Search

Your search keyword '"Levitt, Karl N."' showing total 100 results
Start Over Author "Levitt, Karl N."
100 results on '"Levitt, Karl N."'

1. Security Policy Specification Using a Graphical Approach

Author

Hoagland, James A., Pandey, Raju, and Levitt, Karl N.

Subjects
Computer Science - Cryptography and Security, c.2.0, D.4.6
Abstract

A security policy states the acceptable actions of an information system, as the actions bear on security. There is a pressing need for organizations to declare their security policies, even informal statements would be better than the current practice. But, formal policy statements are preferable to support (1) reasoning about policies, e.g., for consistency and completeness, (2) automated enforcement of the policy, e.g., using wrappers around legacy systems or after the fact with an intrusion detection system, and (3) other formal manipulation of policies, e.g., the composition of policies. We present LaSCO, the Language for Security Constraints on Objects, in which a policy consists of two parts: the domain (assumptions about the system) and the requirement (what is allowed assuming the domain is satisfied). Thus policies defined in LaSCO have the appearance of conditional access control statements. LaSCO policies are specified as expressions in logic and as directed graphs, giving a visual view of policy. LaSCO has a simple semantics in first order logic (which we provide), thus permitting policies we write, even for complex policies, to be very perspicuous. LaSCO has syntax to express many of the situations we have found to be useful on policies or, more interesting, the composition of policies. LaSCO has an object-oriented structure, permitting it to be useful to describe policies on the objects and methods of an application written in an object-oriented language, in addition to the traditional policies on operating system objects. A LaSCO specification can be automatically translated into executable code that checks an invocation of a program with respect to a policy. The implementation of LaSCO is in Java, and generates wrappers to check Java programs with respect to a policy., Comment: 28 pages, 22 figures, in color (but color is not essential for viewing); UC Davis CS department technical report (July 22, 1998)

Published
1998

2. Optimal Cost, Collaborative, and Distributed Response to Zero-Day Worms - A Control Theoretic Approach

Author

Cheetancheri, Senthilkumar G., Agosta, John-Mark, Levitt, Karl N., Wu, Felix, Rowe, Jeff, Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Doug, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, Lippmann, Richard, editor, Kirda, Engin, editor, and Trachtenberg, Ari, editor

Published
2008
Full Text
View/download PDF

3. Formal Reasoning About a Specification-Based Intrusion Detection for Dynamic Auto-configuration Protocols in Ad Hoc Networks

Author

Song, Tao, Ko, Calvin, Tseng, Chinyang Henry, Balasubramanyam, Poornima, Chaudhary, Anant, Levitt, Karl N., Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Nierstrasz, Oscar, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Sudan, Madhu, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Dough, Series editor, Vardi, Moshe Y., Series editor, Weikum, Gerhard, Series editor, Dimitrakos, Theo, editor, Martinelli, Fabio, editor, Ryan, Peter Y. A., editor, and Schneider, Steve, editor

Published
2006
Full Text
View/download PDF

4. Learning Unknown Attacks — A Start

Author

Just, James E., Reynolds, James C., Clough, Larry A., Danforth, Melissa, Levitt, Karl N., Maglich, Ryan, Rowe, Jeff, Goos, Gerhard, editor, Hartmanis, Juris, editor, van Leeuwen, Jan, editor, Wespi, Andreas, editor, Vigna, Giovanni, editor, and Deri, Luca, editor

Published
2002
Full Text
View/download PDF

11. Network intrusion detection

Author

Mukherjee, Biswanath, Heberlein, L. Todd, and Levitt, Karl N.

Subjects
Network management systems -- Safety and security measures
Published
1994

15. MCF: a malicious code filter

Author

Lo, Raymond W., Levitt, Karl N., and Olsson, Ronald A.

Subjects
Data security -- Methods, Computer viruses -- Prevention, Software protection -- Methods
Published
1995

17. Toward a formal verification of a floating-point coprocessor and its composition with a central processing unit

Author

Pan, Jing, Levitt, Karl N, and Cohen, Gerald C

Subjects
Computer Systems
Abstract

Discussed here is work to formally specify and verify a floating point coprocessor based on the MC68881. The HOL verification system developed at Cambridge University was used. The coprocessor consists of two independent units: the bus interface unit used to communicate with the cpu and the arithmetic processing unit used to perform the actual calculation. Reasoning about the interaction and synchronization among processes using higher order logic is demonstrated.

Published
1991

18. A Survey of Progress in Coding Theory in the Soviet Union. Final Report.

Author

Stanford Research Inst., Menlo Park, CA., Kautz, William H., and Levitt, Karl N.

Abstract

The results of a comprehensive technical survey of all published Soviet literature in coding theory and its applications--over 400 papers and books appearing before March 1967--are described in this report. Noteworthy Soviet contributions are discussed, including codes for the noiseless channel, codes that correct asymetric errors, decoding for cyclic codes, random-coding bounds on the amount of computations required, and various application criteria. A section directed to the nonspecialist describes the status of the field of coding theory in the Soviet Union, summarizes the major technical results, and compares these with corresponding work in the West. A section for the coding specialist examines new theoretical results, details of coding procedures, and analytical tools described in the Soviet literature. A complet e bibliography is included. (Author/SP)

Published
1967

21. An Example of Hierarchical Design and Proof.

Author

Spitzen, Jay M., Levitt, Karl N., Robinson, Lawrence, and Horning, J. J.

Subjects
*COMPUTER programming, *PROGRAMMING languages, *ELECTRONIC data processing, *COMPUTER science, *COMPUTER software
Abstract

Hierarchical programming is being increasingly recognized as helpful in the construction of large programs. Users of hierarchical techniques claim or predict substantial increases in productivity and in the reliability of the programs produced. In this paper we describe a formal method for hierarchical program specification, implementation, and proof. We apply this method to a significant list processing problem and also discuss a number of extensions to current programming languages that ease hierarchical program design and proof. [ABSTRACT FROM AUTHOR]

Published
1978
Full Text
View/download PDF

22. Proof Techniques for Hierarchically Structured Programs.

Author

Robinson, Lawrence, Levitt, Karl N., Manacher, G., and Graham, S.L.

Subjects
*STRUCTURED programming, *COMPUTER software correctness
Abstract

Presents the method for describing and structuring programs simplifying proofs of its correctness. Application of the method to semi-automatic and automatic proofs; Concept of abstract programs; Description of abstract machine; Definition of the concept of correctness of a program P of Floyd.

Published
1977
Full Text
View/download PDF

26. Helix: A Self-Regenerative Architecture for the Incorruptible Enterprise

Author

VIRGINIA UNIV CHARLOTTESVILLE, Knight, John C, Davidson, Jack W, Evans, David, Weimer, Westley, Nguyen-Tuong, Anh, Chen, Hao, Levitt, Karl N, Rowe, Jeff, Su, Zhendong, Wu, Felix, VIRGINIA UNIV CHARLOTTESVILLE, Knight, John C, Davidson, Jack W, Evans, David, Weimer, Westley, Nguyen-Tuong, Anh, Chen, Hao, Levitt, Karl N, Rowe, Jeff, Su, Zhendong, and Wu, Felix

Abstract

The focus of the Helix project was to dramatically improve the status quo for architecting secure and resilient information systems by developing a coherent body of scientific and engineering knowledge to design and evaluate new algorithms and concepts for self-regenerative systems. The hallmarks of such systems is that they are automated and proactive; they can adapt and reconfigure themselves to present attackers with an ever-shifting attack surface; and they can self-heal when confronted with both known and unknown attacks., The original document contains color images.

Published
2012

28. Description of Projects Utilizing Equipment Purchased under the DURIP Award

Author

CALIFORNIA UNIV DAVIS DIV OF COMPUTER SCIENCE, LEVITT, Karl N., CALIFORNIA UNIV DAVIS DIV OF COMPUTER SCIENCE, and LEVITT, Karl N.

Abstract

Intrusion detection and, more recently, automated response to intrusions have been the cornerstones of our research programs in the Computer Security Laboratory at UC Davis. UC Davis has pioneered several novel methods for intrusion detection on large networks. This research, however, can progress only if the laboratory's network infrastructure is sufficiently large to realistically model that of a large organization. ITC Davis is also among the first to study cooperative automated response to intrusions. Network devices: routers and firewalls, exchange attack information which can be used to optimally filter the malicious traffic. This project depends heavily on having network hardware on which to install and test our prototypes. Thanks to the generous DURIP equipment grant, our group was able to obtain the resources necessary for this work to proceed.

Published
2000

30. Formal Reasoning About a Specification-Based Intrusion Detection for Dynamic Auto-configuration Protocols in Ad Hoc Networks.

Author

Dimitrakos, Theo, Martinelli, Fabio, Ryan, Peter Y. A., Schneider, Steve, Song, Tao, Ko, Calvin, Tseng, Chinyang Henry, Balasubramanyam, Poornima, Chaudhary, Anant, and Levitt, Karl N.

Abstract

As mobile ad hoc networks (MANETs) are increasingly deployed in critical environments, security becomes a paramount issue. The dynamic and decentralized nature of MANETs makes their protocols very vulnerable to attacks, for example, by malicious insiders, who can cause packets to be misrouted or cause other nodes to have improper configuration. This paper addresses security issues of auto-configuration protocols in ad hoc networks. Auto-configuration protocols enable nodes to obtain configuration information (e.g., an IP address) so that they can communicate with other nodes in the network. We describe a formal approach to modeling and reasoning about auto-configuration protocols to support the detection of malicious insider nodes. With respect to this family of protocols, our approach defines a global security requirement for a network that characterizes the "good" behavior of individual nodes to assure the global property. This behavior becomes local detection rules that define a distributed specification-based intrusion detection system aimed at detecting malicious insider nodes. We formally prove that the local detection rules (identifying activity that is monitored) together with "assumptions" that identify system properties which are not monitored imply the global security requirement. This approach, novel to the field of intrusion detection, can, in principle, yield an intrusion detection system that detects any attack, even unknown attacks, that can imperil the global security requirement. Keywords: Formal reasoning, Intrusion Detection, Ad hoc network, Network Security. [ABSTRACT FROM AUTHOR]

Published
2006
Full Text
View/download PDF

40. Towards applying the composition principle to verify a microkernel operating system.

Author

Brauer, W., Gries, D., Stoer, J., Goos, Gerhard, Hartmanis, Juris, van Leeuwen, Jan, von Wright, Joakim, Grundy, Jim, Harrison, John, Heckman, Mark R., Zhang, Cui, Becker, Brian R., Peticolas, Dave, Levitt, Karl N., and Olsson, Ron A.

Abstract

A compositional proof method allows the components of a system to be specified and verified independently, instead of having to verify the entire system as a monolithic unit. This paper describes how the composition principle of Abadi and Lamport can be applied to specify and compose systems that consist of both safety and progress properties, using the HOL theorem proving system. We discuss the translation of the composition principle into HOL and the resulting proof obligations, and introduce an example system, modeled after a microkernel operating system, that we composed using the method. [ABSTRACT FROM AUTHOR]

Published
1996
Full Text
View/download PDF

49. An Assessment of Techniques for Proving Program Correctness.

Author

Elspas, Bernard, Levitt, Karl N., Waldinger, Richard J., and Waksman, Abraham

Subjects
*COMPUTER software correctness, *COMPUTER software, *COMPUTER programmers, *ARTIFICIAL intelligence, *COGNITIVE science, *COMPUTER software development
Abstract

The purpose of this paper is to point out the significant quantity of work in progress on techniques that will enable programmers to prove their programs correct. This work has included: investigations in the theory of program schemas or abstract programs; development of the art of the informal or manual proof of correctness; and development of mechanical or semi-mechanical approaches to proving correctness. At present, these mechanical approaches rely upon the availability of powerful theorem-provers, development of which is being actively pursued. All of these technical areas are here surveyed in detail, and recommendations are made concerning the direction of future research toward producing a semi mechanical program verifier. [ABSTRACT FROM AUTHOR]

Published
1972
Full Text
View/download PDF

50. Survey of Fault Tolerant Computer Security and Computer Safety.

Author

SRI INTERNATIONAL MENLO PARK CA COMPUTER SCIENCE LAB, Goldberg,Jack, Elspas,Bernard, Kautz,William H., Levitt,Karl N., SRI INTERNATIONAL MENLO PARK CA COMPUTER SCIENCE LAB, Goldberg,Jack, Elspas,Bernard, Kautz,William H., and Levitt,Karl N.

Abstract

This report is a collection of four surveys of the state of the art in fault tolerance, computer security and computer safety. Fault tolerance is surveyed in two parts: a general survey and a detailed survey of testing technology. Like most contemporary surveys in computer technology, they describe rapidly changing areas. In each area new concepts are continually appearing, e.g., new problems or new solutions that require new viewpoints be taken on the field as a whole. Nevertheless, each of the subjects surveyed has a set of results in theory and practice that provides a framework for current work. The survey of fundamental issues in fault tolerance attempts a broad view of the subject, which is currently under redefinition as a core subject in computer dependability. It includes comments on testing, distributed processing, security and safety, and thus may serve as a general introduction to the report as a whole. Contents: Fundamental Concepts of Fault-Tolerant Computing; Survey of Device and System Testing; Computer Security in Defense Systems; and State of the Art of Safety for Computer Controlled Systems.

Published
1986

Catalog

Books, media, physical & digital resources
See catalog results