Papers:

• Next Generation Intrusion Detection: Autonomous Reinforcement Learning of Network Attacks

File Size: 90 K
James Cannady, Georgia Institute of Technology
 
• Fuzzy Data Mining and Genetic Algorithms Applied to Intrusion Detection

File Size: 113 K
Slides: File Size: 2 M (may take a while to open)................ Zipped file 558 K
Susan M. Bridges and Rayford B. Vaughn, Mississippi State University
 
• Multiple Self-Organizing Maps for Intrusion Detection

File Size: 59 K
Brandon Craig Rhodes, James A. Mahaffey, and James D. Cannady, Georgia Institute of Technology
 
• The Curse of Service: Civil Liability for Computer Security Professionals

File Size: 67 K
Arthur J. Wylene, New College of California, School of Law
 
• Best Security Practices: An Overview

File Size: 68 K
Slides: File Size: 131 K
Guy King, Computer Sciences Corporation
 
• Visualizing Risks: Icons for Information Attack Scenarios

File Size: 234 K
Hilary H. Hosmer, Data Security, Inc.
 
• Push Architectures for User Role Assignment

File Size: 183 K
Venkata Bhamidipati and Ravi Sandhu, George Mason University
 
• A Role-Based Delegation Model and Some Extensions

File Size: 38 K
Slides: File Size: 43 K
Ezedin Barka and Ravi Sandhu, George Mason University

• Generalized Role-Based Access Control for Securing Future Applications

File Size: 94 K
Michael J. Covington, Matthew J. Moyer, and Mustaque Ahamad, Georgia Institute of Technology
 
• Antivirus Software Testing for the New Millenium

File Size: 52 K
Sarah Gordon, IBM Thomas J. Watson Research Center
Fraser Howard, Virus Bulletin
 
• The Evolving Virus Threat

File Size: 45 K
Carey Nachenberg, Symantec Corporation
 
• The Cracker Patch Choice: An Analysis of Post Hoc Security Techniques

File Size: 62 K
Crispin Cowan, Heather Hinton, Calton Pu, and Jonathan Walpole, Wire-X Communications, lnc.
 
• Penetration Analysis of a XEROX Docucenter DC 230ST: Assessing the Security of a Multi-purpose Office Machine

File Size: 52 K
Thomas E. Daniels, Benjamin A. Kuperman, and Eugene H. Spafford, Purdue University
 
• Using B Method to Formalize the Java Card Runtime Security Policy for a Common

Criteria Evaluation
File Size: 262 K
Stephanie Motre & Corinne Teri, Gemplus
 
• Analysis of Terminal Server Architectures for Thin Clients in a High Assurance Network

File Size: 56 K
Steven R. Balmer and Cynthia E. Irvine, Naval Postgraduate School
 
• Thoughts and Questions on Common Criteria Evaluations

File Size: 25 K
Kenneth G. Olthoff, National Security Agency
 
• The Open Platform Protection Profile (OP3) Taking the Common Criteria to

the Outer Limits
File Size: 63 K
Slides: File Size: 271 K
Marc Kekicheff and Forough Kashef, Visa International Services Association
David Brewer, Gamma Secure Systems Limited

• A Taxonomy of Organisational Security Policies

File Size: 28 K
Gary W. Smith and Richard B. Newton, Science Applications International Corporation
 
• Business Process Driven Framework for Defining an Access Control Service Based on Roles and Rules

File Size: 63 K
Slides: File Size: 90 K
Ramaswamy Chandrarnouli, National Institute of Standards and Technology
 
• An Efficient Secure Authenticated Group Key Exchange Algorithm for Large and Dynamic Groups

File Size: 201 K
Jim Alves-Foss, University of ldaho
 
• Trust Relations in a Digital Signature System Based on a Smart Card

File Size: 48 K
Jean-Luc Giraud and Ludovic Rousseau, Gemplus
 
• Trends in Government Endorsed Security Product Evaluations

File Size: 66 K
Richard E. Smith, Secure Computing Corporation
 
• Corporate Vital Defense Strategy: A Framework for Information Assurance

File Size: 35 K
Slides: File Size: 37 K
Bel G. Raggad, Ph.D., Pace University
 
• Rethinking Department of Defense Public Key Infrastructure

File Size: 45 K
Jason X. Hackerso
 
• A Query Facility for Common Intrusion Detection Framework

File Size: 206 K
Peng Ning, X. Sean Wang, and Sushil Jajodia, George Mason University
 
• Controlling Primary And Secondary Access To Digital Information

File Size: 62 K
Marshall D. Abrams, The MITRE Corporation
Paul B. Schneck, MRJ Technology Solutions

• Privilege Management of Mobile Agents

File Size: 80 K
Wayne Jansen and Tom Karygiannis, National Institute of Standards and Technology
 
• Towards XML As A Secure Intelligent Agent Communication Language

File Size: 66 K
Slides: File Size: 103 K
Alexander D. Korzyk, Sr., Virginia Commonwealth University
 
• Database Security 2000

File Size: 15 K
John R. Campbell, National Security Agency
 
• An Operating System Analog to the Perl Data Tainting Functionality

File Size: 70 K
Slides: File Size: 51 K
Dana Madsen, University of Maryland College Park
 
• Towards the Formal Modeling of a Secure Operating System

File Size: 105 K
Dan Zhou, Florida Atlantic University
 
• Policy-Enhanced Linux

File Size: 54 K
Slides: File Size: 264 K
Paul C. Clark, Naval Postgraduate School
 
• The Competitive Intelligence and National Security Threat from Website Job Listings

File Size: 42 K
Slides: File Size: 208 K
Jay D. Krasnow, Georgetown University
 
• The Case for Beneficial Computer Viruses and Worms - A Student's Perspective

File Size: 31 K
Slides: File Size: 42 K
Mr. Greg Moorer, Mississippi State University
 
• Subliminal Traceroute in TCP/IP

File Size: 65 K
Thomas E. Daniels and Eugene H. Spafford, Purdue University

• Killer Apps - and YOU're the Dead Meat

File Size: 8K
G. Mark Hardy, Guardent, Inc.
 
• Computer Security From the Trojan War to Now

File Size: 6K
Slides: File Size: 3M (will take a while to open) ............ zipped file: 3,039K
Charles P. Pfleeger, Exodus Communications

• Future of Information Security

File Size: 8K
G. Mark Hardy, Guardent Inc.
Jeff Moss, DEF CON Communications
Winn Schwartau, Interpact Associates
Peter Shipley, KPMG Peat Marwick LLC
Ira Winkler, Information Security Advisors Group
 
• AES and Beyond

File Size: 8K
Elaine Barker, National Institute of Standards and Technology
Jim Foti, National Institute of Standards and Technology
Bill Burr, National Institute of Standards and Technology
 
• The Secret and Below Interoperability (SABI) Process Continuing the Discovery of Community Risk

File Size: 9K
Mark Loepker, National Security Agency
Curtis Dukes, National Security Agency
Charles Schreiner, National Security Agency
Willard Unkenholz, National Security Agency
Corky Parks, National Security Agency
Dallas Pearson, National Security Agency
Warner Brake, Defense Information Systems Agency
 
• Effective Risk Analysis

File Size: 14K
Slides: File Size: 320K
Thomas Peltier, CISSP, Netigy

• The Systems Security Engineering Capability Maturity Model

File Size: 6K
Slides: File Size: 334K
Karen Ferraiolo, Arca Systems, An Exodus Communications Company
 
• Themes and Highlights of the New Security Paradigms Workshop 2000

File Size: 107K
Chair: Steven J. Greenwald
 
• Conduit Cascades and Secure Synchronization

File Size: 193K
Simon N. Foley, University College, Cork, Ireland
 
• An Argument for Quality of Security Service

File Size: 43K
Cynthia Irvine, Naval Postgraduate School
Timothy Levin, Anteon Corporation
 
• Multilateral Security -Why and How?

File Size: 186K
Kai Rannenberg, Microsoft Research, Cambridge, UK
 
• Disarming Offense to Facilitate Defense

File Size: 132K
D. Bruschi and E. Rosti, Universita degli Studi di Milano
 
• Evaluation Scope: Does One Size fit all? European Viewpoints

File not available
David Hodges, John Doody, CESG
Ian Bryant, MOD
 
• State of Key Recovery Government and Industry

File not available
Santosh Chokani, CygnaCom Solutions
Donna Dodson, Social Security Administration
Diane Dunshee, National Security Agency

• Department of Defense (DoD) Wide Information Assurance Program (DIAP): Current Initiatives

File Size: 25K
Captain J. Katharine Burton, USN
Terry Bartlett, DIAP
George Bieber, DISA
Jim Christy, DIAP
 
• The National Security Agency's Use of the Systems Security Engineering Capability Maturity Model (SSE-CMM)

File Size: 11 K
Ms. Mary D. Schanken, National Security Agency
Mr. Paul W. Boudra, National Security Agency
Mr. Charles G. Menk III, National Security Agency
 
• Security and Source-Available Systems: Risks and Opportunities

File Size: 9K
Peter G. Neumann, SRI International
Dr. Crispin Cowan, WireX Communications, Inc.
Eric Raymond, Open Source

• Certified vs Secure

File Size: 11 K
Jon David, Lehman Brothers
Sarah Gordon, IBM
Tim Polk, National Institute of Standards and Technology
Dan Woolley, Global Integrity Corporation
Fred Kolbrener, Xacta Corporation
 
• Achieving Global Trust in an e-World

File Size: 50K
Slides: File Size: 491 K
Richard G. Wilsher, the Zygma partnership, GB
Caelen King, Baltimore Technologies plc., IE
Helmut Kurth, atsec GmbH, DE
 
• The Meaning of Trust on the Internet

File not available
Michael S. Baum, VeriSign Inc., US

• Progress of the Best Security Practices Subcommittee

File Size: 11 K
James F. Craft, U.S. Agency for International Development
Marianne Swanson, National Institute of Standards and Technology
Mary Schanken, National Security Agency
Marty Poch, Environmental Protection Agency
Michael T. Hovey, Computer Sciences Corporation
 
• Preparing for Intrusion Detection

File Size: 13K
Slides: File Size: 490K
Thomas Peltier, CISSP, Netigy
 
• Information Assurance for UK Government

File Size: 16K
Slides: File Size: 2M (will take a while to open) ............... Zipped file size: 938K
John Doody, CESG
• Connecting the Civil Service College to the Government Secure Intranet
Roger Griffin, CMPS
• BS7799: The British Standard for Information Security Management Application Within DETR
Terry Wells, DETR
• UK Home Office - From Government Secure Intranet (GSI) to BS 7799
John Laskey, Home Office
• Shared Environments Between The Ministry of Defence and Its Partners
John Peters, MOD
 
• Security and Quality of Service Interactions

File Size: 16K
Susan Hinrichs, Cisco Systems, Inc.
• Can Network QoS and Security Live in Symbiosis?
Klara Narhstedt, University of Illinois
• Security and Quality of Service Interactions
John McHugh, CERT Coordination Center
• Security and Quality of Service Management
Partha Bhattacharya, Cisco Systems, Inc.
 
• CC ToolboX^TM, CC Profile Knowledge Base^TM - The Current Status and a Tutorial

File Size: 4K
Ed Steeble, National Security Agency
Gary Grainger, Mitretek Systems

• PKI - Sham or Salvation?

File Size: 17K
Jon David, Lehman Brothers
Padgett Peterson, Lockheed-Martin
Tim Polk, National Institute of Standards and Technology
Fred Cohen, Sandia National Laboratories
• 50 Ways to Defeat your PKI and Other Cryptosystems
Fred Cohen, Sandia National Laboratories
 
• Guideline for Implementing Cryptography in the Federal Government

File Size: 8K
Annabelle Lee, National Institute of Standards and Technology
 
• Critical Infrastructure Protection for Chief Information Officers or CIP for ClOs

File Size: 1OK
John C. Davis, Mitretek
John Gilligan, U. S. Department of Energy
Col. John E. Whiteford, USAF, National Security Agency
 
• Privacy in the Information Age

No file available.
Blaine Burnham, Georgia Tech Information Security Center
 
• Security in Business-to-Business e-commerce

File Size: 6K
Jeremy Epstein, webMethods
Igor Balabine, Netfish
David Burdett, Commerce0ne
Frank Jaffe, Clareon
 
• The OM-AM Framework and Role-Based Access Control

File Size: 8K
Slides: 1M (will take a while to open) .......... Zipped file size: 241 K
Ravi S. Sandhu, George Mason University
 
• Innovative Uses of the Common Criteria

File Size: 9K
Terry Losonsky, NIAP
Jack Sherwood, SPAWAR USN
John Mildner, SPAWAR USN
Peter Sargent, COACT Inc.

• Federal Bridge Certification Authority

No file available.
Richard A. Guida, Chair, Federal PKI Steering Group
 
• Incident Response - Stopping Them Dead in Their Tracks

File Size: 14K
Jon David, Lehman Brothers
Robert Stone, UUNET Technologies
Jim Duncan, Cisco
Bill Hancock, Exodus Communications
Richard Reybok, Merrill Lynch
 
• Best Security Practices: Lowering Quality's Total Cost of Ownership in an Age of Growing Complexity

File Size: 22 K
James P. Craft, CISSP, United States Agency for International Development
Tom Burke, General Services Administration
Jack L. Brock, Jr., General Accounting Office
Guy L. Copeland, Computer Sciences Corporation
Robert E. Giovagnoni, lnfrastructure Defense, Inc.
 
• Operational Computer Forensics - the New Frontier

File Size: 8K
Slides: File Size: 834K
Michael J. Corby, CCP, CISSP, Netigy Corporation
 
• Protection of B2B Exchanges and Vendor Operations

File Size: 9K
Charlie Baggett, Risk Management Associates, Inc.
Tim Ehrsam, Oracle Corporation

• Information Assurance Metrics: Prophecy, Process, or Pipedream?

File Size: 25K
Slides: File Size: 36K
Ronda R. Henning, Harris Corporation
• Position Paper
John McHugh, Carnegie Mellon Center for Survivable Systems
• Position Paper
John Michael Williams, JMW Trading Company
• Position Paper

Slides: File Size: 8M (will take a while to open) .......... Zipped file size: 2,229 K
Michael J. Skroch, DARPA
 
• The Common Criteria Structures: The Healthcare Response to Security Regulation                                 File Size: 1OK
Lewis Lorton, DDS, MSD, Forum on Privacy and Security in Healthcare
Lisa Gallagher, Exodus Security Services
Paul Zatychec, EWA-Canada, Ltd.
Leslie J. Spiece, Medical College of Wisconsin
Alan C. Brown, Partner, McKenna and Cuneo

• Access Certificates for Electronic Services (ACES) - Enabling Government to Citizen Interaction via the Internet

File Size: 24K
Judith Spencer, General Services Administration
David Temoshok, General Services Administration
Stanley Choffrey, General Services Administration
 
• Information Systems Survivability: Protecting Critical Systems

File Size: 4K
Robert J. Ellison, CERT Coordination Center, Software Engineering Institute
Richard C. Linger, CER T Coordination Center, Software Engineering Institute

• High Performance Computing Security Research at Mississippi State University

File Size: 71 K
Rayford B. Vaughn, Jr., Mississippi State University
• Issues in High Performance Computing Security
Yvo Desmedt, Florida State University
• Security in Depth

Slides: File Size: 1 M (will take a while to open) .......... Zipped file size: 457K
Jesse Pollard, Stennis Space Center
• Security in a Computational Grid Environment

Slides: File Size: 86K
Douglas Engert, Argonne National Laboratory
 
• Enterprise Security Infrastructure: A Managed Approach

No file available.
Dr. J. Greg Hanson, Telos Corporation
 
• The Healthcare Vertical Turns its Eyes on Security - The Impact of HIPAA and Other Legislation on Security Engineering

File Size: 6K
Slides: File Size: 770K
Lisa Gallagher, Exodus Security Services

• Your Always-On Connection and the Telecommuter

File Size: 11 K
Peter Dinsmore, NAI Labs
Michael St. Johns, Excite@Home
 
• Distributed Denial of Service Attacks - Can We Survive This New Threat?

File Size: 14K
Jon David, Lehman Brothers
Steve Bellovin, AT&T Labs Research
Bill Cheswick, Lucent Technologies
Paul Ferguson, Cisco
 
• A "Hands-On" Approach of Building a Security Program

No file available.
Bill Hadesty, USDA

• Single Sign-on: Myth or Reality

File Size: 13K
Slides: File Size: 562K
Thomas Peltier, CISSP, Netigy
 
• Guerilla Security: The Martial Art of Infosecurity

File Size: 1 M or zipped file: 1,032K
Andrew T. Robinson, net/main infoSecurity Solutions
 
• Information Security Research and Development in Academia

File Size: 19K
Dr. Susan M. Bridges, Mississippi State University
Dr. Blaine W. Burnham, Georgia Tech University
Dr. Dipankar Dasgupta, The University of Memphis
Dr. James A. Davis, Iowa State University
Dr. Cynthia Irvine, Naval Postgraduate School
 
• Understanding FIPS 140-2 Validation

File Size: 19K
Slides: File Size: 164K
John Morris, Corsec Security Inc.

• Security for High-Speed Intemets

File Size: 13K
Jeff Ingle, Community Management Staff
Chris Kubic, National Security Agency
 
• How Can We Prevent Denials of Service?

File Size: 15K
Peter G. Neumann, SRI International
Steve Bellovin, AT&T Labs
Virgil Gligor, University of Maryland
J.F. Mergen, Genuity
Marv Schaefer, ARCA
 
• Working On A Shoestring- Security Solutions in the Shadow of Limited Funds

File Size: 9K
David Jarrell, Federal Computer Incident Response Capability (FedCIRC)
Steve Lipner, Microsoft Security Response Center
Shawn Heman, Vulnerability Handling, CERT Coordination Center (CERT/CC)
Kenneth Ammon, Network Security Technologies, Inc.

• Biometrics - Understanding the Architecture, API's, Encryption and Authentication Security for Integration into Existing Systems and Applications Speaker

File Size: 6K
Slides: File Size: 922K
William H. Saito, I/0 Software
 
• An Introduction to Consequence-Based Risk Assessment

File Size: 4K
George Jelen, G-J Consulting
 
• Information Security Laboratories in the Academic Setting, A Panel Discussion

No file available.
Willis Marti, TAMU
Deborah Frincke, ISU
 
• A Protection Profile for FIPS 140-2, Lessons Learned

File Size: 9K
Miles Smid, CygnaCom Solutions
Jean Petty, CygnaCom Solutions
Shari Galitzer, CygnaCom Solutions
Ray Snouffer, National Institute of Standards and Technology

• DNS Security Ready for Prime Time

File Size: 6K
Slides: File Size: 240K
Olafur Gudmundsson, NAI Labs
Edward P. Lewis, NAI Labs
David Conrad, ISC
John Nguyen, DISA
 
• Black Hat - White Hat

File Size: 14K
G. Mark Hardy, Guardent, Inc.
Mark Fabro, Guardent, Inc.
Ray Kaplan, Guardent, Inc.
Black Hat One, (name and organization withheld)
Black Hat Two, (name and organization withheld)
 
• Cybersecurity in the Year 2000: Not Just for Systems Administrators Anymore

File Size: 29K
Richard Shullaw, Department of Health and Human Services
Danny Markley, Department of Health and Human Services
Robyn Large, The Centerfor Support of Families
Marianne Swanson, National Institute of Standards and Technology
 
• Information Security Year in Review--Technical Vulnerabilities

File Size: 7K
Slides: File Size: 2M (will take a while to open) .......... Zipped file size: 1,450K
David Kennedy CISSP, ICSA, Inc.

• Innovations in Biometric Authentication Technologies

File Size: 8K
Jeff Dunn, National Security Agency
Fernando Podio, National Institute of Standards and Technology
Cathy Tilton, SAFLINK
 
• Testing of Cryptographic Modules Against FIPS 140-2

File Size: 18K
Nelson Hastings, National Institute of Standards and Technology
Annabelle Lee, National Institute of Standards and Technology
Ray Snouffer, National Institute of Standards and Technology
 
• SNMPv3 with Security and Administration

File Size: 4K
Dr. Jeffrey D. Case, SNMP Research Inc.
 
• Recent Trends in Hacking

File Size: 8K
Peter Mell, National Institute of Standards and Technology
Tom Longstaff, CERT
Jeff Moss, CISSP, DEF CON
Andy Balinsky, Cisco
 
• Professional Certification of Information Security Professionals

File Size: 7K
Lynn McNulty, CISSP, RSA Security
James Wade, CISSP, Air Touch Cellular
William Murray, CISSP, Deloitte & Touche
Shirley Malia, Critical Infrastructure Assurance Office
John Colley, CISSP, ICL-UK
 
• RSA Digital Signature Standards

File Size: 4K
Slides: File Size: 214K
Burt Kaliski, RSA Laboratories
 
• Information Security Year in Review--Computer Crime

File Size: 4K
M. E. Kabay, PhD, CISSP, ADARIO, Inc.

• Certificates in the Internet: State, Issues, and Futures

File Size: 5K
Slides: File Size: 1M (will take a while to open) .......... Zipped file size: 223K
Andrew Nash, RSA Security, Inc.
 
• The Cryptographic Module Validation Program: FIPS 140-2 ... The Next Generation

File Size: 18K
Annabelle Lee, National Institute of Standards and Technology
Ray Snouffer, National Institute of Standards and Technology
Tom Casar, Communications Security Establishment, Canada
 
• Multi-level Security (MLS) and Its Evolution to Date

File Size: 16K
G.R. "Greg" Clingan, CISSP, Impact Innovations Group, LLC
Christian Cooke, CISSP, Impact Innovations Group, LLC
Thomas Bess, Impact Innovations Group, LLC
 
• Tracking the Virus Writer - The Legal Ramifications

File Size: 12K
Christine M. Orshesky, i-secure Corporation
Chengi "Jimmy" Kuo, Network Associates Inc.
 
• Information Assurance Technologies: 10 Years Past, Present and Future

File Size: 16K
Jack Murphy, Electronic Data Systems
Gary Moore, Entrust
Dr. Tom Haigh, Secure Computing Corp.
Robert Giovagnoni, iDEFENSE
Ronda Henning, Harris
 
• Collusion Detection Las Vegas Style

File Size: 4K
Slides: File Size: 9M (will take a while to open) .......... Zipped file size: 4,011K
Jeff Jonas, Systems Research and Development
 
• Smart Card Security Users Group PP and Projects

No file available.
Kenneth R. Ayer, Ph.D, Visa International
Dr. Douglas McGovern, RMCTI
Fernando Lourenco, Europay International
Marc Kekicheff, Visa International
 
• Incident Response Fundamentals

File Size: 6K
Slides: File Size: 378K
Eric Winterton, Exodus Security Services

• Secure X.500 Border Directory Proxy Server

File Size: 101K
Slides: File Size: 137K
K.M. Goertzel, Wang Government Services, Inc.
 
• Scorecard for Authentication Technologies

File Size: 4K
Slides: File Size: 4M (will take a while to open) .......... Zipped file size: 3K
Dow Williamson, RSA Security