17th Annual Computer Security Applications Conference
December 10-14, 2001
New Orleans, Louisiana

Technical Program

Technical Program Features and Organization

Track A and B sessions consist of technical papers, panels, and fora. All technical papers have undergone an anonymous peer review process and describe the latest developments in security implementations and applications-oriented research. Panel sessions are tailored to stimulate discussion of today's pressing issues. The fora sessions provide different perspectives on a single topic of interest or report the results of implementation activities.

Track C presentations allow providers of products and/or services an opportunity to describe the innovative ways in which their products or services are being used to implement secure systems. The Case Studies will include presentations on capabilities and applications of information security products to realistic civil, defense, and commercial problems. This track will feature system integrators, designer, and architects from the government and private sector. Displays will also be open on Wednesday during the evening reception and on Thursday during breaks between the sessions.

PROGRAM

Wednesday, December 12, 2001

General Session

7:30 Registration

8:30 Opening Remarks Daniel Faigin, Conference Chair, The Aerospace Corporation, USA

8:35 Welcome to New Orleans Hotel Manager

8:40 Distinguished Practitioner Bob Blakley, Tivoli Systems - An IBM Company, USA
Castles in the Sand

9:50 Student Paper Award Brenda Timmerman, Student Chair, California State University, Northridge, USA

9:55 Technical Program Introduction Jeremy Epstein, Program Chair, webMethods, USA

10:00 BREAK
TRACK A TRACK B TRACK C

10:30 Intrusion Detection I
Chair: Daniel Faigin, The Aerospace Corporation, USA

IntruDetector: A Software Platform for Testing Network Intrusion Detection Systems^§, Tao Wan and Xue Dong Yang, University of Regina, CANADA

Mining Alarm Clusters to Improve Alarm Handling Efficiency^§, Klaus Julisch, IBM Research, SWITZERLAND

Managing Alerts in a Multi-intrusion Detection Environment^§, Frédéric Cuppens, ONERA, FRANCE

Implementing the Intrusion Detection Exchange Protocol^§, Roy Pollock, Greg Matthews, Tim Buchheim, and Mike Erlinger, Harvey Mudd College, USA; Ben Feinstein, Guardent, USA; Joseph Betser and Andy Walther, The Aerospace Corporation, USA

Security Architecture
Chair: Christoph Schuba, Sun Microsystems, GERMANY

Information Flow Analysis of Component-Structured Applications^§, Peter Herrmann, University of Dortmund, GERMANY

Security Policy Enforcement at the File System Level in the Windows NT Operating System Family^§, Stephen Wolthusen and Silviu Burtescu, Fraunhofer-IGD, GERMANY

Java Security Extensions for a Java Server in a Hostile Environment^§, David Wheeler, Adam Conyers, Jane Luo, and Alex Xiong, Intel, USA

Genoa TIE, Advanced Boundary Controller Experiment^§, Eric Monteith, NAI Labs, USA

Assessment
Chair: Brooke Jenkins, ACS Defense, USA

Assessing Internet Application Risk, Marybeth Panock, Fidelity Investments Systems Company, USA

An IT Safety Index: Measuring Security Risks Caused by Rapid Capacity Expansion and Loss of Repeatable Builds, Gene Kim, Tripwire, USA

Computer Security Expert Assist Team (CSEAT), Kathy Lyons-Burke, National Institute of Standards and Technology, USA

12:30 LUNCH

1:30 Cryptography
Chair: Andre Luiz Moura dos Santos, Georgia Tech, USA

A JCA-based Implementation Framework for Threshold Cryptography^§, Yih Huang, David Rine, and Xunhua Wang, George Mason University, USA

The Performance Measurement of Cryptographic Primitives on Palm Devices^§, Duncan Wong, Hector Ho Fuentes, Agnes Chan, Northeastern University, USA

Privacy-preserving Cooperative Statistical Analysis^§, Wenliang Du and Mikhail Atallah, Purdue University, USA

FORUM - Creating and Implementing a Common Message and Protocol for Intrusion Detection Alerts
Chair: Mike Erlinger, Harvey Mudd College, USA

Stuart Staniford, Silicon Defense, USA
Mark Wood, Internet Security Systems, USA
Ben Feinstein, Guardent, USA
Andy Walther, The Aerospace Corporation, USA
PKI
Chair: Natalie Givans, Booz Allen & Hamilton, USA

Role-Based Access Control with SingleSignOn.Net's Practical PKI Appliance, Ravi Sandhu, SingleSignOn.Net, USA

PKI and Certificate Management: A New Model of Authentication, Peter Tapling, Authentify, USA

3:00 BREAK

3:30 Access Control I
Chair: Michael Clifford, The Aerospace Corporation, USA

Detecting Conflicts in a Role-Based Delegation Model^§, Andreas Schaad, University of York, UK

Engineering of Role/Permission Assignments^§, Pete Epstein, AT&T, USA; Ravi Sandhu, George Mason University, USA

A Framework for Multiple Authorization Types in a Healthcare Application System^§, Ramaswamy Chandramouli, National Institute of Standards and Technology, USA

Determining Privileges of Mobile Agents^§, Wayne Jansen, National Institute of Standards and Technology, USA

Classic Papers
Chair: Dan Thomsen, Secure Computing, USA

Building Reliable Secure Computing Systems out of Unreliable Insecure Components^§, John Dobson and Brian Randell, University of Newcastle upon Tyne, UK

A Security Model for Military Message System^§, Carl Landwehr, National Science Foundation, USA; Constance Heitmeyer and John McLean, Naval Research Laboratory, USA

An Information Flow Tool for Gypsy^§, John M^cHugh, CERT/CC, USA

Firewalls
Chair: Louise DavidsonUS Navy, USA

How Not to Configure Your Firewall: A Field Guide to Common Firewall Misconfigurations, Avishai Wool, Lumeta, USA

Creating Shared e-Business Servers with the 3Com Embedded Firewall, Tom Haigh, Secure Computing, USA

Obtaining an ROI with Telecommunication Firewalls, Gregory White, University of Texas San Antonio, USA

5:30 BIRDS OF A FEATHER SESSIONS

6:00 EXHIBITS & RECEPTION

Wednesday Conference Reception
The reception is included in the conference registration fee.
Guest ticket can be ordered on the pre-registration form for $35.00

§ This symbol indicates papers that were anonymously peer reviewed by four or more reviewers before acceptance.

7:30	Registration
8:30	Opening Remarks	Daniel Faigin, Conference Chair, The Aerospace Corporation, USA
8:35	Welcome to New Orleans	Hotel Manager
8:40	Distinguished Practitioner	Bob Blakley, Tivoli Systems - An IBM Company, USA Castles in the Sand
9:50	Student Paper Award	Brenda Timmerman, Student Chair, California State University, Northridge, USA
9:55	Technical Program Introduction	Jeremy Epstein, Program Chair, webMethods, USA
10:00	BREAK
	TRACK A	TRACK B	TRACK C
10:30	Intrusion Detection I Chair: Daniel Faigin, The Aerospace Corporation, USA IntruDetector: A Software Platform for Testing Network Intrusion Detection Systems^§, Tao Wan and Xue Dong Yang, University of Regina, CANADA Mining Alarm Clusters to Improve Alarm Handling Efficiency^§, Klaus Julisch, IBM Research, SWITZERLAND Managing Alerts in a Multi-intrusion Detection Environment^§, Frédéric Cuppens, ONERA, FRANCE Implementing the Intrusion Detection Exchange Protocol^§, Roy Pollock, Greg Matthews, Tim Buchheim, and Mike Erlinger, Harvey Mudd College, USA; Ben Feinstein, Guardent, USA; Joseph Betser and Andy Walther, The Aerospace Corporation, USA	Security Architecture Chair: Christoph Schuba, Sun Microsystems, GERMANY Information Flow Analysis of Component-Structured Applications^§, Peter Herrmann, University of Dortmund, GERMANY Security Policy Enforcement at the File System Level in the Windows NT Operating System Family^§, Stephen Wolthusen and Silviu Burtescu, Fraunhofer-IGD, GERMANY Java Security Extensions for a Java Server in a Hostile Environment^§, David Wheeler, Adam Conyers, Jane Luo, and Alex Xiong, Intel, USA Genoa TIE, Advanced Boundary Controller Experiment^§, Eric Monteith, NAI Labs, USA	Assessment Chair: Brooke Jenkins, ACS Defense, USA Assessing Internet Application Risk, Marybeth Panock, Fidelity Investments Systems Company, USA An IT Safety Index: Measuring Security Risks Caused by Rapid Capacity Expansion and Loss of Repeatable Builds, Gene Kim, Tripwire, USA Computer Security Expert Assist Team (CSEAT), Kathy Lyons-Burke, National Institute of Standards and Technology, USA
12:30	LUNCH
1:30	Cryptography Chair: Andre Luiz Moura dos Santos, Georgia Tech, USA A JCA-based Implementation Framework for Threshold Cryptography^§, Yih Huang, David Rine, and Xunhua Wang, George Mason University, USA The Performance Measurement of Cryptographic Primitives on Palm Devices^§, Duncan Wong, Hector Ho Fuentes, Agnes Chan, Northeastern University, USA Privacy-preserving Cooperative Statistical Analysis^§, Wenliang Du and Mikhail Atallah, Purdue University, USA	FORUM - Creating and Implementing a Common Message and Protocol for Intrusion Detection Alerts Chair: Mike Erlinger, Harvey Mudd College, USA Stuart Staniford, Silicon Defense, USA Mark Wood, Internet Security Systems, USA Ben Feinstein, Guardent, USA Andy Walther, The Aerospace Corporation, USA	PKI Chair: Natalie Givans, Booz Allen & Hamilton, USA Role-Based Access Control with SingleSignOn.Net's Practical PKI Appliance, Ravi Sandhu, SingleSignOn.Net, USA PKI and Certificate Management: A New Model of Authentication, Peter Tapling, Authentify, USA
3:00	BREAK
3:30	Access Control I Chair: Michael Clifford, The Aerospace Corporation, USA Detecting Conflicts in a Role-Based Delegation Model^§, Andreas Schaad, University of York, UK Engineering of Role/Permission Assignments^§, Pete Epstein, AT&T, USA; Ravi Sandhu, George Mason University, USA A Framework for Multiple Authorization Types in a Healthcare Application System^§, Ramaswamy Chandramouli, National Institute of Standards and Technology, USA Determining Privileges of Mobile Agents^§, Wayne Jansen, National Institute of Standards and Technology, USA	Classic Papers Chair: Dan Thomsen, Secure Computing, USA Building Reliable Secure Computing Systems out of Unreliable Insecure Components^§, John Dobson and Brian Randell, University of Newcastle upon Tyne, UK A Security Model for Military Message System^§, Carl Landwehr, National Science Foundation, USA; Constance Heitmeyer and John McLean, Naval Research Laboratory, USA An Information Flow Tool for Gypsy^§, John M^cHugh, CERT/CC, USA	Firewalls Chair: Louise DavidsonUS Navy, USA How Not to Configure Your Firewall: A Field Guide to Common Firewall Misconfigurations, Avishai Wool, Lumeta, USA Creating Shared e-Business Servers with the 3Com Embedded Firewall, Tom Haigh, Secure Computing, USA Obtaining an ROI with Telecommunication Firewalls, Gregory White, University of Texas San Antonio, USA
5:30	BIRDS OF A FEATHER SESSIONS
6:00	EXHIBITS & RECEPTION
6:00	Wednesday Conference Reception The reception is included in the conference registration fee. Guest ticket can be ordered on the pre-registration form for $35.00

Technical Program

Technical Program Features and Organization

PROGRAM

Wednesday, December 12, 2001

General Session

[ Thursday ] [ Friday ]