Search CSRC

Conference: 20th National Information Systems Security Conference (NISSC '97) Abstract: One of the most challenging problems in managing large networked systems is the complexity of security administration. This is particularly true for organizations that AWeb (WWW) servers. Today, security administration is costly and prone to error because administrators usually specify access contro...

Abstract:

Conference: 5th Annual BSI IT Security Congress Abstract: This paper is a survey of recent activities of the legislative and executive branches of the U.S. Government (and of some joint activities of government and industry) that involve the security of the evolving information infrastructure. Over the past few years, U.S. Government organizations have exp...

Conference: 19th National Information Systems Security Conference Abstract: The Proceedings of the 19th National information Systems Security Conference (NISSC), held October 22-25, 1996, in Baltimore, Maryland.

Abstract: The use of software in the health care industry is becoming of increasing importance. One of the major roadblocks to efficient health care is the fact that important information is distributed across many sites. These sites can be located across a significant area. The problem is to provide a unifor...

Conference: Photonics East '95 Abstract: Security standards help users implement adequate protection in their systems. Independent, third-party conformance testing to security standards provides those users with a metric beyond vendor affirmation in determining conformance. Independent third-party conformance testing gives manufacturers th...

Conference: 11th Annual Computer Security Applications Conference Abstract: The central notion of Role-Based Access Control (RBAC) is that users do not have discretionary access to enterprise objects. Instead, access permissions are administratively associated with roles, and users are administratively made members of appropriate roles. This idea greatly simplifies manageme...

Conference: First ACM Workshop on Role-Based Access Control (RBAC) Abstract: With Role Based Access Control (RBAC), each role is associated with a set of operations which a user in that role may perform. The power of RBAC as an access control mechanism is the concept that an operation may theoretically be anything. This is contrasted to other access control mechanisms where...

Abstract:

Conference: 18th National Information Systems Security Conference (NISSC) Abstract: The National Security Agency (NSA) with the cooperation of the National Institute of Standards and Technology (NIST) formed a technical group to create security requirements for distributed systems. These include requirements for data confidentiality, data integrity, cryptography, distributed identi...

Conference: 18th National Information Systems Security Conference Abstract: The National Computer Security Center (NCSC) and the Computer Systems Laboratory (CSL) are pleased to welcome you to the Eighteenth National Information Systems Security Conference. The new conference name reminds us that information systems, not just computers, must be secure. This year's program,...

Journal: Journal of Research of the National Institute of Standards and Technology Abstract: Annually, the National Institute of Standards and Technology (NIST), Department of Commerce (DOC), and the National Computer Security Center (NCSC), National Security Agency (NSA), co-sponsor the National Computer Security Conference. The conference, most recently in its 17th edition (NCSC17), is a...

Abstract:

Abstract:

Conference: 17th National Computer Security Conference Abstract: The Proceedings of the 17th National Computer Security Conference, "Communicating our Discipline: Strategies for the Emerging Information Infrastructures," held October 11-14, 1994 in Baltimore, Maryland. It includes refereed papers and panel summaries from the conference (listed on pp. iv-xv). Page...

Abstract: The purpose of the Invitational Workshop on Information Technology (IT) Assurance and Trustworthiness was to identify crucial issues on assurance in IT systems and to provide input into the development of policy guidance on determining the type and level of assurance appropriate in a given environme...

Abstract: On June 10, 1994, the National Institute of Standards and Technology (NIST) hosted a one-day workshop to present and discuss key escrow encryption technology, including the recently-approved Escrowed Encryption Standard (EES), Federal Information Processing Standard (FIPS) Publication 185. Speakers...

Abstract:

Journal: Journal of the American Medical Association Abstract: A COMPLEX health care information infrastructure will exist under a reformed health care system as proposed in the American Health Security Act of 1993. The success of the new system will depend in part on the accuracy, correctness, and trustworthiness of the information and the privacy rights of in...

Conference: 16th National Computer Security Conference Abstract: In a cooperative effort with government and industry, the National Institute of Standards and Technology (NIST) conducted a study to assess the current and future information technology (IT) security needs of the commercial, civil, and military sectors. The study was documented in NISTIR 4976, Asses...

Conference: 16th National Computer Security Conference Abstract: The Proceedings of the 16th National Computer Security Conference, "Information Systems Security: User Choices," held September 20-23, 1993 in Baltimore, Maryland. It includes refereed papers and panel summaries from the conference (listed on pp.v-xv). Pages xvi-xvii provide an index...

Conference: Privacy and Security Research Group Workshop on Network and Distributed System Security Abstract: The Advanced Smartcard Access Control System (ASACS) was developed by the National Institute of Standards and Technology in conjunction with Datakey and Trusted Information Systems. The system includes a smartcard with public key capabilities and a portable reader/writer with computational capabilit...

Conference: 12th Annual International Cryptology Conference (CRYPTO '92) Abstract: NIST Received comments from 109 separate government agencies, companies, and private individuals concerning the proposed Digital Signature Standard. Both positive and negative comments were received. However the number of negative comments was significantly larger than normally received for a propos...

Journal: The Computer Journal Abstract: Formal specifications are increasingly used in modeling software systems. An important aspect of a model is its value as an analytical tool to investigate the effect of changes. This paper defines the notion of predicate differences and shows how predicate differences may be used to analyze the effe...

Conference: 15th National Computer Security Conference Abstract: The number of personal computer viruses continues to grow at an alarming rate. Many of these viruses are variants (i.e., close relatives) of "old" viruses. This often results in less than accurate identification of viruses. The consequences of this can be distressing: virus removal software fails, s...