NDSS'98

HOME

1998 Network and Distributed System Security
(NDSS'98) Symposium

HOME

Hypermedia Proceedings


Table of Contents

Copyright © 1998 by the Internet Society. All rights reserved. By choosing to view this document, you agree to all provisions of the copyright laws protecting it.

General Chair's Message
Program Chairs' Message
Organizing Committee
Program Committee
Privacy and Security Research Group
Author Index

SESSION 1: INTERNET AND INTRANET
Chair: Stephen T. Kent - BBN Technologies

  1. Enabling the Internet White Pages Service - the Directory Guardian
    D.W. Chadwick and A.J. Young (slides)
  2. The Multilayer Firewall
    D. Nessett and P. Humenn (slides)
  3. Efficient Protocols for Signing Routing Messages
    K. Zhang (slides)

SESSION 2: PANEL - IMPLEMENTATION ISSUES FOR ELECTRONIC COMMERCE
Moderator: Aviel D. Rubin - AT&T Labs Research (slides)

SESSION 3: ALL OPTICAL NETWORKS SECURITY
Chair: Jeff Ingle - National Security Agency (slides)

  1. Attack Detection Methods for All-Optical Networks
    M. Medard, D. Marquis, and S.R. Chinn
  2. Distributed Algorithms for Attack Localization in All-Optical Networks
    R. Bergman, M. Medard, and S. Chan

SESSION 4: PROTOCOLS
Chair: Wolfgang Schneider - GMD Darmstadt

  1. Credential Management and Secure Single Login for SPKM
    D. Hühnlein (slides)
  2. Some Timestamping Protocol Failures
    M. Just (slides)
  3. The Secure Remote Password Protocol
    T. Wu (slides)

DINNER BANQUET: LUCENT'S ENTRY INTO NETWORK SECURITY
Speaker: Howard Gittleson - Lucent Technologies (slides)

SESSION 5: MOBILE AGENTS
Chair: Gene Tsudik - USC Information Sciences Institute

  1. On the Problem of Trust in Mobile Agent Systems
    U.G. Wilhelm, S. Staamann, and L. Buttyan (slides)
  2. Implementing Protection Domains in the Java(tm) Development Kit 1.2
    L. Gong and R. Schemers (slides)

SESSION 6: PANEL - TRUST MANAGEMENT
Moderator: Barbara Fox - Microsoft (slides)

SESSION 7: TRAFFIC ANALYSIS AND SECURE BOOTSTRAPPING
Chair: Matt Bishop - University of California, Davis

  1. Live Traffic Analysis of TCP/IP Gateways
    P.A. Porras and A. Valdes
  2. Automated Recovery in a Secure Bootstrap Process
    W.A. Arbaugh, A.D. Keromytis, D.J. Farber, and J.M. Smith (slides)

SESSION 8: PANEL - EXPERIENCE WITH FIREWALLS AND IPSEC
Moderator: Stephen T. Kent - BBN Technologies (slides)


General Chair's Message

Welcome to the fifth annual Internet Society (ISOC) Network and Distributed System Security (NDSS) Symposium! Each year we seek to bring together researchers, implementers, and users of network and distributed system security technologies to discuss today's important security issues and challenges. This year our Program Committee has done an outstanding job of selecting a mix of technical papers and panel presentations that describe promising new approaches to Internet security. As we are all aware, the use of the Internet is growing rapidly, and the need for widespread deployment of usable and effective network and distributed system security solutions is increasing just as rapidly. I am confident that with our continued open dialog, sharing of experiences and ideas, and exploration of solutions, we can help protect this valuable resource.

Many thanks are in order for the folks who spent considerable time and effort organizing the symposium. I am grateful to the Internet Society for sponsoring the symposium, and especially to Martin Burack, the Executive Director, who has worked hard to ensure its success. Carla Rosenfeld, Torryn Brazell and the staff at ISOC have done an incredible job handling publicity, registrations, and many other behind-the-scenes activities. Tom Hutton has again provided wonderful local arrangements. Steve Welke has done a top-notch job assembling the hard-copy and CD-ROM proceedings. The Program Co-Chairs, Matt Bishop and Steve Kent, and the entire Program Committee are to be commended for their fine effort pulling together an excellent technical program. Only with the collective hard work of all these individuals are we able to make the symposium a success.

Finally, I would like to thank all the authors who submitted papers, the panelists who shared their knowledge and experiences, and everyone who attended the symposium for their contributions and participation.

David M. Balenson
Trusted Information Systems
balenson@tis.com


Program Chairs' Message

The non-security of the Internet is well known to networking and distributed system designers and implementers. Recent news stories have discussed the problem, usually from the perspective of the consequences of someone exploiting the lack of security to compromise well-known sites or defraud others. Indeed, the report of the U.S. President's Commission on Critical Infrastructure Protection highlighted the lack of security of computing in general, and of the Internet in particular, and recommended several actions to improve the state of the network.

This symposium provides a forum in which developers and implementers, as well as designers, can exchange experiences in system design, development, and deployment. Topics emphasize experience and actual systems, rather than theoretical results or paper designs.

Of the 45 papers and panel proposals submitted, we selected 15 that present different aspects of the security problem. Topics range from studies of fundamental services to controls, from security in malleable systems to network information resources. Some papers present new results; others revisit old results and use them in a new manner. All are exciting and fascinating.

Submissions stayed at the same level as last year, but submissions from other countries increased somewhat, reflecting the international nature of the Internet (and of the problem of security). The submissions were strong, and we selected based upon technical quality, originality, and relevance to the theme of advancing the state of available security technology throughout the Internet community.

We thank all who have contributed to this symposium: the reviewers, program committee members, the general chair, publications chair, local arrangements chair, and logistics chair, and most especially the authors of the submitted papers and the proposers of the panels. Without your involvement, there would be no symposium.

Matt Bishop
University of California, Davis
bishop@ucdavis.edu
Stephen T. Kent
BBN Technologies
kent@bbn.com


Organizing Committee

General Chair
David M. Balenson
Trusted Information Systems
balenson@tis.com

Program Chairs
Matt Bishop
University of California, Davis
bishop@ucdavis.edu
Stephen T. Kent
BBN Technologies
kent@bbn.com

Publications Chair
Stephen R. Welke
Institute for Defense Analyses
welke@ida.org

Logistics Co-Chairs
Carla Rosenfeld
Internet Society
carla@isoc.org

Torryn P. Brazell
Internet Society
brazell@isoc.org

Local Arrangements Chair
Thomas Hutton
San Diego Supercomputer Center
hutton@sdslug.org

Steering Group
Internet Research Task Force, Privacy and Security Research Group


Program Committee

Members
Steven M. Bellovin - AT&T Labs Research
Douglas E. Engert - Argonne National Laboratory
Warwick Ford - VeriSign
Li Gong - JavaSoft
Richard Graveman - Bellcore
Ari Juels - RSA Laboratories
Tom Longstaff - CERT/CC
Douglas Maughan - National Security Agency
Dan Nessett - 3Com Corporation
Richard L. Parker, II - NATO C3 Agency
Michael Roe - University of Cambridge
Robert Rosenthal - DARPA
Wolfgang Schneider - GMD Darmstadt
Christoph Schuba - Sun Microsystems Laboratories
Win Treese - Open Market, Inc.
Jonathan Trostle - Novell
Gene Tsudik - USC Information Sciences Institute
Stephen R. Welke - Institute for Defense Analyses

External Reviewers
Ruediger Grimm - GMD Darmstadt
Burt Kaliski - RSA Laboratories
Peter Krautscheid - Open Market, Inc.
Pat Madden - Open Market, Inc.
Peter Ochsenschlaeger - GMD Darmstadt
Ray Sidney - RSA Laboratories
Bob Silverman - RSA Laboratories
Brian Tung - USC Information Sciences Institute


PRIVACY AND SECURITY RESEARCH GROUP
of the Internet Research Task Force

Chair
Stephen T. Kent
BBN Technologies
kent@bbn.com

PSRG Committee Members
David M. Balenson
Trusted Information Systems
balenson@tis.com

Matt Bishop
University of California, Davis
bishop@cs.ucdavis.edu

Russell D. Housley
SPYRUS
housley@spyrus.com

Dan Nessett
3Com Corporation
dan_nessett@3com.com

B. Clifford Neuman
USC Information Sciences Institute
bcn@isi.edu

Richard L. Parker, II
NATO C3 Agency
parker@nc3a.nato.int

Michael Roe
University of Cambridge
michael.roe@cl.cam.ac.uk

Robert Rosenthal
DARPA
rmrosenthal@darpa.mil

Jeffrey I. Schiller
Massachusetts Institute of Technology
jis@mit.edu

Roberto Zamparo
Telia Research
Roberto.X.Zamparo@telia.se


Author Index

Arbaugh, W.A. (Automated Recovery in a Secure ...)
Bergman, R. (Distributed Algorithms for Attack ...)
Buttyan, L. (On the Problem of Trust in ...)
Chadwick, D.W. (Enabling the Internet White ...)
Chan, S. (Distributed Algorithms for Attack ...)
Chinn, S.R. (Attack Detection Methods for ...)
Farber, D.J. (Automated Recovery in a Secure ...)
Fox, B. (Panel - Trust Management)
Gong, L. (Implementing Protection Domains ...)
Hühnlein, D. (Credential Management ...)
Humenn, P. (The Multilayer Firewall)
Just, M. (Some Timestamping Protocol ...)
Kent, S.T. (Panel - Experience with Firewalls ...)
Keromytis, A.D. (Automated Recovery in a Secure ...)
Marquis, D. (Attack Detection Methods for ...)
Medard, M. (Attack Detection Methods for ...)
Medard, M. (Distributed Algorithms for Attack ...)
Nessett, D. (The Multilayer Firewall)
Porras, P.A. (Live Traffic Analysis of TCP/IP ...)
Rubin, A.D. (Panel - Implementation Issues for ...)
Schemers, R. (Implementing Protection Domains ...)
Smith, J.M. (Automated Recovery in a Secure ...)
Staamann, S. (On the Problem of Trust in ...)
Valdes, A. (Live Traffic Analysis of TCP/IP ...)
Wilhelm, U.G. (On the Problem of Trust in ...)
Wu, T. (The Secure Remote Password ...)
Young, A.J. (Enabling the Internet White ...)
Zhang, K. (Efficient Protocols for Signing ...)