15. ACSAC 1999: Phoenix, Arizona, USA

@proceedings{DBLP:conf/acsac/1999,
  title     = {15th Annual Computer Security Applications Conference (ACSAC
               1999), 6-10 December 1999, Scottsdale, AZ, USA},
  booktitle = {ACSAC},
  publisher = {IEEE Computer Society},
  year      = {1999},
  isbn      = {0-7695-0346-2},
  bibsource = {DBLP, http://dblp.uni-trier.de}
}

Distinguished Lecture

• Ross J. Anderson:
  How to Cheat at the Lottery (or, Massively Parallel Requirements Engineering). 1-
  

Electronic Commerce

• Holger Vogt, Henning Pagnia, Felix C. Gärtner:
  Modular Fair Exchange Protocols for Electronic Commerce. 3-11
  
• Tim Wilkinson, Dave Hearn, Simon R. Wiseman:
  Trustworthy Access Control with Untrustworthy Web Servers. 12-21
  
• Alexander W. Röhm, Gaby Herrmann, Günther Pernul:
  A Language for Modeling Secure Business Transactions. 22-
  

System Engineering

• André L. M. dos Santos, Richard A. Kemmerer:
  Safe Areas of Computation for Secure Computing with Insecure Applications. 35-44
  
• Jeremy Epstein:
  Architecture and Concepts of the ARGuE Guard. 45-54
  
• John P. McDermott, Chris Fox:
  Using Abuse Case Models for Security Requirements Analysis. 55-
  

Networks

• Carsten Benecke:
  A Parallel Packet Screen for High Speed Networks. 67-74
  
• Olivier Paul, Maryline Laurent, Sylvain Gombault:
  An Asynchronous Distributed Access Control Architecture for IP over ATM Networks. 75-83
  
• Maryline Laurent, Ahmed Bouabdallah, Christophe Delahaye, Herbert Leitold, Reinhard Posch, Enrique Areizaga, Juàn Manuel Mateos:
  Secure Communications in ATM Networks. 84-
  

Panel Session: The Collection and Use of Meaningful Red Team Metrics

Security Analysis

• Stephen H. Brackin:
  Using Checkable Types in Automatic Protocol Analysis. 99-108
  
• James Kirby, Myla Archer, Constance L. Heitmeyer:
  SCR: A Practical Approach to Building a High Assurance COMSEC System. 109-118
  
• Amgad Fayad, Sushil Jajodia, Catherine D. McCollum:
  Application-Level Isolation Using Data Inconsistency Detection. 119-
  

Workflow

• Douglas L. Long, Julie Baker, Francis Fung:
  A Prototype Secure Workflow Server. 129-133
  
• Charles N. Payne, D. J. Thomsen, J. Bogle, Richard C. O'Brien:
  Napoleon: A Recipe for Workflow. 134-142
  
• Myong H. Kang, Brian J. Eppinger, Judith N. Froscher:
  Tools to Support Secure Enterprise Computing. 143-
  

Crypto

• Stephen M. Matyas, Allen Roginsky:
  An Effective Defense Against First Party Attacks in Public-Key Algorithms. 155-160
  
• Jared Karro, Jie Wang:
  Towards a Practical, Secure, and Very Large Scale Online Election. 161-169
  
• Richard E. Newman, Mark V. Hoyt, Tim Swanson, Phillipe Broccard, Mark Sanders, Joe Winner:
  Design of LAN-Lock, A System for Securing Wireless Networks. 170-
  

Panel Session: Composition Problems of Component TOEs - Entrust, Oracle, and Windows NT/2000

Security Services

• Cynthia E. Irvine, Timothy E. Levin:
  Toward a Taxonomy and Costing Method for Security Services. 183-188
  
• Pietro Iglio:
  TrustedBox: A Kernel-Level Integrity Checker. 189-198
  
• Arianna Arona, Danilo Bruschi, Emilia Rosti:
  Adding Availability to Log Services of Untrusted Machines. 199-
  

Security Policy

• Susan Hinrichs:
  Policy-Based Management: Bridging the Gap. 209-218
  
• John Hale, Pablo Galiasso, Mauricio Papa, Sujeet Shenoi:
  Security Policy Coordination for Heterogeneous Information Systems. 219-228
  
• Ravi S. Sandhu, Qamar Munawer:
  The ARBAC99 Model for Administration of Roles. 229-
  

Public Key Infrastructures

• Rolf Oppliger, Andreas Greulich, Peter Trachsel:
  A Distributed Certificate Management System (DCMS) Supporting Group-Based Access Controls. 241-248
  
• Selwyn Russell:
  Fast Checking of Individual Certificate Revocation on Small Systems. 249-255
  
• David A. Cooper:
  A Model of Certificate Revocation. 256-
  

Forum

• Blaine Burnham, Cynthia E. Irvine, Charles Reynolds, Ravi S. Sandhu, Rayford B. Vaughn:
  Information Security Education for the Next Millennium: Building the Next Generation of Practitioners (Forum). 265-
  

Public Key Infrastructures

• Shabnam Erfani, C. Sekar Chandersekaran:
  Generic Support for PKIX Certificate Management in CDSA. 269-275
  
• Marco Prandini:
  Efficient Certificate Status Handling Within PKIs: An Application to Public Administration Services. 276-
  

Mobile Code

• Charlie Lai, Li Gong, Larry Koved, Anthony J. Nadalin, Roland Schemers:
  User Authentication and Authorization in the Java(tm) Platform. 285-290
  
• Marcus Oestreicher:
  Transactions in Java Card. 291-
  

Panel Session

• Scott Charney, Ellie Padgett, Mark Rasch, John Thomas:
  Legal and Technical Responses to Protecting the U. S. Critical Infrastructures (Panel). 299-
  

Middleware

• Mahesh V. Tripunitara, Partha Dutta:
  A Middleware Approach to Asynchronous and Backward Compatible Detection and Prevention of ARP Cache Poisoning. 303-309
  
• Konstantin Beznosov, Yi Deng, Bob Blakley, C. Burt, John F. Barkley:
  A Resource Access Decision Service for CORBA-Based Distributed Systems. 310-319
  
• Michael Wichert, David B. Ingham, Steve J. Caughey:
  Non-repudiation Evidence Generation for CORBA using XML. 320-
  

Security Architectures

• Wenliang Du, Praerit Garg, Aditya P. Mathur:
  Security Relevancy Analysis on the Registry of Windows NT 4.0. 331-340
  
• Richard B. Neely:
  Security Architecture Development and Results for a Distributed Modeling and Simulation System . 341-348
  
• John G. Brainard:
  SecurSight: An Architecture for Secure Information Access. 349-
  

Intrusion Detection

• Heather M. Hinton, Crispin Cowan, Lois M. L. Delcambre, Shawn Bowers:
  SAM: Security Adaptation Manager . 361-370
  
• Chris Sinclair, Lyn Pierce, Sara Matzner:
  An Application of Machine Learning to Network Intrusion Detection. 371-377
  
• Nittida Nuansri, Samar Singh, Tharam S. Dillon:
  A Process State-Transition Analysis and Its Application to Intrusion Detection. 378-388