Copyright © 1996 Institute of Electrical and Electronics Engineers. Reprinted from The Proceedings of the 1996 Symposium on Network and Distributed Systems Security.
This material is posted here with permission of the IEEE. Internal or personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution must be obtained from the IEEE by sending a blank email message to firstname.lastname@example.org
By choosing to view this document, you agree to all provisions of the copyright laws protecting it.
General Chair's Message
Program Chairs' Message
Privacy and Security Research Group
Session 1: Electronic Mail Security
Chair: Stephen T. Kent - BBN Corporation
Session 2: Distributed Object Systems
Chair: Danny M. Nessett - Sun Microsystems
Session 3: Distributed System Security
Chair: Michael Roe - University of Cambridge
Session 4: Panel - Intellectual Property
Moderator: Peter Neumann - SRI International (abstract)
Session 5: Network Security
Chair: Matt Bishop - University of California at Davis
Session 6: Key Management
Chair: Burton S. Kaliski, Jr. - RSA Laboratories
Session 7: Encryption
Chair: Aviel D. Rubin - Bellcore
Session 8: Panel - Public-Key
Moderator: Warwick Ford - Bell-Northern Research (abstract)
Welcome to the third annual ISOC Symposium on Network and Distributed System Security! Each year we seek to bring together researchers, implementors, and users of network and distributed system security facilities. This year our Program Committee has again done an outstanding job of selecting a mix of technical presentations and panel sessions to discuss and debate the issues we face today.
As we are all aware, the need for usable distributed system security mechanisms is growing rapidly, tracking the growth and utilization of the world-wide Internet. For a welcome change, the general awareness of and interest in security is growing significantly as well _ by commercial organizations, the media, and private citizens. More than ever before, organizations will be looking to you, the participants of this symposium, for both technical solutions to specific problems and advice for the emerging public policy debates.
I encourage you to take advantage of this Symposium to not only listen to the presentations but also share your own experiences and ideas with other attendees during the breaks and evening activities.
Many thanks are in order for the behind-the-scenes effort that has culminated in this symposium: Tom Hutton "secured" our new location at the Princess Resort; Donna Leggett has done a superb job in handling the increased registration activities; and Stephen Welke has brought our Proceedings into the electronic age! I also want to commend the Program Co-Chairs, David Balenson and Clifford Neuman, for their excellent work with the Program Committee for pulling together the excellent program in which you are about to participate. Without the hard work by all these folks, this symposium would not have been possible.
As always, I want to thank all the authors who submitted papers and the panelists who are participating by sharing their knowledge and experiences with us.
In the past year, the public has increasingly been urged to enter cyberspace and to use the Internet to obtain information from vendors, order products, and even bank from home. At the same time, businesses are being compelled to have a presence on the Internet, making information available to customers and other businesses. As a result, the need for network and distributed system security has grown dramatically.
Today we find that the individuals trying to breach the security of computer systems are using more sophisticated attacks, and because such attacks now can yield business data or result in financial transactions, these attacks have become more lucrative. While the computer security discipline once addressed mostly hypothetical threats, the press has recently taken notice when attacks known by practitioners for years were suddenly perpetrated against widely-used and heavily marketed products including web servers and browsers and network file systems.
There is good news and bad news regarding the state of Internet security. The good news is that most of the threats we are seeing have been known for some time, and we know how to protect against them. The bad news is that the solutions must still be integrated with applications, many of the solutions require a computer security infrastructure that is not widely available, and we have yet to see widespread deployment of computer security technologies.
The organizers of this symposium hope that the symposium will encourage the Internet community to deploy the available security technology and develop new technology in areas where it is lacking. In selecting papers and panels for the symposium, the program committee sought to bring together the papers that will have the greatest impact on the field by introducing new computer security technologies whether research prototypes or actual products, demonstrating the application of computer security technologies to Internet applications, and describing components of the computer security infrastructure.
By bringing together researchers and practitioners in the field we are confident that the symposium will have a positive impact on the state of Internet security. We encourage you, as a participant in this symposium, to use this opportunity to actively participate in the dialog. Ask questions of the speakers, raise your important issues during relevant panel sessions, and let others know of your requirements, observations, and experience in this important area.
Marina del Rey, California
James T. Ellis
CERT Coordination Center
Carnegie Mellon University
Trusted Information Systems
USC Information Sciences Institute
Stephen R. Welke
Institute for Defense Analyses
The Internet Society
Local Arrangements Chair
San Diego Supercomputer Center
Internet Research Task Force, Privacy and Security Research Group
Thomas A. Berson - Anagram Laboratories
Matt Bishop - University of California at Davis
Doug Engert - Argonne National Laboratory
Warwick Ford - Bell-Northern Research
Burton S. Kaliski, Jr. - RSA Laboratories
Stephen T. Kent - BBN Corporation
Paul A. Lambert - Oracle
John Linn - OpenVision Technologies
Teresa Lunt - Advanced Research Projects Agency
Danny M. Nessett - Sun Microsystems
Hilarie Orman - University of Arizona
Michael Roe - University of Cambridge
Robert Rosenthal - National Institute of Standards and Technology
Aviel D. Rubin - Bellcore
Jeffrey I. Schiller - Massachusetts Institute of Technology
Robert W. Shirey - BBN Corporation
Doug Tygar - Carnegie Mellon University
Roberto Zamparo - Telia Research
Carlisle Adams - Bell-Northern Research
William Burr - National Institute of Standards and Technology
Jan Carlsson - Telia Research
Trent Jaeger - University of Michigan
Stewart Kowalski - Telia Research
Tim Moses - Bell-Northern Research
Paul Van Oorschot - Bell-Northern Research
Rich Schroeppel - University of Arizona
Ola Sjögren - Telia Research
Richard Thomas - Bell-Northern Research
Jyri J. Virkki - Bellcore
Michael Wiener - Bell-Northern Research
Andrey Yeatts - University of Arizona
Stephen T. Kent
PSRG Committee Members
Trusted Information Systems
Burton S. Kaliski, Jr.
B. Clifford Neuman
Jeffrey I. Schiller
University of California, Davis
Russell D. Housley
Danny M. Nessett
Richard L. Parker, II
Adams, C. (IDUP and SPKM: Developing ...)
Agi, I. (An Empirical Study of Secure MPEG ...)
Badger, M.R. (Digital Signature Protection ...)
Bellovin, S.M. (A "Bump in the Stack" ...)
Cheriton, D.R. (Designing an Academic Firewall: ...)
Chuang, S-C. (A Case Study of Secure ATM ...)
Gong, L. (An Empirical Study of Secure MPEG ...)
Greenwald, M. (Designing an Academic Firewall: ...)
Gulcü, C. (Mixing E-mail ...)
Jaeger, T. (Preserving Integrity in ...)
Kaihara, S. (C-HTTP - The Development ...)
Kiuchi, T. (C-HTTP - The Development ...)
Krawczyk, H. (SKEME: A Versatile ...)
Murphy, S.L. (Digital Signature Protection ...)
Nahum, E. (Parallelized Network Security ...)
Neuman, B.C. (A Flexible Distributed ...)
O'Malley, S. (Parallelized Network Security ...)
Orman, H. (Parallelized Network Security ...)
Roe, M. (A Case Study of Secure ATM ...)
Rubin, A.D. (Preserving Integrity in ...)
Schroeppel, R. (Parallelized Network Security ...)
Singhal, S.K. (Designing an Academic Firewall: ...)
Sloman, M. (A Security Framework ...)
Stone, J.R. (Designing an Academic Firewall: ...)
Trostle, J.T. (A Flexible Distributed ...)
Tsudik, G. (Mixing E-mail ...)
Wagner, D.A. (A "Bump in the Stack" ...)
Yamamoto, K. (An Integration of ...)
Yates, D.J. (Parallelized Network Security ...)
Yialelis, N. (A Security Framework ...)
Return to the ISOC home page.
This page was last modified 17-January-1996.
Steve Welke (email@example.com)