[WM Ad03] A. Adelsbach, S. Katzenbeisser, and H. Veith, "Watermarking Schemes Provably Secure Against Copy and Ambiguity Attacks", in Proc. 2003 ACM Workshop on Digital Rights Management, 111-119, 2003.
[WM Be01] M. Bern, J. Breidenbach, and D. Goldberg , “Trustworthy Paper Documents,” in I.S. Moskowitz (ed.): Information Hiding, Proc. of 4th International Workshop (IHW 2001), 2001. LNCS 2137, Springer-Verlag, p. 1 ff.
[WM Co98] I. Cox and J-P. Linnartz, “Some general methods for tampering with watermarks,” IEEE Journal on Selected Areas in Communication 16:4, 587-593, May 1998.
[WM Cu04] D. Curran, M. Ó Cinnéide, N. Hurley, and G. Silvestre, "Dependency in Software Watermarking", in Proceedings of the International Conference on Information & Communication Technologies: from Theory to Applications, Syria, 2004. Preprint provided in email from D. Curran, 13 July 04.
[WM Me02] S. Megerian, M. Drinic, and M. Potkonjak, "Watermarking Integer Linear Programming Solutions", in Proc 39th Conf. on Design Automation, ACM Press, 8-13, 2002.
[WM Oh02] R. Ohbuchi, A. Mukaiyama, and S. Takahashi, "Surfaces, Shapes, and Compression: A Frequency-Domain Approach to Watermarking 3D Shapes", Computer Graphics Forum 21:3, 373 ff., September 2002.
[WM V301] R. Venkatesan, V. Vazirani,
[WM Wo02] G. Wolfe, J. Wong, and M. Potkonjak, "Watermarking Graph Partitioning Solutions", IEEE Trans. Computer-Aided Design of Integrated Circuits and Systems 21:10, 1196-1204, October 2002.
[WM Yo98] H. Yoshiura, R. Sasaki, and K. Takaragi, “Secure Fingerprinting Using Public-Key Cryptography (Position Paper),” in Christianson, B. Crispo, W.S. Harbison, M. Roe (Eds.): Proceedings of 6th International Workshop on Security Protocols, LNCS 1550, Springer-Verlag, p. 83 ff., April 1998.
[WM Zh03] B. Zhu, J. Wu, M. Kankanhalli, "Print Signatures for Document Authentication", in Proc. of the 10th ACM Conf. on Computer and Communication Security, 145-154, 2003.
[Ob Ba01] B. Barak, O. Goldreich, R. Impagliazzo, S. Rudich, A. Sahai, S. Vadhan, and K. Yang, “On the (Im)possibility of Obfuscating Programs (Extended Abstract)”. In J. Kilian (ed.), Advances in Cryptology – Crypto 2001, LNCS 2139, Springer-Verlag, 2001.
[Ob Ch01] S. Chow et al., “An approach to the obfuscation of control-flow of sequential computer programs.” In G. Davida and Y. Frankel (Eds.): ISC 2001, LNCS 2200, pp. 144-155, 2001.
[Ob Wa01] C. Wang, J. Hill, J. Knight, and J. Davidson, "Protection of software-based survivability mechanisms", in Proc. of the 2001 International Conference on Dependable Systems and Networks (formerly: FTCS), IEEE Computer Society, pp. 193-202, 2001.
[Ta Au96] D. Aucsmith, “Tamper Resistant Software: An Implementation”, in Information Hiding Workshop, RJ Anderson (ed), LNCS 1174, pp. 317-333, 1996.
[Ta Ch02] Y. Chen, R. Venkatesan, M. Cary, R. Pang, S. Sinha, and M. Jakubowski, “Oblivious Hashing: A Stealthy Software Integrity Verification Primitive,” in F.A.P. Petitcolas (Ed.): Information Hiding, Proc. of 5th International Workshop (IH 2002), Noordwijkerhout, The Netherlands, October 7-9, 2002. LNCS 2578, p. 400 ff.
[Ta Og03] T. Ogiso et al., “Software Tamper Resistance Based on the Difficulty of Interprocedural Analysis.” In The Third International Workshop on Information Security Applications (WISA 2002), pp. 437-452, August 2002. Available: http://grampus.jaist.ac.jp:8080/miyaji-lab/member/PaperPS/wisa2002.pdf, March 2003.
[Co Sc04] S. Schleimer, D. Wilkerson, and A. Aiken, "Winnowing: Local Algorithms for Document Fingerprinting", in Proc. ACM SIGMOD Int'l Conf. on Management of Data, 76-85, June 2003. See also S. Schleimer’s errata page, available: http://www.math.uic.edu/~saul/Maths/winnowing.html#errata, 15 May 2004.
[Co Ve96] K. Verco and V. Wise, "Software for Detecting Suspected Plagiarism: Comparing Structure and Attribute-Counting Systems", in Proc. 1st Australasian Conf. on Computer Science Education, ACM Press, 81-88, 1996.
[La Li03] L. Lin, B. Nuseibeh, D. Ince, M. Jackson, and J. Moffett, "Introducing Abuse Frames for Analysing Security Requirements", in Proc 11th IEEE Int'l Requirements Engineering Conference, pp. 371-2, 2003. Available: http://csdl.computer.org/comp/proceedings/re/2003/1980/00/19800371.pdf, May 2004.
[HW Bo01] M. Bond, "Attacks on Cryptoprocessor Transaction Sets", in Proc. of the CHES 2001 Workshop, LNCS 2162, Springer-Verlag, pp 220-234, 2001.
[HW Ch04] B. Chen and R. Morris, "Certifying Program Execution with Secure Processors", in 9th Workshop on Hot Topics in Operating Systems (HotOS IX), USENIX, pp. 133-138, May 2003. Available: http://www.usenix.org/events/hotos03/tech/chenb.html, April 2004.
[HW Da03] Dallas Semiconductor Corp., “DS5002FP Secure Microprocessor Chip”, Dallas TX (USA), 25 pp., 5 March 2003. Available: http://pdfserv.maxim-ic.com/en/ds/DS5002FP.pdf, April 2004.
[HW Go96] O. Goldreich and R. Ostrovsky, "Software Protection and Simulation on Oblivious RAMs", J. ACM 43:3, 431-473, 1996.
[HW Ma04] J. Marchesini, S. Smith, O. Wild, and R. MacDonald, "Experimenting with TCPA/TCG Hardware, Or: How I Learned to Stop Worrying and Love The Bear", Technical Report TR2003-476, Department of Computer Science, Dartmouth College, 20 pp., 15 December 2003. Available: http://www.cs.dartmouth.edu/~sws/abstracts/mswm03.shtml, April 2004.
[Le Be01] S. Bechtold, “From Copyright to Information Law – Implications of Digital Rights Management”. In T. Sander (Ed.): Security and Privacy in Digital Rights Management, ACM CCS-8 Workshop DRM 2001, Philadelphia, PA, USA, November 5, 2001. LNCS 2320, p. 213 ff.
[DRM 4C00] 4C Entity, LLC, "Content Protection System Architecture: A Comprehensive Framework for Content Protection", Rev. 0.81, 19 pp., 17 February 2000. Available: http://www.4centity.com/data/tech/cpsa/cpsa081.pdf, May 2004.
[DRM By03] S. Byers, L. Cranor, D. Korman, P. McDaniel, and E. Cronin, "Analysis of security vulnerabilities in the movie production and distribution process", in Proc. 2003 ACM Workshop on Digital Rights Management, ACM Press, 1-12, 2003.
[DRM Li01] Fully Licensed GmbH, "Inside Windows Product Activation", Berlin, Germany, 25 KB web-published manuscript, July 2001. Available: http://www.licenturion.com/xp/fully-licensed-wpa.txt, April 2004.
[DRM Mo97] R. Mori and M. Kawahara, "Superdistribution: An Electronic Infrastructure for the Economy of the Future", Transactions of Information Processing Society of Japan 38:7, 1465-1472, July 1997. (Copy available from instructor upon request.)
[SS As04] D. Asonov, R. Agrawal, "Keyboard Acoustic Emanations", in Proc. of IEEE Symposium on Security and Privacy, pp. 3-11, May 2004.
[SS Bo02] A. Boldyreva and M. Jakobsson, “Theft protected proprietary certificates,” in Proc. 2002 ACM Workshop on Digital Rights Management (DRM 2002). Available http://crypto.stanford.edu/DRM2002/tppcertif.pdf, March 2003.
[SS De02] J. De Clercq, “Single Sign-On Architectures.” In G. Davida et al. (eds.): InfraSec 2002, LNCS 2437, pp. 40-58, 2002.
[SS Ku04] M. Kuhn, "Electromagnetic Eavesdropping Risks of Flat-Panel Displays", to appear in Proc. 4th Workshop on Privacy Enhancing Technologies, 26-28 May 2004, Toronto, Canada. Preprint available: http://www.cl.cam.ac.uk/~mgk25/pet2004-fpd.pdf, July 2004.
[SS Pa04] T. Papaioannou and G. Stamoulis, "Effective Use of Reputation in Peer-to-Peer Environments", to appear in IEEE/ACM CCGRID 2004. Preprint available: http://nes.aueb.gr/publications/2004.p2p_policies.GP2PC.pdf, June 2004.
[SS Se04] A. Selcuk, E. Uzun, M. Pariente, "A Reputation-Based Trust Management System for P2P Networks", to appear in Proc. CCGRID 2004. Preprint available: www.cs.bilkent.edu.tr/~selcuk/publications/CCGRID04.pdf, June 2004.
[SS Ya98] R Yahalom, “Optimistic Trust with Realistic eNvestigators.” In B. Christianson et al. (eds.): Security Protocols, LNCS 1550, pp. 193-202, 1998.
[Pr Gu04] P. Gutmann, "Simplifying Public Key Management", Computer 37:2, 101-103, February 2004.
[Pr Ch00] B. Chor, A. Fiat, M. Naor and B. Pinkas, "Tracing Traitors", IEEE Transactions on Information Theory 46:3, 893-910, May 2000.
[Ne Fr04] R. Friend, "Making the Gigabit IPsec VPN Architecture Secure", Computer 37:6, 54-60, June 2004.
[Ne Fu04] X. Fu, B. Graham, D. Xuan, R. Bettati, and W. Zhao, "Empirical and Theoretical Evaluation of Active Probing Attacks and Their Countermeasures", to appear in Proc. 6th Int'l Workshop on Information Hiding (IH2004), 23-25 May 2004, Toronto CA. (Preprint available from instructor.)
[Ne Ku04] M. Kuhn, "An Asymmetric Security Mechanism for Navigation Signals", to appear in Proc. 6th Int'l Workshop on Information Hiding (IH2004), 23-25 May 2004, Toronto CA. (Preprint available from instructor.)
[Ne Mc01] J. McHugh, “Intrusion and Intrusion Detection,” International Journal of Information Security 1, 2001, pp. 14-35.
[Ne Wo04] A. Wool, "A Quantitative Study of Firewall Configuration Errors", Computer 37:6, 62-67, June 2004.
[Ap Ca04] J. Camenisch, "Better Privacy for Trusted Computing Platforms," to appear in ESORICS 2004. Preprint provided in email by J. Camenisch, July 2004.
[Ap Cr04] J. Crampton and G. Loizou, "Administrative scope: A foundation for role-based administrative models", ACM Trans. Inf. Syst. Secur. 6:2, 201-231, 2003.
[Ap En03] P. England, B. Lampson, J. Manferdelli, and B. Willman, "A Trusted Open Platform", Computer 36:7, 55-62, July 2003.
[Ap Je04] D. Jefferson, A. Rubin, B. Simons, D. Wagner, "A Security Analysis of the Secure Electronic Registration and Voting Experiment (SERVE)", web manuscript, 21 Jan 2004. Available: http://servesecurityreport.org/, February 2004.
[Ap La04] B. Lampson, pp. 42-45 on chains of trust, in "Computer Security in the Real World", Computer 37:6, 37-46, June 2004.
[Ap Li03] D. Lie, C. Thekkath, and M. Horowitz, "Implementing an untrusted operating system on trusted hardware," in Proc. of the Nineteenth ACM Symposium on Operating Systems Principles, 178-192, October 2003.
[Ap Ob91] R. O'Brien and C. Rogers, "Developing Applications on LOCK", in Proc. 14th Nat'l Security Conf., Washington DC USA, 147-156, 1991. Hardcopy obtained from British Library, April 2004; seeking permission of copyright holder (Secure Computing) to publish to web, July 2004.
[Ap Sa96] R. Sandhu, E. Coyne, H. Feinstein, and C. Youman, "Role-based access control models", Computer 29:2, 38-47, February 1996.
[P1] Experiment with the X.509 authentication certificates for email, perhaps along the lines of my Assignment 2 for CompSci 725 in 2001. See http://www.cs.auckland.ac.nz/compsci725s1c/archive/compsci725fc/archive/2001/lectures/asst2.htm, available March 2003. A simple introduction to X.509 certificates may be found in P Tremblatt, “X.509 Certificates”, Dr Dobbs Journal, July 1999. Available: http://www.ddj.com/articles/1999/9907/, March 2003.
[P2] Use forensic examination software, such as ComputerCop Professional P3 (I have a CD in my office) to make inferences about what an anonymous person was doing on their PC on some specific dates, (say) one month ago and six months ago.
[P3] Analyse several home PCs for “spyware”. Your report should describe your scanning procedures and what you
found. If your scan reveals
something, you should describe what you found, your reasons for (not) calling it spyware, your best guess as to when and how it was
loaded, what you did to remove it, and whether you were successful in removing
it. See e.g. “Invasive Software:
Who’s Inside Your Computer” (Computer, IEEE, July 2002, pp 15- 18),
“Spyware epidemic rallies call for action” (ZDNet 24
Feb 03, http://zdnet.com.com/2102-1104-985644.html),
“Weatherbug” (Risks Digest 21:42, http://catless.ncl.ac.uk/Risks/21.42.html#subj13),
“Totally Hip with Spyware” (Risks Digest 21:56, http://catless.ncl.ac.uk/Risks/21.56.html#subj5),
and “Adobe clarification on spyware article” (Risks Digest 21: 59, http://catless.ncl.ac.uk/Risks/21.59.html#subj8).