14th Annual Computer Security Applications Conference
December 7-11, 1998
Phoenix, Arizona

Technical Program

Technical Program Features and Organization

We continue to add diversity to the manner in which computer security applications are discussed at the conference. Paper sessions include refereed papers that describe the latest in implementations and applications-oriented research.

The conference includes two types of sessions designed to allow significant time for interaction with the audience: panel sessions are designed to provoke discussion on a controversial topic; forum sessions may report on the results of implementation activities or provide different perspectives on a single topic of interest.

Track C presentations allow providers of products and/or services an opportunity to describe the innovative ways in which their products or services are being used to implement secure systems.

The Case Studies will include presentations on capabilities of INFOSEC products to realistic civil, defense, and commercial problems. This track will feature system integrators, designers, and architects from the government and private sector. Displays will also be open on Wednesday during the evening reception and on Thursday during breaks between the sessions.


Wednesday, December 9, 1998

General Session

7:30 Registration
8:30 Opening Remarks Dee Akers, Conference Chair,
The MITRE Corporation
8:35 Welcome to Phoenix Hotel Manager
8:40 Keynote Speaker Donald Rothwell, Motorola
9:10 Distinguished Practitioner Howard E. Glavin, Jr., CSX Technology
9:50 Student Paper Award Dr. Matt Bishop, Student Chair, UC/Davis
9:55 Technical Program Introduction Klaus Keus, Program Chair, GISA/BSI
10:00 BREAK
10:30 Network Intrusion Detection
Chair: M. Bishop, UDC

  • How to Increase Security in Mobile Networks by Anomaly Detection- R. Büschkes, D. Kesdogan, P. Reichl, Germany
  • An Architecture for Intrusion Detection using Autonomous Agents, D. Zamboni et al, Purdue University
  • NetSTAT: A Network-based Intrusion Detection Approach, G. Vigna, R. Kemmerer, USA
  • PANEL: Can Internet Commerce Be Secure?
    Chair: E. Appel, CertCo

  • P. Edfors, PNE Assoc.
  • TBD, FBI
  • R. Guida, Dept. of Treasury
  • Security Infrastructure
    Chair: J. Gerretson, ASEC
  • Kerberos and PKI Integration: A Solution for Security Infrastructure Deployment, G. Clark, DASCOM
  • Authorization Services for Multi-Tier Business, G. Clark, DASCOM
  • Redefining the Virtual Private Network: Check Point's FireWall-1/ Flood Gate-1 VPN and Real-Life Example Applications, M. Elliot, Check Point Software
  • 12:00 LUNCH
    1:30 Security Administration
    Chair: J. Litcho, IMSI

  • The RRA97 Model for Role-Based Administration of Role Hierarchies, R. Sandhu, Q. Munawer, USA
  • Role Based Access Control Framework for Network Enterprises, D. Thomsen, D. O' Brien, J. Bogle, USA
  • Concentric Supervision of Security Applications: A New Security Management Paradigm, P. Hyland, R. Shandhu, USA
  • PANEL: The NIMS Protection Profile-A Worked Example
    Chair: M. Abrams, MITRE

  • B. Ramsey, FAA
  • G. Stoneburner, NIST
  • J. Williams, MITRE
  • Internet Cash
    Chair: G. Bergren, NSA

  • Common Architectures in Support of Internet/Web Banking, T. Inskeep, Nations Bank
  • Internet Gaming, J. Litchko, IMSI
  • An Application of Digital Signatures to Counter Counterfeiting, D. Cole, Booz Allen & Hamilton, Inc
  • 3:00 BREAK
    3:30 Information Infrastructure
    Chair: L. Notargiacomo, TCS

  • Application-Level Isolation to Cope with malicious Database Users, S. Jajodia, P. Liu, C. McCollum, USA
  • Maintaining Security in Firm Real Time Database Systems, Q. Ahmed, S. Vrbsky; USA
  • Towards an Infrastructure for MLS Distributed Computing, M. Kang, J. Froscher, B. Eppinger, USA
  • Internet Technologies
    Chair: D. Thomsen, SCC

  • Protecting Web Servers from security Holes in Server-Side Includes, J. Wang, J. Karro, USA
  • Rule-based Filtering for Java Applets, P. Iglio, F. Fraticelli, L. Giuri, ITALY
  • Controlling applets' behavior in a browser, V. Hassler, O. Then, AUSTRIA
  • Security Testing
    Chair: C. Baggett, Risk Management Assoc.

  • IREN, L. Roelofs, P. Crawford, Booz Allen & Hamilton, Inc.
  • Formal and Informal Evaluations, J. McGehee, COACT, Inc.
  • Assurance Challenges & NIAP Labs, S. Chokhani, Cygnacom
  • 5:30 RECEPTION
    Wednesday Conference Reception
    December 9, 1998     5:30 - 9:00 pm
    The reception is included in the conference registration fee.
    Guest ticket can be ordered on the pre-registration form for $25.00

    [ Thursday ] [ Friday ]