We propose a new distributed security infrastucture, called SDSI (pronounced “Sudsy”). SDSI combines a simple public-key infrastructure design with a means of defining groups and issuing group-membership certificates. SDSI’s groups provides simple, clear terminology for defining access-control lists and security policies. SDSI’s design emphasizes linked local name spaces rather than a hierarchical global name space.

Our motivation is the notion of “time-released crypto”, where the goal is to encrypt a message so that it can not be decrypted by anyone, not even the sender, until a pre- determined amount of time has passed. The goal is to “send information into the future”. This problem was first discussed by Timothy May.

Key management schemes implemented in tamper-proof secure modules are an essential feature of cryptographic systems applied to networks. Such systems must have sufficient functionality to meet the demands of users but at the same time they must not be capable of successful manipulation aimed at an attack on the system. This paper describes a PROLOG program which seeks security flaws in models of such schemes, and hence enhances the assurance provided by the designer on the security of the system. The PROLOG program extensively searches for potential attacks in a simple rule-based modle of of the system; it is suggested that this program is capable of extended operations in other areas when security or safety flaws are to be investigated.

A model of a real-time intrusion-detection expert system capable of detecting break-ins, penetrations, and other forms of computer abuse is described. The model is based on the hypothesis that security violations can be detected by monitoring a system’s audit records for abnormal patterns of system usage. The model includes profiles for representing the behavior of subjects with respect to objects in terms of metrics and statistical models, and rules for acquiring knowledge about the behavior from audit records and for detecting anomalous behavior. The model is independent of any particular system, application environment, system vulnerability, or type of intrusion, thereby providing a framework for a general-purpose intrusion detection expert system.

Recently, an information security professional at a Fortune 500 corporation called the CSI Hotline and asked, “Should I be thinking about electronic commerce?” What should I be concerned with?” The short answer to the first question is “Yes”, the short answer to the second question is “Plenty”. Here’s a little background to get you up to speed. In “Industry in Focus”, Mack Hicks, Vice-President of Bank of America (San Francisco) offers further insight on the future of secure electronic commerce.

In 1990 Rivest introduced the hash function MD4. Two years later RIPEMD, a European proposal, was designed as a stronger mode of MD4. Recently we have found an attack against two of three rounds of RIPEMD. As we shall show in the present note, the methods developed to attack RIPEMD can be modified and supplemented such that it is possible to break the full MD4, while previously only partial attacks were known. An implementation of our attack allows to find collisions for MD4 in less than a minute on a PC.

Computer break-ins are getting more common every day. Log files and even program binaries are changed, making it very hard for the system administratiors to assess the damage and track down the intruders. This paper describes the “modus operandi” of hackers based on mulitiple hacking attempts that occurred during this year at some department computers. Special attention is paid to the methods they use to break into computer systems and what they do once they are in.

Exsisting security mechanisms protect computers and networks from unauthorized use through access controls, such as passwords. However, if these access controls are compromised or can be bypassed, an abuser may gain unauthorized access an thus can cause great damage and disruption to systems operation. Modes of protection can be devised against this, however, an intruder is likely to exhibit behavior patterns different than that of a legitimate user. While many systems collect audit data, most do not have any capability for automated analysis of that data. Moreover, those that do collect audit data generally collect large volumes of data that are not necessarily security relevant. Thus, for security analysis, a security officer (SO) must wade through stacks of printed output of audit data. Thus, the capability for automated security analysis of audit trails is needed. The Next-generation Intrusion-Detection Expert System (NIDES) is the result of research that started in the Computer Science Laboratory at SRI International in the early 1980’s and led to a series of increaslingly sophisticated prototypes that resulted in the current NIDES Beta release. The current version, described in this final report and in greater detail in [1,2,3], is designed to operate in real time to detect instruions as they occur. NIDES is a comprehensive system that uses innovative statistical algorithms for anomaly detection, as well as an expert system that encodes known intrusion scenarios.

This report describes a formal security policy model for a secure relational database system.  This model is intended to meet the formal model requirement specified in the DoD Trusted Computer System Evaluation criteria.  The model is formulated in two layers, one corresponding to a reference monitor that enforces mandatory security, and the second defining multilevel relations and formalizing policies for labeling new and derived data, data consistency, discretionary security, and transaction consistency.  The development of a formal security policy model is the second task of the SeaView project to design a multilevel secure database system meeting the Criteria for Class A1.