Auctions are communication-intensive enterprises.  Most scholarly examinations of auctions, however, have come from economics and sociology.  This paper applies a communication perspective to eBay, the largest online auction, and argues that eBay has maintained safety, order, and interest in its auctions by mimicking the oral style of the auctioneer and following the rules of in-person auctions, but in a virtual space.

This paper describes the design and implementation of a secure message broadcast system (SMBS). It is a secure, multi-party chat program that ensures privacy in communication and does not rely on shared secret keys. The system was built as a study of the feasibility of building effective communication tools using zero knowledge proofs. There is a general consensus in the computer security community that traditional password based authentication mechanisms are insuficient in today’s globally connected environment. Mechanisms such as one-time-passwords are a partial solution to the problem. The issue that these protocols don’t address is the lack of mutual authentication. The Kerberos family of systems addresses the issue of mutual authentication but relies heavily on the physical security of the server and safekeeping of the password database.

Security in computer systems is important to ensure reliable operation and protect the integrity of stored information.  Faults in the implementation can be exploited to breach security and penetrate an operating system.  These faults must be identified, detected, and corrected to ensure reliability and safe-guard against denial of service, unauthorized modification of data, or disclosure of information. We define a classification of security faults in the Unix operating system.  We state the criteria used to categorize the faults and present examples of the different fault types. We present the design and implementation details of a database to store vulnerability information collected from different sources.  The data is organized according to our fault categories.  the information in the database can be applied in static audit analysis of systems, intrusion detection, and fault detection.  We also identify and describe software testing methods that should be effective in detecting different faults in our classification scheme.

Computing systems have evolved from stand-aone mainframes to comlex, interconnected open systems, and this evolution has lead to proliferation of avenues of attack.  With the knowledge that system misusers have open avenues for attack, misuse detection provides an important line of defense.  For a misuse detection system to be effective, there needs to be an audit trail of system activity that was designed to support misuse detection needs. A major challenge in misuse detection is that audit data is inadequate.  The data supplied by current auditing systems lack content useful for misuse detection, and there is no widely accepted audit trail standard. This thesis presents a comparison of the needs of host-based misuse detection with the capabilities of auditing facilities of convential operating systems.  Host-based misuse detection systems are examined, and the audit data used by each are outlined.  Auditing systems of convential operating systems are also examined, and the data colected by each are outlined.  A comparison of the needs of the misuse detection systems and the capabilities of existing auditing facilities is then presented.  the results of this study aid in the determination of what data content should be provided by auditing systems for the support of misuse detection goals.