This paper presents a new variant of the Rabin-Williams digital signature system, offering the same security and signing speed but much faster verification. For example, verification of a signature under a 2048-bit public key takes 103 micro- seconds on a Pentium-133.

Each federal organization is fuly responsible for its computer security program whether the security program is performed by in-house staf or contracted out.  TIme constraints, budget constraints, availability or expertise of staff, and the potentila knowledge to be gained by the organization from an experienced contractor are among the reasons a federal organization may wish to get external assistance for some of these complex, labor intensive activities. An interagency working group of federal and private sector security specialists developed this document.  The document presents the ideas and experiences of those involved with computer security.  It supports the operational field with a set of Statements of WOrks (SOWs) describing significant copmuter security activities.  While not a substitute for good computer security management, organization staff and government contractors can use these SOWs as a basis for a common understanding of each described activity.  THe sample SOWs can faster easier access to more consistent, high-quality computer security services.  The descriptions apply to contracting for services or obtaining them from within the organization.

One of the favorite diversions of university students involves “beating” the system. In the case of operating systems, this has been a remarkably easy accomplishment An extensive lore of operating system penetration, ranging from anecdotes describing students who have outsmarted the teacher’s grading program to students who captured the system’s password list and posted it on one of the bulletin boards has been collected on college campuses. Private industry has been victimized much more seriously. Here the lore of the “system” penetrations contains scenarios involving the loss of tens of thousands of dollars. The Research and Development organization at SDC has been seriously involved with legitimate operating system penetration efforts. Under contract to government agencies and industry SDC has assessed the secure-worthiness of their systems by attemps to gain illegal access to their operating systems. As of this date, seven operating systems have been studied. This paper examines the successful penetration methodology employed and the generic operating system functional weaknesses that have been found. Recommendations are made for improvement that can strengthen the penetration methodology.

This empirical research demonstrates the effectiveness of content analysis to map the research literature of the software engineering discipline. The results suggest that certain research themes in software engineering have remained constant, but with changing thrusts. Others themes have arisen, matured and then faded as major research topics, while still others seem trasient or immature. Co-word analysis is the specific technique used. This methodology identifies associations among publication descriptors (indexing terms) from the ACM Computing Classification System and produces networks of descriptors that reveal these underlying patterns. The methodology is applicable to other domains with a supporting corpus of textual data. While this study utilizes index terms from a fixed taxonomy, that restriction is not inherent; the descriptors can be generated from the corpus. Hence, co-word analysis and the supporting software tools employed here can provide unique insights into any discipline’s evolution.

As public, private, and defense sectors of our society have become increasingly dependent on widely used interconnected computers for carrying out critical as well as more mundane tasks, integrity of these systems and their data has become a significant concern. The purpose of this paper is not to motivate people to recognize the need for integrity, but rather to motivate the use of what we know about integrity and to stimulate more interest in research to standardize integrity properties of systems.

This paper, through the use of a “traditional” capability-based system model, is intended to clarify the role of capabilities in supporting different security policies. In particular, the ability of these “traditional” systems to meet the Trusted Computer Security Evaluation Criteria [TCSEC83] is analyzed. The paper is further intended to be used as a background reference by the National Computer Security Center (NCSC) Product Evaluation Teams when they are involved in the evaluation of new capability-based products. The authors have assumed that the readers of this paper are computer professionals (e.g., NCSC Product Evaluation Team members or designers of computer operating systems) who are well versed in data structures, operating system principles, and operating system architectures, and who are also relatively familiar with security concepts and models. Virgil Gligor from the University of Maryland served as principal researcher. Many other individuals also have contributed to the production of this paper. We wish to acknowledge the assistance of Dan Nesset, Lawrence Livermore Labs; Richard Kain, University of Minnesota; Norman Hardy, Susan Rajunas, et. al., of Keylogic, Inc.; and Roger Schell of Gemini Computers, Inc., for their thorough review and critique of the initial drafts of this paper. Their comments helped significantly in providing better focus and presentation of the material. The authors, however, remain responsible for the accuracy and appropriateness of this final version.

Intrusion Detection Systems (IDS) attempt to identify unauthorized use, misuse, and abuse of computer systems. In response to the growth in the use and development of IDS’s, we have developed a methodology for testing IDS’s. The methodology consistes of techniques from the field of software testing which we have adapted for the specific purpose of testing IDS’s. In this paper, we identify a set of general IDS performance objectives which is the basis for the methodology. We present the details of the methodology, including strategies for test-case selection and specific testing procedures. We include quantitative results from testing experiments on the Network Security Monitor (NSM), an IDS developed at UC Davis. We present an overview of the software platform that we have used to create user-simulation scripts for testing experiments. The platform consists of the UNIX tool ‘expect’ and enhancements that we have developed, including mechanisms for concurrent scripts and a record-and-replay feature. We also provide background information on intrusions and IDSs to motivate our work.

The World Wide Web is accelerating the evolution of corporate information systems. Based on TCP/IP Internet technology, the web is attracting and approachable to the user, and is an unequaled tool for the systems integrator. Schlumberger has invested in TCP/IP networking for several years, and in 1995 a series of web-based business resources debuted on the Schlumberger Intranet. These resources are integrated with Schlumberger business processes, and have rapidly become a vital business capability. The business drivers that motivate the exploitation of the web include reducing reaction time, extending the influence of exports, and centralizing services to reduce cost. Our tour visits the resources collected on the Schlumberger Quick Reference Page, including the corporate directory, web server directory, supplier directory, Technology Watch Coordination, software distribution. The Refinery information filter, and the Information Technology Standards areas, as well as the author’s personal page. In each case, the history is one of ‘process insertion’, building a technical capability into the fabric of Schlumberger’s business to achieve a new level of performance. We conclude that the web’s capabilities for integration of diverse resources and incremental extension are the foundation of its extraordinary success. There are obstacles, but with breakthroughs imminent in security, interactivity, and protablility, the use of web technology in corporate Intranets has a bright future.

The introduction of Java applets has taken the World Wide Web by storm. Information servers can customize the presentation of their content with server-supplied code which executes inside the Web browswer. We examine the Java language and both the HotJava and Netscape browsers which support it, and find a significant number of flaws which compromise their security. These flaws arise for several reasons, including implementation errors, unintended interactions between browser features, differences between the Java language and bytecode semantics, and weaknesses in the design of the language and the bytecode format. On a deeper level, these flaws arise because of weaknesses in the design methodology used in creating Java and the browswers. In addition to the flaws, we discuss the underlying tension between the openness desired by Web application writers and the security needs of their users, and we suggest how both might be accommodated.