Proceedings
`
`1997 IEEE Symposium on
`Security and Privacy
`
`May 4-7, 1997
`Oakland, California
`
`Sponsored by
`IEEE Computer Society Technical Committee
`on Security and Privacy
`
`In cooperation with
`International Association of Cryptologic Research (IACR)
`
`IEEE Computer Society Press
`Los Alamitos, California
`Washington
`Brussels
`
`0
`
`Tokyo
`
`Apple Inc. Exhibit 1027 Page 1
`
`
`
`1997 IEEE Symposium on
`Security and Privacy
`
`May 4-7, 1997
`Oakland, California
`
`Sponsored by
`IEEE Computer Society Technical Committee
`on Security and Privacy
`
`In cooperation with
`International Association of Cryptologic Research (IACR)
`
`IEEE Computer Society Press
`Los Alamitos, California
`Washington
`Brussels
`
`0
`
`Tokyo
`
`Apple Inc. Exhibit 1027 Page 1
`
`
`
`IEEE Computer Society Press
`10662 Los Vaqueros Circle
`P.O.Box 3014
`Los Alamitos, CA 90720-1 264
`
`Copyright 0 1997 by The Institute of Electrical and Electronics Engineers, Inc.
`All rights reserved.
`
`Copyright and Reprint Permissions: Abstracting is permitted with credit to the source. Libraries may
`photocopy beyond the limits of US copyright law, for private use of patrons, those articles in this volume
`that carry a code at the bottom of the first page, provided that the per-copy fee indicated in the code is paid
`through the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01 923.
`
`Other copying, reprint, or republication requests should be addressed to: IEEE Copyrights Manager, IEEE
`Service Center, 445 Hoes Lane, P.O. Box 1331, Piscataway, NJ 08855-1331.
`
`The papers in this book comprise the proceedings of the meeting mentioned on the cover and title page. They
`reflect the authors’ opinions and, in the interests of timely dissemination, are published as presented and
`without change. Their inclusion in this publication does not necessarily constitute endorsement by the
`editors, the IEEE Computer Society Press, or the Institute of Electrical and Electronics Engineers, Inc.
`
`I
`
`9 7CB3 6 0 9 7
`IEEE Catalog Number
`(softbound)
`ISBN 0-8186-7828-3
`(casebound)
`0-7803-4159-7
`ISBN
`(microfiche)
`0-8186-7830-5
`ISBN
`1081-6011
`ISSN:
`
`IEEE Computer Society Press
`Customer Service Center
`10662 Los Vaqueros Circle
`P.O. Box 3014
`Los Alamitos, CA 90720-1314
`Tel: +1-7 14-82 1-8380
`Fax: +1-714-821-4641
`Email: cs.books @ computer.org
`
`Additional copies may be ordered from:
`
`IEEE Service Center
`445 Hoes Lane
`P.O. Box 1331
`Piscataway, NJ 08855-1331
`Tel: +1-908-981-1393
`Fax: +1-908-981-9667
`misc.custserv@computer.org
`
`IEEE Computer Society
`13, Avenue de 1’Aquilon
`B-1200 Brussels
`BELGIUM
`Tel: +32-2-770-2198
`Fax: +32-2-770-8505
`euro.ofc@computr.org
`
`IEEE Computer Society
`Ooshima Building
`2-19-1 Minami-Aoyama
`Minato-ku, Tokyo 107
`JAPAN
`Tel: +81-3-3408-3118
`Fax: +81-3-3408-3553
`tokyo.ofc @computer.org
`
`Editorial production by Penny Storms
`Cover by Joseph Daigle / Studio Productions
`Printed in the United States of America by The Printing House
`
`The Institute of Electrical and Electronics Engineers, Inc.
`
`Apple Inc. Exhibit 1027 Page 2
`
`
`
`Table of Contents
`
`1997 IEEE SYMPOSIUM ON SECURITY AND PRIVACY
`Message from the Program Chairs ......................................................................................
`Conference Committee .............................................................................................................
`I Panemebate
`
`...
`vlii
`ix
`
`Opposed:
`
`Moderator:
`Arguing in favor:
`
`John D. McLean, Naval Research Laboratory
`Lead: Bob Blakley, IBM
`Second: Darrell Kienzle, University of Virginia
`Lead: William R. Shockley, Consultant
`Second: James P. Downey, Naval Postgraduate School
`Is the Trusted Computing Base Concept Fundamentally Flawed?. ...........................................
`J. McLean
`Some Weaknesses of the TCB Model .............................................................................................
`B. Blakley and D.M. Kienzle
`Is the Reference Monitor Concept Fatally Flawed? The Case for the Negative .........................
`W.R. Shockley and J.P. Downey
`
`.2
`
`3
`
`6
`
`Toward Acceptable Metrics of Authentication.. ..........................................................................
`M.K. Reiter and S.G. Stubblebine
`An Authorization Scheme for Distributed Object Systems ........................................................
`V. Nicomette and Y. Deswarte
`A Logical Language for Expressing Authorizations ...................................................................
`S. Jajodia, P. Samarati, and V.S. Subrahmanian
`I Applications
`Anonymous Connections and Onion Routing .............................................................................
`P.F. Syverson, D.M. Goldschlag, and M.G. Reed
`The Design and Implementation of a Multilevel Secure Log Manager ....................................
`V.R. Pesati, T.F. Keefe, and S. Pal
`A Secure and Reliable Bootstrap Architecture ........................................................................... 65
`A. Arbaugh, D. J. Farber, and J.M. Smith
`An MBone Proxy for an Application Gateway Firewall .............................................................
`K. Djahandari and D. Sterne
`
`10
`
`21
`
`31
`
`I
`
`44
`
`55
`
`72
`
`Secure Software Architectures ....................................................................................................
`M. Moriconi, X. Qian, R.A. Riemenschneider, and L. Gong
`A General Theory of Security Properties ....................................................................................
`94
`A. Zakinthinos and E.S. Lee
`Analyzing Consistency of Security Policies ............................................................................... 103
`L. Cholvy and F. Cuppens
`
`84
`
`V
`
`Apple Inc. Exhibit 1027 Page 3
`
`
`
`I Panel: Ensuring Assurance in Mobile Computing
`
`Marvin Schaefer, Arca Systems
`Moderator:
`Panel Members: Sylvan Pinsky, National Security Agency
`Drew Dean, Princeton University
`Li Gong, JavaSoft
`J i m Roskind, Netscape
`Barbara Fox, Microsoft
`Ensuring Assurance in Mobile Computing ............................................................................... 114
`M. Schaefer, S. Pinsky, D. Dean, L. Gong, J. Roskind, and B. Fox
`I
`I Architectures
`Filtering Postures: Local Enforcement for Global Policies ......................................................
`J.D. Guttman
`Providing Flexibility in Information Flow Control for Object-Oriented Systems .................. 130
`E. Ferrari, P. Samarati, E. Bertino, and S. Jajodia
`Automated Analysis of Cryptographic Protocols Using Mur cp .................................................
`J.C. Mitchell, M. Mitchell, and U. Stern
`
`141
`
`120
`
`1
`
`[Intrusion Detection and Beyond
`How to Systematically Classify Computer Security Intrusions ..............................................
`U. Lindqvist and E. Jonsson
`Surviving Information Warfare Attacks on Databases ............................................................
`P. Ammann, S. Jajodia, C.D. McCollum, and B.T. Blaustein
`Execution Monitoring of Security-Critical Programs in a Distributed
`Systems: A Specification-Based Approach ................................................................................
`C. KO, M. Ruschitzka, and K. Levitt
`Catalytic Inference Analysis: Detecting Inference Threats due to Knowledge
`Discovery ..................................................................................................................................... 188
`J. Hale and S. Shenoi
`I Panel: Security in Innovative New Operating Systems
`
`154
`
`164
`
`175
`
`Cynthia E. Irvine, Naval Postgraduate School
`Moderator:
`Panel Members: Brian Bershad, University of Washington (Spin Project)
`Frans Kaashoek, MIT (Exokernel Project)
`Jay Lepreau, University of Utah (Flux Project)
`George Necula, Carnegie Mellon University (Fox Project)
`Larry Peterson, University of Arizona (Scout Project)
`Security in Innovative New Operating Systems ...................................................................... 202
`C.E. Irvine
`Research on Proof-Carrying Code for Untrusted-Code Security .............................................
`G. Necula and P. Lee
`Access Control for the SPIN Extensible Operating System .....................................................
`R. Grimm and B.N. Bershad
`Escort: Securing Scout Paths .....................................................................................................
`0. Spatscheck and L. Peterson
`
`204
`
`205
`
`206
`
`vi
`
`Apple Inc. Exhibit 1027 Page 4
`
`
`
`[System Vulnerabilities
`Analysis of a Denial of Service Attack on TCP .........................................................................
`C.L. Schuba, I.V. Krsul, M.G. Kuhn, E.H. Spafford,
`A. Sundaram, and D. Zamboni
`Deniable Password Snatching: On the Possibility of Evasive Electronic
`Espionage ....................................................................................................................................
`A. Young and M. Yung
`Number Theoretic Attacks on Secure Password Schemes .......................................................
`S. Pate1
`
`~
`
`I
`
`208
`
`224
`
`236
`
`Author Index ............................................................................................................................
`
`249
`
`vii
`
`Apple Inc. Exhibit 1027 Page 5
Accessing this document will incur an additional charge of $.
After purchase, you can access this document again without charge.
Accept $ Charge
Still Working On It
This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.
Give it another minute or two to complete, and then try the refresh button.
A few More Minutes ... Still Working
It can take up to 5 minutes for us to download a document if the court servers are running slowly.
Thank you for your continued patience.
This document could not be displayed.
We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.
Your account does not support viewing this document.
You need a Paid Account to view this document. Click here to change your account type.
Your account does not support viewing this document.
Set your membership
status to view this document.
With a Docket Alarm membership, you'll
get a whole lot more, including:
- Up-to-date information for this case.
- Email alerts whenever there is an update.
- Full text search for other cases.
- Get email alerts whenever a new case matches your search.
One Moment Please
The filing “” is large (MB) and is being downloaded.
Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.
Your document is on its way!
If you do not receive the document in five minutes, contact support at support@docketalarm.com.
Sealed Document
We are unable to display this document, it may be under a court ordered seal.
If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.
Access Government Site
