Your search keyword '"Spafford, Eugene H."' showing total 3 results

1. Privacy and Security: Answering the Wrong Questions Is No Answer.

Author

Spafford, Eugene H.

Subjects

*COMPUTER security, *DATA protection, *COMPUTER operating system security measures, *COMPUTER network security

Abstract

In this article the author discusses efforts to build trustworthy computing systems. Attempting to make a computing system secure against all threats is not a realistic goal, the author suggests. Other topics include operating systems with flaws and weak controls adopted due to low cost and convenience and the importance of properly defining a problem related to cyber security and privacy.

Published

2009

2. Tracing Worm Break-In and Contaminations via Process Coloring: A Provenance-Preserving Approach.

Author

Xuxian Jiang, Buchholz, Florian, Walters, Aaron, Dongyan Xu, Yi-min Wang, and Spafford, Eugene H.

Subjects

COMPUTER worms, COMPUTER viruses, COMPUTER security, DATA protection, COMPUTER software, ELECTRONIC data processing

Abstract

To detect and investigate self-propagating worm attacks against networked servers, the following capabilities are desirable: 1) raising timely alerts to trigger a worm investigation, 2) determining the break-in point of a worm, i.e., the vulnerable service from which the worm infiltrates the victim, and 3) identifying all contaminations inflicted by the worm during its residence in the victim. In this paper, we argue that the worm break-in provenance information has not been exploited in achieving these capabilities and thus propose process coloring, a new approach that preserves worm break-in provenance information and propagates it along operating- system-level information flows. More specifically, process coloring assigns a `color," a unique systemwide identifier, to each remotely accessible server process. The color will be either inherited by spawned child processes or diffused transitively through process actions. Process coloring achieves three new capabilities: color-based worm warning generation, break-in point identification, and log file partitioning. The virtualization-based implementation enables more tamper-resistant log collection, storage, and real-time monitoring. Beyond the overhead introduced by virtualization, process coloring only incurs very small additional system overhead. Experiments with real-world worms demonstrate the advantages of processing coloring over non-provenance-preserving tools. [ABSTRACT FROM AUTHOR]

Published

2008

3. Risks of Total Surveillance.

Author

Simons, Barbara and Spafford, Eugene H.

Subjects

*ACCESS control of public records, *PUBLIC administration, *INFORMATION resources management, *KNOWLEDGE management, *INFORMATION technology, *DATA protection, *DATABASES

Abstract

The U.S. Public Policy Committee of the ACM (USACM) is concerned the proposed Total Information Awareness (TIA) Program, sponsored by the Defense Advanced Research Projects Agency, will fail to achieve its stated goal of countering terrorism through prevention. Further, we believe the vast amount of information and misinformation collected by any system resulting from this program is likely to be misused to the detriment of many innocent American citizens. Because of serious security, privacy, and personal risks associated with the development of any vast database surveillance system, we recommend a rigorous independent review of TIA. Such a review should include an examination of the technical feasibility and practical reality of the entire program.

Published

2003