The 1996
Symposium on Network and Distributed Systems Security

Hypermedia Proceedings, Slides, and Summary Report

Table of Contents

Copyright © 1996 Institute of Electrical and Electronics Engineers. Reprinted from The Proceedings of the 1996 Symposium on Network and Distributed Systems Security.

This material is posted here with permission of the IEEE. Internal or personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution must be obtained from the IEEE by sending a blank email message to

By choosing to view this document, you agree to all provisions of the copyright laws protecting it.

General Chair's Message
Program Chairs' Message
Organizing Committee
Program Committee
Privacy and Security Research Group
Author Index

Session 1: Electronic Mail Security
Chair: Stephen T. Kent - BBN Corporation

  1. Mixing E-mail with BABEL
    C. Gulcü and G. Tsudik (abstract)
  2. An Integration of PGP and MIME
    K. Yamamoto (abstract)

Session 2: Distributed Object Systems
Chair: Danny M. Nessett - Sun Microsystems

  1. A Security Framework Supporting Domain-Based Access Control in Distributed Systems
    N. Yialelis and M. Sloman (abstract, slides)
  2. Panel - Scalability of Security in Distributed Object Systems
    Moderator: Danny M. Nessett - Sun Microsystems (abstract)

Session 3: Distributed System Security
Chair: Michael Roe - University of Cambridge

  1. A Flexible Distributed Authorization Protocol
    J.T. Trostle and B.C. Neuman (abstract)
  2. Preserving Integrity in Remote File Location and Retrieval
    T. Jaeger and A.D. Rubin (abstract)
  3. C-HTTP - The Development of a Secure, Closed HTTP-Based Network on the Internet
    T. Kiuchi and S. Kaihara (abstract, slides)

Session 4: Panel - Intellectual Property Protection
Moderator: Peter Neumann - SRI International (abstract)

Session 5: Network Security
Chair: Matt Bishop - University of California at Davis

  1. Designing an Academic Firewall: Policy, Practice, and Experience with SURF
    M. Greenwald, S.K. Singhal, J.R. Stone, and D.R. Cheriton (abstract, slides)
  2. Digital Signature Protection of the OSPF Routing Protocol
    S.L. Murphy and M.R. Badger (abstract, slides)
  3. A Case Study of Secure ATM Switch Booting
    S-C. Chuang and M. Roe (abstract)

Session 6: Key Management
Chair: Burton S. Kaliski, Jr. - RSA Laboratories

  1. SKEME: A Versatile Secure Key Exchange Mechanism for Internet
    H. Krawczyk (abstract, slides)
  2. IDUP and SPKM: Developing Public-Key-Based APIs and Mechanisms for Communication Security Services
    C. Adams (abstract, slides)

Session 7: Encryption
Chair: Aviel D. Rubin - Bellcore

  1. An Empirical Study of Secure MPEG Video Transmissions
    I. Agi and L. Gong (abstract, slides)
  2. Parallelized Network Security Protocols
    E. Nahum, D.J. Yates, S. O'Malley, H. Orman, and R. Schroeppel (abstract, slides)
  3. A "Bump in the Stack" Encryptor for MS-DOS Systems
    D.A. Wagner and S.M. Bellovin (abstract, slides)

Session 8: Panel - Public-Key Infrastructure
Moderator: Warwick Ford - Bell-Northern Research (abstract)

General Chair's Message

Welcome to the third annual ISOC Symposium on Network and Distributed System Security! Each year we seek to bring together researchers, implementors, and users of network and distributed system security facilities. This year our Program Committee has again done an outstanding job of selecting a mix of technical presentations and panel sessions to discuss and debate the issues we face today.

As we are all aware, the need for usable distributed system security mechanisms is growing rapidly, tracking the growth and utilization of the world-wide Internet. For a welcome change, the general awareness of and interest in security is growing significantly as well _ by commercial organizations, the media, and private citizens. More than ever before, organizations will be looking to you, the participants of this symposium, for both technical solutions to specific problems and advice for the emerging public policy debates.

I encourage you to take advantage of this Symposium to not only listen to the presentations but also share your own experiences and ideas with other attendees during the breaks and evening activities.

Many thanks are in order for the behind-the-scenes effort that has culminated in this symposium: Tom Hutton "secured" our new location at the Princess Resort; Donna Leggett has done a superb job in handling the increased registration activities; and Stephen Welke has brought our Proceedings into the electronic age! I also want to commend the Program Co-Chairs, David Balenson and Clifford Neuman, for their excellent work with the Program Committee for pulling together the excellent program in which you are about to participate. Without the hard work by all these folks, this symposium would not have been possible.

As always, I want to thank all the authors who submitted papers and the panelists who are participating by sharing their knowledge and experiences with us.


James T. Ellis
Carnegie Mellon University

Program Chairs' Message

In the past year, the public has increasingly been urged to enter cyberspace and to use the Internet to obtain information from vendors, order products, and even bank from home. At the same time, businesses are being compelled to have a presence on the Internet, making information available to customers and other businesses. As a result, the need for network and distributed system security has grown dramatically.

Today we find that the individuals trying to breach the security of computer systems are using more sophisticated attacks, and because such attacks now can yield business data or result in financial transactions, these attacks have become more lucrative. While the computer security discipline once addressed mostly hypothetical threats, the press has recently taken notice when attacks known by practitioners for years were suddenly perpetrated against widely-used and heavily marketed products including web servers and browsers and network file systems.

There is good news and bad news regarding the state of Internet security. The good news is that most of the threats we are seeing have been known for some time, and we know how to protect against them. The bad news is that the solutions must still be integrated with applications, many of the solutions require a computer security infrastructure that is not widely available, and we have yet to see widespread deployment of computer security technologies.

The organizers of this symposium hope that the symposium will encourage the Internet community to deploy the available security technology and develop new technology in areas where it is lacking. In selecting papers and panels for the symposium, the program committee sought to bring together the papers that will have the greatest impact on the field by introducing new computer security technologies whether research prototypes or actual products, demonstrating the application of computer security technologies to Internet applications, and describing components of the computer security infrastructure.

By bringing together researchers and practitioners in the field we are confident that the symposium will have a positive impact on the state of Internet security. We encourage you, as a participant in this symposium, to use this opportunity to actively participate in the dialog. Ask questions of the speakers, raise your important issues during relevant panel sessions, and let others know of your requirements, observations, and experience in this important area.

B. Clifford Neuman
Marina del Rey, California
David M. Balenson
Glenwood, Maryland

Organizing Committee

General Chair
James T. Ellis
CERT Coordination Center
Carnegie Mellon University

Program Chairs
David M. Balenson
Trusted Information Systems
B. Clifford Neuman
USC Information Sciences Institute

Publications Chair
Stephen R. Welke
Institute for Defense Analyses

Registrations Chair
Donna Leggett
The Internet Society

Local Arrangements Chair
Thomas Hutton
San Diego Supercomputer Center

Steering Group
Internet Research Task Force, Privacy and Security Research Group

Program Committee

Thomas A. Berson - Anagram Laboratories
Matt Bishop - University of California at Davis
Doug Engert - Argonne National Laboratory
Warwick Ford - Bell-Northern Research
Burton S. Kaliski, Jr. - RSA Laboratories
Stephen T. Kent - BBN Corporation
Paul A. Lambert - Oracle
John Linn - OpenVision Technologies
Teresa Lunt - Advanced Research Projects Agency
Danny M. Nessett - Sun Microsystems
Hilarie Orman - University of Arizona
Michael Roe - University of Cambridge
Robert Rosenthal - National Institute of Standards and Technology
Aviel D. Rubin - Bellcore
Jeffrey I. Schiller - Massachusetts Institute of Technology
Robert W. Shirey - BBN Corporation
Doug Tygar - Carnegie Mellon University
Roberto Zamparo - Telia Research

External Reviewers
Carlisle Adams - Bell-Northern Research
William Burr - National Institute of Standards and Technology
Jan Carlsson - Telia Research
Trent Jaeger - University of Michigan
Stewart Kowalski - Telia Research
Tim Moses - Bell-Northern Research
Paul Van Oorschot - Bell-Northern Research
Rich Schroeppel - University of Arizona
Ola Sjögren - Telia Research
Richard Thomas - Bell-Northern Research
Jyri J. Virkki - Bellcore
Michael Wiener - Bell-Northern Research
Andrey Yeatts - University of Arizona

Privacy and Security Research Group of the Internet Research Task Force

Stephen T. Kent
BBN Corporation

PSRG Committee Members
David M. Balenson
Trusted Information Systems

Warwick Ford
Bell-Northern Research

Burton S. Kaliski, Jr.
RSA Laboratories

B. Clifford Neuman
USC Information Sciences Institute

Michael Roe
University of Cambridge

Jeffrey I. Schiller
Massachusetts Institute of Technology

Matt Bishop
University of California, Davis

Russell D. Housley

Danny M. Nessett
Sun Microsystems

Richard L. Parker, II
SHAPE Technical Centre

Robert Rosenthal

Roberto Zamparo
Telia Research

Author Index

Adams, C. (IDUP and SPKM: Developing ...)
Agi, I. (An Empirical Study of Secure MPEG ...)
Badger, M.R. (Digital Signature Protection ...)
Bellovin, S.M. (A "Bump in the Stack" ...)
Cheriton, D.R. (Designing an Academic Firewall: ...)
Chuang, S-C. (A Case Study of Secure ATM ...)
Gong, L. (An Empirical Study of Secure MPEG ...)
Greenwald, M. (Designing an Academic Firewall: ...)
Gulcü, C. (Mixing E-mail ...)
Jaeger, T. (Preserving Integrity in ...)
Kaihara, S. (C-HTTP - The Development ...)
Kiuchi, T. (C-HTTP - The Development ...)
Krawczyk, H. (SKEME: A Versatile ...)
Murphy, S.L. (Digital Signature Protection ...)
Nahum, E. (Parallelized Network Security ...)
Neuman, B.C. (A Flexible Distributed ...)
O'Malley, S. (Parallelized Network Security ...)
Orman, H. (Parallelized Network Security ...)
Roe, M. (A Case Study of Secure ATM ...)
Rubin, A.D. (Preserving Integrity in ...)
Schroeppel, R. (Parallelized Network Security ...)
Singhal, S.K. (Designing an Academic Firewall: ...)
Sloman, M. (A Security Framework ...)
Stone, J.R. (Designing an Academic Firewall: ...)
Trostle, J.T. (A Flexible Distributed ...)
Tsudik, G. (Mixing E-mail ...)
Wagner, D.A. (A "Bump in the Stack" ...)
Yamamoto, K. (An Integration of ...)
Yates, D.J. (Parallelized Network Security ...)
Yialelis, N. (A Security Framework ...)

Return to the ISOC home page.

This page was last modified 17-January-1996.

Steve Welke (