, Martin P. Loeb v. 5 i. 4 p. 438 - 457
A methodology for analyzing the performance of authentication protocols
by: Alan Harbitter, Daniel A. Menascé v. 5 i. 4 p. 458 - 491
A model of OASIS role-based access control and its support for active security
by: Jean Bacon, Ken Moody, Walt Yao v. 5 i. 4 p. 492 - 540

2001

Real-time protocol analysis for detecting link-state routing protocol attacks
by: Ho-Yen Chang, Shyhtsun Felix Wu, Y. Frank Jou v. 4 i. 1 p. 1 - 36
Role-based access control on the web
by: Joon S. Park, Ravi S. Sandhu, Gail-Joon Ahn v. 4 i. 1 p. 37 - 71
Cost profile of a highly assured, secure operating system
by: Richard E. Smith v. 4 i. 1 p. 72 - 101
Secure virtual enclaves: Supporting coalition use of distributed application technologies
by: Deborah Shands, Jay Jacobs, Richard Yee, E. John Sebes v. 4 i. 2 p. 103 - 133
Secure password-based cipher suite for TLS
by: Michael Steiner, Peter Buhler, Thomas Eirich, Michael Waidner v. 4 i. 2 p. 134 - 157
Practical safety in flexible access control models
by: Trent Jaeger, Jonathon Tidswell v. 4 i. 2 p. 158 - 190
TRBAC: A temporal role-based access control model
by: Elisa Bertino, Piero A. Bonatti, Elena Ferrari v. 4 i. 3 p. 191 - 233
Proposed NIST standard for role-based access control
by: David F. Ferraiolo, Ravi S. Sandhu, Serban I. Gavrila, D. Richard Kuhn, Ramaswamy Chandramouli v. 4 i. 3 p. 224 - 274
An unknown key-share attack on the MQV key agreement protocol
by: Burton S. Kaliski Jr. v. 4 i. 3 p. 275 - 288
The architecture and performance of security protocols in the ensemble group communication system: Using diamonds to guard the castle
by: Ohad Rodeh, Kenneth P. Birman, Danny Dolev v. 4 i. 3 p. 289 - 319
A nested transaction model for multilevel secure database management systems
by: Elisa Bertino, Barbara Catania, Elena Ferrari v. 4 i. 4 p. 321 - 370
The SecureRing group communication system
by: Kim Potter Kihlstrom, Louise E. Moser, P. M. Melliar-Smith v. 4 i. 4 p. 371 - 406
Abstraction-based intrusion detection in distributed environments
by: Peng Ning, Sushil Jajodia, Xiaoyang Sean Wang v. 4 i. 4 p. 407 - 452
An authorization model for a public key management service
by: Pierangela Samarati, Michael K. Reiter, Sushil Jajodia v. 4 i. 4 p. 453 - 482

2000

Balancing cooperation and risk in intrusion detection
by: Deborah A. Frincke v. 3 i. 1 p. 1 - 29
Enforceable security policies
by: Fred B. Schneider v. 3 i. 1 p. 30 - 50
Reflection as a mechanism for software integrity verification
by: Diomidis Spinellis v. 3 i. 1 p. 51 - 62
Xor-trees for efficient anonymous multicast and reception
by: Shlomi Dolev, Rafail Ostrovsky v. 3 i. 2 p. 63 - 84
Configuring role-based access control to enforce mandatory and discretionary access control policies
by: Sylvia L. Osborn, Ravi S. Sandhu, Qamar Munawer v. 3 i. 2 p. 85 - 106
Key management for encrypted broadcast
by: Avishai Wool v. 3 i. 2 p. 107 - 134
Scalable multicast security with dynamic recipient groups
by: Refik Molva, Alain Pannetrat v. 3 i. 3 p. 136 - 160
Signature schemes based on the strong RSA assumption
by: Ronald Cramer, Victor Shoup v. 3 i. 3 p. 161 - 185
The base-rate fallacy and the difficulty of intrusion detection
by: Stefan Axelsson v. 3 i. 3 p. 186 - 205
Role-based authorization constraints specification
by: Gail-Joon Ahn, Ravi S. Sandhu v. 3 i. 4 p. 207 - 226
A framework for constructing features and models for intrusion detection systems
by: Wenke Lee, Salvatore J. Stolfo v. 3 i. 4 p. 227 - 261
Testing Intrusion detection systems: a critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln Laboratory
by: John McHugh v. 3 i. 4 p. 262 - 294

1999

Editorial
by: Ravi S. Sandhu v. 2 i. 1 p. 1 - 2
The Role Graph Model and Conflict of Interest
by: Matunda Nyanchama, Sylvia L. Osborn v. 2 i. 1 p. 3 - 33
A Role-Based Access Control Model and Reference Implementation within a Corporate Intranet
by: David F. Ferraiolo, John F. Barkley, D. Richard Kuhn v. 2 i. 1 p. 34 - 64
The Specification and Enforcement of Authorization Constraints in Workflow Management Systems
by: Elisa Bertino, Elena Ferrari, Vijayalakshmi Atluri v. 2 i. 1 p. 65 - 104
The ARBAC97 Model for Role-Based Administration of Roles
by: Ravi S. Sandhu, Venkata Bhamidipati, Qamar Munawer v. 2 i. 1 p. 105 - 135
Authentication Metric Analysis and Design
by: Michael K. Reiter, Stuart G. Stubblebine v. 2 i. 2 p. 138 - 158
Secure Audit Logs to Support Computer Forensics
by: Bruce Schneier, John Kelsey v. 2 i. 2 p. 159 - 176
Flexible Control of Downloaded Executable Content
by: Trent Jaeger, Atul Prakash, Jochen Liedtke, Nayeem Islam v. 2 i. 2 p. 177 - 228
Public-Key Cryptography and Password Protocols
by: Shai Halevi, Hugo Krawczyk v. 2 i. 3 p. 230 - 268
Design of a High-Performance ATM Firewall
by: Jun Xu, Mukesh Singhal v. 2 i. 3 p. 269 - 294
Temporal Sequence Learning and Data Reduction for Anomaly Detection
by: Terran Lane, Carla E. Brodley v. 2 i. 3 p. 295 - 331
Inductive Analysis of the Internet Protocol TLS
by: Lawrence C. Paulson v. 2 i. 3 p. 332 - 351
Unlinkable serial transactions: protocols and applications
by: Stuart G. Stubblebine, Paul F. Syverson, David M. Goldschlag v. 2 i. 4 p. 354 - 389
On secure and pseudonymous client-relationships with multiple servers
by: Eran Gabber, Phillip B. Gibbons, David M. Kristol, Yossi Matias, Alain J. Mayer v. 2 i. 4 p. 390 - 415
Strength of two data encryption standard implementations under timing attacks
by: Alejandro Hevia, Marcos A. Kiwi v. 2 i. 4 p. 416 - 437

1998

Editorial
by: Ravi S. Sandhu v. 1 i. 1 p. 1 - 2
High Dictionary Compression for Proactive Password Checking
by: Francesco Bergadano, Bruno Crispo, Giancarlo Ruffo v. 1 i. 1 p. 3 - 25
Exception-Based Information Flow Control in Object-Oriented Systems
by: Elisa Bertino, Sabrina De Capitani di Vimercati, Elena Ferrari, Pierangela Samarati v. 1 i. 1 p. 26 - 65
Crowds: Anonymity for Web Transactions
by: Michael K. Reiter, Aviel D. Rubin v. 1 i. 1 p. 66 - 92
The Multilevel Relational (MLR) Data Model
by: Ravi S. Sandhu, Fang Chen v. 1 i. 1 p. 93 - 132