Robert Schaefer
Skip Abstract Section
Abstract
This paper studies computer security from first principles. The basic questions "Why?", "How do we know what we know?" and "What are the implications of what we believe?"
- Adee, Sally, "The Hunt for the Kill Switch", IEEE Spectrum, Vol. 45, No. 5, May 2008 http://www.spectrum.ieee.org/semiconductors/design/the-hunt-for-the-kill-switch Google Scholar
Digital Library
- Anderson, Emory A., Cynthia E. Irvine, Roger R. Schell, "Subversion as a Threat in Information Warfare", Journal of Information Warfare, Space and Naval Warfare (SPAWAR) SC Vol. 3. No. 2, pp 51--64, June 2004. http://cisr.nps.edu/downloads/04paper_subversion.pdf (Exhibits a "hall of mirrors" mindset).Google Scholar
- Anderson, Ross, "On the Limits of Steganography", IEEE Journal of Selected Areas in Communications, Vol. 16, No. 4, May 1998, PP 474--481. http://www.cl.cam.ac.uk/~rja14/Papers/jsac98-limsteg.pdf Google ScholarDigital Library
- Anderson, Ross, Security Engineering, Wiley, 2008.Google Scholar
- Bell, David Elliot, "Looking Back at the Bell-La Padula Model", Proceedings of the 21st Annual Computer Security Applications Conference, pp 337--351. http://www.acsac.org/2005/papers/Bell.pdf Google ScholarDigital Library
- Bell, David Elliot, "Looking Back: Addendum", 22nd Annual Computer Security Applications Conference, Miami, FL, December, 2006. http://www.selfless-security.org/presentations/Bell_LBA.pdfGoogle Scholar
- Berg, Michael, "Advanced Malware Trends", Information and Cyberspace Symposium, September 22 - 24, 2008 http://usacac.army.mil/CAC2/CEW/repository/presentations/6_%20ICS-2008-SNL-Berg.pdfGoogle Scholar
- Bishop, Matt, Computer Security, Addison Wesley, 2003.Google Scholar
- Bishop, Matt, Helen Armstrong, "Uncovering Assumptions in Information Security", Proceedings of the Fourth World Conference on Information Security Education, May 18 2005, pp. 223--231. http://nob.cs.ucdavis.edu/bishop/papers/2005-wise4/Google Scholar
- Bishop, Matt, "Who Owns Your Computer", IEEE Security and Privacy, Volume 4, Issue 2, Mar.-Apr. 2006, pp. 61--63. Google ScholarDigital Library
- Bishop, Matt, "About Penetration Testing", IEEE Security and Privacy, Volume 5, Issue 6, Nov.-Dec. 2007, pp. 84--87. Google ScholarDigital Library
- Bishop, Matt, Sophie Engel, Sean Peisert, Sean Whalen, Carrie Gates, "We Have Met the Enemy and He is Us", Proceedings of the 2008 New Security Paradigms Workshop (NSPW), September 2008. http://www.cs.ucdavis.edu/~peisert/research/2008-NSPW-Insider-BEGPW.pdf (An attempt to model free will, so as to securely constrain it) Google ScholarDigital Library
- Bishop, Matt, Sophie Engel, Sean Peisert, Sean Whalen, Carrie Gates, "Case Studies of an Insider Framework", HICSS, pp. 1--10, 42nd Hawaii International Conference on System Sciences, 2009. http://www.cs.ucdavis.edu/~peisert/research/2009-BEGPW-HICSS-Insider.pdf Google ScholarDigital Library
- Boebert, William E., Robert Y. Kain, "A Further Note on the Confinement Problem", Security Technology, 30th Annual 1996 International Carnahan Conference, 2-4 Oct 1996, pp. 198--202.Google Scholar
- Boebert, Earl, "Some Thoughts on the Occasion of the NSA Linux Release", Linux Journal, Jan 24, 2004 http://www.linuxjournal.com/print/4963Google Scholar
- Borges, Jorge Luis, "The Analytical Language of John Wilkins", Jorge Luis Borges, Other inquisitions 1937-1952, translator Ruth C. L. Simms, Texas Press, 1993. http://www.alamut.com/subj/artiface/language/johnWilkins.html ("It is clear that there is no classification of the Universe not being arbitrary and full of conjectures. The reason for this is very simple: we do not know what thing the universe is.")Google Scholar
- Broad, William J., "U.S. Releases Secret List of Nuclear Sites Accidentally", The New York Times, June 3, 2009. http://www.nytimes.com/2009/06/03/us/03nuke.html?ref=global-home http://www.fas.org/nuke/guide/usa/sites.pdfGoogle Scholar
- Cappelli, Dawn M., Randall F. Trzeciak, "Best Practices For Mitigating Insider Threat: Lessons Learned From 250 Cases", RSA Conferences 2009. http://www.cert.org/archive/pdf/RSA-CERT-InsiderThreat.pdfGoogle Scholar
- Chan, Ellick M., Jeffrey C. Carlyle, Francis M. David, Reza Farivar, Roy H. Campbell, "BootJacker: Compromising Computers using Forced Restarts", Conference on Computer and Communications Security (CCS'08), ACM October 2008, pp. 555--564. Google ScholarDigital Library
- Cohen, Fred, "Experiments with Computer Viruses", 1984. http://all.net/books/virus/part5.html (The very first computer virus experiment.)Google Scholar
- Cohen, Fred, "Current Best Practice Against Computer Viruses", 1991. Proceedings. 25th Annual 1991 IEEE International Carnahan Conference on Security Technology, Oct 1-3 1991 pp. 261--270 (Why isn't this referenced more often?)Google ScholarCross Ref
- Coram, Robert, Boyd: The Fighter Pilot Who Changed The Art of War, Back Bay Books, 2002 http://www.belisarius.com/modern_business_strategy/boyd/destruction/destruction_and_creation.htmGoogle Scholar
- David, Francis M., Ellick M. Chan, Jeffrey C. Carlyle, Roy H. Campbell, "Cloaker: Hardware Supported Rootkit Concealment", Proceedings of the 2008 IEEE Symposium on Security and Privacy, 2008, pp. 296--310. Google ScholarDigital Library
- Deibert,Ronald, et al, "Tracking GhostNet: Investigating a Cyber Espionage Network", Information Warfare Monitor, Munk Centre, JR02-2009, March 29, 2009. http://www.infowar-monitor.net/ghostnet http://cryptome.org/ghostnet.zipGoogle Scholar
- Denning, Dorothy E., "The Limits of Formal Security Models", National Computer Systems Security Award Acceptance Speech, Oct 18, 1999. www.cs.georgetown.edu/~denning/infosec/award.htmlGoogle Scholar
- Drew, Christopher, John Markoff, "Cyberwar: Contractors Vie for Plum Work, Hacking for U.S.", The New York Times, May 31, 2009. http://www.nytimes.com/2009/05/31/us/31cyber.htmlGoogle Scholar
- EFF Staff, "Unintended Consequences: Ten Years under the DMCA", Electronic Frontier Foundation, October 2008. http://www.eff.org/wp/unintended-consequences-ten-years-under-dmcaGoogle Scholar
- Butler, Ricky W., George B. Fanelli, "The Infeasibility of Quantifying the Reliability of Life-Critical Real-Time Software" IEEE Transactions on Software Engineering, Vol. 19, No. 1, January 1993. Google ScholarDigital Library
- Halderman, J. Alex, Seth D. Schoen, Nadia Heninger, William Clarkson, william Paul, Joseph A. Calandrino, Ariel J. Feldman, Jacob Appelbaum, Edward W. Felton, "Lest We Remember: Cold-Boot Attacks on Encryption Keys", CACM Vol. 52, No. 5, May 2009 pp. 91--98. Google ScholarDigital Library
- Harris, sidney, "I think you should be more explicit here in step two", American Scientist, 1977. http://www.sciencecartoonsplus.com/gallery.phpGoogle Scholar
- Harrison, Michael A., Walter L. Ruzzo, Jeffrey D. Ullman, "Protection in Operating Systems", CACM, Vol. 19, No. 8., 1976. Google ScholarDigital Library
- Karger, Paul, Roger R. Schell, "Thirty Years Later: Lessons from the Multics Security Evaluation", Computer Security Applications Conference, 2002. Proceedings. pp 119--126. http://www.acsac.org/2002/papers/classic-multics.pdf (See {64}. Fundamental security is a matter of will; as such it can only come about through politics.) Google ScholarDigital Library
- Kilgannon, Corey, Noam Cohen, "Cadets Trade the Trenches for Firewalls", New York Times, May 11, 2009, p. A1. http://www.nytimes.com/2009/05/11/technology/11cybergames.html?_r=1Google Scholar
- King, Samuel T., Peter M. Chen, Yi-Min Wang, Chad Verbowski, Helen J. Wang, Jacob Rl Lorch, "SubVirt: implementing malware with virtual machines", IEEE Symposium on Security and Privacy, May 21-24, 2006. Google ScholarDigital Library
- King, Samuel T., Joseph Tucek, Anthony Cozzie, Chris Grier, Weihang Jiang, Yuanyuan Zhou, "Designing and implementing malicious hardware", Proceedings of the First USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET), April 2008. http:// www.usenix.org/event/leet08/tech/full_papers/king/king.pdf Google ScholarDigital Library
- Kohn, Alexander, "Principles and Methods of Obscurantism", CA: A Cancer Journal for Clinicians, Vol. 20, No. 6, 1970, pp 360--364. http://caonline.amcancersoc.org/cgi/reprint/20/6/360.pdfGoogle ScholarCross Ref
- Landau M., R. Stout Jr., "To Manage is Not to Control: or the Folly of Type II Errors", Public Administration Review, March/April 1979, pp 148--156.Google Scholar
- Littlewood, Bev, Sarah Brocklehurst, Norman Fenton, Peter Mellor, Stella Page, David Wright, John Dobson, John Mcdermid, Dieter Gollmann, "Towards Operational Measures of Computer Security", Journal of Computer Security, Vol. 2, 1993, pp. 211--229. http://www.csr.city.ac.uk/people/bev.littlewood/bl_public_papers/Measurement_of_security/Quantitative_security.pdfGoogle ScholarDigital Library
- Littlewood, Bev, Lorenzo Strigini "Validation of ultrahigh dependability for software-based systems", Communications of the ACM, 1993 Vol. 36, pp. 69--80. (One could make the argument that after this citation, there may be nothing left to add on software reliability.) Google ScholarDigital Library
- Loscocco, Peter A., Stephen D. Smalley, Patrick A. Muckelbauer, Ruth C. Taylor, S. Jeff Turner, John F. Farrell "The Inevitability of Failure: The Flawed Assumption of Security in Modern Computing Environments", Proceedings of the 21st National Information Systems Security Conference, 1998. http://www.cs.utah.edu/flux/fluke/html/inevitability.htm (Dinosaur thinking, not without consequences. Trusted platform are a modern reclaiming of the Orange Book's Trusted Path {40}.)Google Scholar
- Mackenzie, Donald, Mechanizing Proof, MIT Press, 2001. Google ScholarDigital Library
- Markoff, John, "Thieves Winning Online War, Maybe in Your PC", The New York Times, December 6, 2008 http://www.nytimes.com/2008/12/06/technology/internet/06security.html?_r=1&partner=rssGoogle Scholar
- Markoff, John, "Vast spy system loots computers in 103 countries, researchers say", Sunday Boston Globe, March 29, 2009 http://www.boston.com/news/world/asia/articles/2009/03/29/vast_spy_system_loots_computers_in_103_countries_researchers_say/Google Scholar
- McLean, John, "A Comments on the 'Basic Security Theorem' of Bell and LaPadula", Information Processing Letters, Vol. 20, 1985, pp. 67--70. Google ScholarDigital Library
- Pfleeger, Charles P., Shari Lawrence Pfleeger, Security In Computing, Prentice Hall, 2007. Google ScholarDigital Library
- Provos, Neils, Moheeb Abu Rajab, Panayiotis Mavrommatis, "Cybercrime 2.0: When the Cloud Turns Dark", CACM Vol 53, No. 4, April 2009. Google ScholarDigital Library
- Quist, Danny, Valsmith, "Covert Debugging: Circumventing Software Armoring Techniques", Black Hat USA, 2007. http://mwdl.offensivecomputing.net/bhusa2007/dquist-valsmith-covert-debugging-paper.pdfGoogle Scholar
- Robin, John Scott, Cynthia E. Irvine, "Analysis of the Intel Pentium's Ability to Support a Secure Virtual Machine Monitor", Proceedings of the 9th USENIX Security Symposium, Denver, CO, August 2000. http://www.cs.nps.navy.mil/people/faculty/irvine/publications/2000/VMM-usenix00-0611.pdf Google ScholarDigital Library
- Roiter, Neil, "Intel Trusted Execution Technology is flawed, Black Hat researchers show", Information Security, Feb 18, 2009. http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1348472,00.htmlGoogle Scholar
- Rolden, Raul, Inez Miyamoto, Tini Leon, "FBI Criminal Investigation: Cisco Routers", FBI, January 11, 2008 http://www.donkeyonawaffle.org/OMB%20briefing%202008%2001%2011%20a.pptGoogle Scholar
- Rowe, Neil C., "A Taxonomy of Deception in Cyberspace", International Conference in Information Warfare and Security, Princess Anne, MD, March 2006. http://faculty.nps.edu/ncrowe/rowe_iciw06.htmGoogle Scholar
- Rutkowska, Joanna, "Introducing Stealth Malware Taxonomy", COSEINC Advanced Malware lab, Version 1.01, November 2006 http://www.invisiblethings.org/papers/malware-taxonomy.pdfGoogle Scholar
- Rutkowska, Joanna, "Beyond the CPU: Defeating Hardware Based RAM Acquistion", Black Hat DC 2007, Feb. 28, 2007 http:// www.blackhat.com/presentations/bh-dc-07/Rutkowska/Presentation/bh-dc-07-Rutkowska-up.pdfGoogle Scholar
- Rutkowska, Joanna, "Thoughts about Trusted Computing", Invisible Things Lab, EuSecWest May 27-28, 2009 http://invisiblethingslab.com/resources/misc09/trusted_computing_thoughts.pdfGoogle Scholar
- Saltzer, J.H., Reed, D.P., Clark, D.D., "End-to-end Arguments in System Design", ACM Transactions on Computer Systems (TOCS), Vol. 2, No. 4, November 1984, pp. 277--288. http://web.mit.edu/Saltzer/www/publications/endtoend/endtoend.pdf Google ScholarDigital Library
- Schaefer, Robert, "The Grand Theory of Everything: What Man-Made Systems Are, and Why They Fail", ACM SIGSOFT Software \ Engineering Notes, Volume 32, Number 4, July 2007. Google ScholarDigital Library
- Schaefer, Robert, "Software Maturity: Design as Dark Art", ACM SIGSOFT Software Engineering Notes, Vol. 34, No. 1, January 2009. Google ScholarDigital Library
- Schneier, Bruce, "CRYPTO-GRAM", March 15, 2009 (See the section "Insiders".) http://www.schneier.com/crypto-gram-0903.htmll#4Google Scholar
- Seuss, Dr., The Sneetches and Other Stories, Random House, 1961.Google Scholar
- Sibert, Olin W., "Malicious Data and Computer Security", Proceedings of the 19th National Information Systems Security Conference, 1996 http://csrc.nist.gov/nissc/1996/papers/NISSC96/paper048/MALDATA.PDF (Quote: "Software developers are responsible for blurring the distinction between programs and data" - Von Neumann is rolling in his grave.).Google Scholar
- Spafford, Eugene H., "Privacy and Security: Answering the Wrong Questions is no Answer", CACM, Vol. 52, No. 6, June 2009. Google ScholarDigital Library
- Staff, "Common Criteria Evaluation and Validation Scheme Validation Report", National Information Assurance Partnership Common Criteria Evaluation and Validation Scheme, BAE Systems Information Technology, LLC XTS-400 / STOP 6.1.E, CCEVS-VR-05 0094, 1 March 2005 http://www.niap-ccevs.org/cc-scheme/st/ST_VID3012-VR.pdfGoogle Scholar
- Stove, David, "What is Wrong with Our Thoughts?", The Plato Cult and Other Philosophical Follies, Ch. 7, Blackwell, 1991 http://web.maths.unsw.edu.au/~jim/wrongthoughts.htmlGoogle Scholar
- Summit, Steve, "Retrospective Karger/Schell paper on Multics Security Evaluation", Forum on Risks to the Public in Computers and Related Systems ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator, Vol. 22, No. 5, Sept. 23, 2002 http://catless.ncl.ac.uk/Risks/22.25.html#subj5Google Scholar
- Talbot, David, "Dissent Made Safer", MIT Technology Review, May/June 2009. http://www.technologyreview.com/computing/22427/Google Scholar
- Thompson, Ken, "Reflections on Trusting Trust", CACM, August 1984, pp. 761--763. Google ScholarDigital Library
- Tzu, Sun, The Art of War, Trans. Thomas Cleary, Shambala, July 2003.Google Scholar
- Wadlow, Thomas, Vlad Gorelik, "Security in the Browser", CACM, Vol.52, No. 5, May 2009. Google ScholarDigital Library
- Wiessman, Clark, "Blacker: Security for the DDN", Proceedings Research in Security and Privacy, 1992, IEEE Computer Society Symposium on Research and Privacy, May 4-6 1992, pp. 286--292. Google ScholarDigital Library
- Wikipedia Contributors, "Biba Model", Wikipedia, The Free Encyclopedia, November 8, 2008 http://en.wikipedia.org/wiki/Biba_ModelGoogle Scholar
- Wikipedia Contributors, "Celestial Emporium of Benevolent Knowledge's Taxonomy", Wikipedia, The Free Encyclopedia, December 14, 2008 http://en.wikipedia.org/wiki/Celestial_Emporium_of_Benevolent_Recognition (References referenced by this reference indicate many ways of misunderstanding. See the non-abridged version: {16}).Google Scholar
- Wikipedia Contributors, "Charles Sanders Peirce", Wikipedia, The Free Encyclopedia, May 9, 2009. http://http://en.wikipedia.org/wiki/Charles_PeirceGoogle Scholar
- Wikipedia Contributors, "Honeypot (computing)", Wikipedia, The Free Encyclopedia, June 9, 2009. http://en.wikipedia.org/wiki/Honeypot_(computing)Google Scholar
- Wikipedia Contributors, "Ladder (Go)", Wikipedia, The Free Encyclopedia, June 4, 2009. http://en.wikipedia.org/wiki/Ladder_(Go)Google Scholar
- Wikipedia Contributors, "Multilevel security", Wikipedia, The Free Encyclopedia, April 2, 2009. http://en.wikipedia.org/wiki/Multilevel_securityGoogle Scholar
- Wikipedia Contributors, " NATO bombing of the People's Republic of China embassy in Belgrade, Wikipedia, The Free Encyclopedia, June 4, 2009 http://en.wikipedia.org/wiki/NATO_bombing_of_the_Chinese_embassy_in_BelgradeGoogle Scholar
- Wikipedia Contributors, "OODA Loop", Wikipedia, The Free Encyclopedia, April 22, 2009. http://en.wikipedia.org/wiki/OODA_LoopGoogle Scholar
- Wikipedia Contributors, "Rootkit", Wikipedia, The Free Encyclopedia, May 27, 2009 http://en.wikipedia.org/wiki/RootkitGoogle Scholar
- Wikipedia Contributors, "Saul_Alinsky", Wikipedia, The Free Encyclopedia, May 23, 2009. http://en.wikipedia.org/wiki/Saul_AlinskyGoogle Scholar
- Wikipedia Contributors, "2005 Sony BMG CD copy protection scandal", Wikipedia, The Free Encyclopedia, April 16, 2009 http://en.wikipedia.org/wiki/2005_Sony_BMG_CD_copy_protection_scandalGoogle Scholar
- Wikipedia Contributors, "Storm botnet", Wikipedia, The Free Encyclopedia, May 13, 2009. http://en.wikipedia.org/wiki/Storm_botnetGoogle Scholar
- Wohlstetter, Albert, Nuclear Heuristics: Selected Writings of Albert and Roberta Wohlstetter, Eds Robert Zarate, Henry D. Sokolski, Strategic Studies Institute, January 26, 2009 http://www.strategicstudiesinstitute.army.mil/pubs/display.cfm?pubid=893 (Also see http://www.pirp.harvard.edu/pubs_pdf/lipscom/lipscom-p79-3.pdf).Google Scholar
- Xu, J., B. Randell, A. Romanovsky, "A Generic Approach to Structuring and Implementing Complex Fault-Tolerant Software", Proceedings of the 5th IEEE International Symposium on Object-Oriented Real-Time Distributed Computing (ISORC 2002), Washington DC, USA, April-May 2002 pp. 207--214. Google ScholarDigital Library
- Yodaiken, Victor, "A short note on secure operating systems, Linux, and the Common Criteria, FSMLabs, Undated http://www.yodaiken.com/papers/wrongthreats.pdfGoogle Scholar
Index Terms
- The epistemology of computer security
Recommendations
Computer security policy: Important issues
A key success factor in implementing computer security is the much discussed and important issue of management commitment. Management commitment is demonstrated through the effective fostering of a computer security policy within the organization. Many ...
Comments