Reading list for System Security qual

Last updated: 4/26/2003

Books:

Kaufman, Perlman, Speciner, Network Security, 2nd edition.

Bishop, Computer Security art and science. Chapters 2, 4-7, 12, 13, 15, 17, 23-29

Papers:

Using Programmer-Written Compiler Extensions to Catch Security Holes, Ken Ashcraft, Dawson Engler, in IEEE Security and Privacy 2002

Paxson, Bro: A System for Detecting Network Intruders in Real-Time. Proc. 7th USENIX Security Symposium, San Antonio, TX, January 1998.

Dan Wallach, Edward Felten, Understanding Java Stack Inspection, Proc. 1998 IEEE Symposium on Security and Privacy, May 1998, pp. 52-63.

Buffer Overflows: Attacks and Defenses for the Vulnerability of the Decade, Crispin Cowan, et al. http://www.cse.ogi.edu/~crispin/discex00.pdf

A secure environment for untrusted helper applications: confining the wily hacker. Ian Goldberg, David Wagner, Randi Thomas, and Eric A. Brewer. 1996 USENIX Security Symposium.

Ron Rivest, Cryptography. Handbook of Theoretical Computer Science, Volume A, pp. 717-755

Papers from OS and NDS area relevant to security:

Saltzer, Jerome H., "The Protection of Information in Computer Systems," Proceedings of the IEEE, Vol. 63, No. 9 (September 1975), pp. 1278-1308.

Denning, D.E. and Denning, P.J., "Data Security," Computing Surveys, Vol. 11, No. 3 (September 1979), pp. 227-249.

Needham, R.M. and Schroeder, M.D., "Using Encryption for Authentication in Large Networks of Computers," Communications of the ACM, Vol. 21, No. 12 (December 1978), pp. 993-999.

Steiner, J.G., Neuman, C., and Schiller, J.I., "Kerberos: An Authentication Service for Open Network Systems," USENIX Winter Conference Proceedings, February 1988, pp. 191-202.

Burrows, M., Abadi, M., and Needham, R., "A Logic of Authentication," ACM Transactions on Computer Systems, Vol. 8, No. 1 (February 1990), pp. 18-36.

Lampson, B., Abadi, M., Burrows, M., and Wobber, E., "Authentication in Distributed Systems: Theory and Practice," Proceedings of the Thirteenth ACM Symposium on Operating Systems Principles, Operating Systems Review, Vol. 25, No. 5, Pacific Grove, California, October 1991, pp. 165-182.

Morris, R., and Thompson, K., "Password Security: A Case History," Communications of the ACM, Vol. 22, No. 11, November 1979, pp. 594-597.

Butler W. Lampson, "A Note on the Confinement Problem," Communications of the ACM, Vol. 16, No. 10, October 1973, pp.613-615.

Thompson, K., "Reflections on Trusting Trust," Communication of the ACM, Vol. 27, No. 8, August 1984, pp. 761-763.

S. M. Bellovin and M. Merritt, "Limitations of the Kerberos Protocol." Computer Comm. Review, vol. 20, no. 5, October 1990.

Efficient Software-Based Fadlt Isolation R Wahbe, S Lucco, T E Anderson and S L Graham, ACM SIGOPS Operating Systems Review, Vol 27, No 5, Dec 1993, pp 203-216.