Computer security professionals and researchers do not have a history of sharing and analyzing computer vulnerablility information. Scientists and engineers from older or more established fields have long understood that publicizing, analyzing, and learning from other people’s mistakes is essential to the stepwize refinement of complex systems. Computer scientists, however, have not followed suit. Programmers reinvent classical programming mistakes, contributing to the reappearance of known vulnerabilities. In the recent past, computer systems have come to be a part of critical systems that have a direct effect on the safety and well-being of human beings and hence we must have lower tolerance for software failures. In the dissertation I will attempt to show that computer vulnerability information presents important regularities and these can be detected, and possibly visualized, providing important insight about the reason of their prevalence and existence. The information derived from these observations could be used to improve on all phases of the development of software systems, as could be in the design, development, debugging, testing and maintenance of complex computer systems that must implement a set of policies defined by security analysis. A significant portion of the work that must be performed will concentrate on the development of classifications and taxonomies that will permit the visualizations and analysis of computer vulnerability information. I hope that these classifications and taxonomies applied to a collection of vulnerabilities will provide a set of features whose analysis will show that there are clear statistical clusterings and patterns caused because developers and programmers are not learning from each others mistakes. This analysis may be performed by applying statistical analysis and knowledge discovery tools.

Encryption plays an essential role in protecting the privacy of electronic information against threats from a variety of potential attackers. In so doing, modern cryptography employs a combination of conventional or symmetric cryptographic systems for encrypting data and public key or asymmetric systems for managing the keys used by the symmetric systems. Assessing the strength required of the symmetric cryptographic systems is therefore an essential step in employing cryptography for computer and communication security. Technology readily available today (late 1995) makes brute-force attacks against crypto- graphic systems considered adequate for the past several years both fast and cheap. General purpose computers can be used, but a much more efficient approach is to employ commercially available Field Programmable Gate Array (FPGA) technology. For attackers prepared to make a higher initial investment, custom-made, special-purpose chips make such calculations much faster and significantly lower the amortized cost per solution. As a result, cryptosystems with 40-bit keys offer virtually no protection at this point against brute-force attacks. Even the U.S. Data Encryption Standard with 56-bit keys is increasingly inadequate. As cryptosystems often succumb to ‘smarter’ attacks than brute force key search, it is also important to remember that the keylengths discussed here are the minimum needed for security against the computational threats considered. Fortunately, the cost of very strong encryption is not significantly greater than that of weak encryption. Therefore, to provide adequate protection against the most serious threats - well-funded commercial enterprises or government intelligence agencies - keys used to protect data today should be at least 75 bits long. To protect information adequately for the next 20 years in the face of expected advances in computing power, keys in the newly-deployed systems should be at least 90 bits long.

We present a service for locating and retrieving files from an untrusted network such that the integrity of the retrieved files can be verified. This service enables groups of people in geographically remote locations to share files using an untrusted network. For example, distribution of an organization’s software to all the organization’s sites can be accomplished using the service. Distribution of files in an untrusted network is complicated by two issues: (1) location of files and (2) verification of file integrity. Ftp and World-Wide-Web (WWW) services require some user intervention to locat a file, so they cannot be embedded in automated systems. Distributed systems have mechanisms for automated file location and retrieval, but they require trust in all system principals and do not provide an appropriate balance between availability of files and retrieval cost for our applications. Verification of the integrity of a file retrieved from an untrusted network is necessary because the file is subject to malicious modification attacks. Our service provides the capability to automatically locate, retrieve, and verify files specified by a client using a single trusted principal. We demonstrate our service by building a system when needed.

We propose a simple scheme, based on secret sharing over large-scale networks, for assuring recoverability of sensitive archived data(e.g., cryptographic keys). In our model anyone can request a copy of the archived data but it is very difficult to keep the existence of a request secret or to subvert the access policy of the data “owner”. We sketch an architecture for such a system that might be suitable for deplyment over very large-scale networks such as the Internet.

The TCP/IP protocol suite, which is very widely used today, was developed under the sponsorship of the Department of Defense. Despite that, there are a number of serious security flaws inherent in the protocols, regardless of the correctness of any implementations. We describe a variety of attacks based on these flaws, including sequence number spoofing, routing attacks, source address spoofing, and authentication attacks. We also present defenses against these attacks, and conclude with a discussion of broad-spectrum defenses such as encryption.

This document is a report on an Internet architecture workshop, initiated by the IAB and held at USC Information Sciences Institute on Feb 8-10, 1994. This workshop generally focused on security issues in the Internet architecture. This document should be regarded as a set of working notes containing ideas about security that were developed by Internet experts in a broad spectrum of areas, including routing, mobility, realtime service, and provider requirements, as well as security. It contains some significant diversity of opinions on some important issues. This memo is offered as one input in the process of developling viable security mechanisms and procedures for the Internet.

Recent anecdotal reports of novel principles of illumination have stressed qualitative aspects. This note presents a quantitative study of an organic illumination system, characterizing the temperature and current-flow properties of the system as functions of time and device parameters. Theoretical and practical implications of these measurements are discussed.

Management is often dissatisfied with the performance of many information security efforts. After investment of considerable resources, and prolonged waiting for results, many efforts can demonstrate little if any significant improvement. This is largely due to a lack of planning. Many efforts lack explicitly articulated plans as well as specific performance milestones. Although many are loathe to admit it, information security efforts at many organizations lack formal planning and performance monitoring….. This article examines why information security efforts are often ineffective and why more formal planning efforts can alleviate this condition. It discusses tools best usedto prepare an action plan for information security and gives some tips on how to sell such a plan to management. Also discussed are organizational design, policies, standards, and guidelines and other elements of a foundation that is required if an effective information security planning process is to be sustained. The article dwells on the establishment of a context for effective information security planning.

Money wants to be anonymous and that’s just the first rule of a brave new electronic society, says David Chaum, the guru of digital cash. If he has his way, checks and coins will be obsolete and you’ll e-mail your kids their allowance.

NetRanger is a real-time security management system that detects, analyzes responds to, and dtecs unauthorized network activity. The NetRanger architectrue supports large-scale information protection via centralized monitoring and management of remote dynamic packet filtering devices that plug into networks. Communication is maintained via WheelGroup Corporation’s (WGC) proprietary secure communications architecture. Network activity can also be logged for more in-depth analysis.

Electronic commerce presents a number of seemingly contradictory requirements. On the one hand, we must be able to account for funds and comply with laws requiring disclosure of certain sorts of transaction information (e.g., taxable transactions, transactions of more than $10,000). On the other hand, it is often socially desirable to limit exposer of transaction information to protect the privacy of the participants. In this thesis, I address the following issues:
  *I develop a new analysis technique for measuring the exposure of transaction
  information
  *I analyze various privacy and disclosure configurations to determine which
  are technically feasible and which are logically impossible.
  *I apply this analysis to the Information Networking Institute’s proposed
  “NetBill” billing server protocol.
  *I consider the use of intermediary agents to protect anonymity and the
  implications of various arrangements of intermediaries.
  *I develop an encoding technique that can reveal the order of magnitude of
  a transaction without revealing the exact value of the transaction itself.