16th Annual Computer Security Applications Conference
December 11-15, 2000
New Orleans, Louisiana

Technical Program

Technical Program Features and Organization

Track A and B sessions consist of technical papers, panels, and fora. All technical papers have undergone an anonymous peer review process and describe the latest developments in security implementations and applications-oriented research. Panel sessions are tailored to stimulate discussion of today's pressing issues. The fora sessions provide different perspectives on a single topic of interest or report the results of implementation activities. Track C presentations allow providers of products and/or services an opportunity to describe the innovative ways in which their products or services are being used to implement secure systems. The Case Studies will include presentations on capabilities and applications of information security products to realistic civil, defense, and commercial problems. This track will feature system integrators, designer, and architects from the government and private sector. Displays will also be open on Wednesday during the evening reception and on Thursday during breaks between the sessions.


Wednesday, December 13, 2000

General Session

7:30 Registration
8:30 Opening Remarks Dee Akers, Conference Chair, The MITRE Corporation
8:35 Welcome to New Orleans Hotel Manager
8:40 Distinguished Lecturer Dr Eugene H. Spafford, Purdue University
9:50 Student Paper Award Dr. Matt Bishop, Student Chair, UC/Davis
9:55 Technical Program Introduction Jeremy Epstein, Program Chair, webMethods
10:00 BREAK
10:30 Intrusion Detection - 1
Chair: Rich Neely, SAIC, USA

  • Security Against Compelled Disclosure §, Ian Brown, Hidden Footprints and Ben Laurie, A.L. Digital Ltd., United Kingdom
  • Security Agility in Response to Intrusion Detection §, Mike Petkac and Lee Badger, NAI Labs, USA
  • Two State-based Approaches to Program-Based Anomaly Detection §, C.C. Michael, Cigital Research, USA
  • Distributed/Network Security §
    Chair: Paul Ashley, Tivoli Systems, USA

  • Denial of Service Protection - The Nozzle §, Elizabeth Strother, North Carolina State University, USA
  • Virtual Enterprise Networks: The Next Generation of Secure Enterprise Networking §, Germano Caroni, Sandeep Kumar, Christoph Schuba, and Glenn Scott, Sun Microsystems Laboratories, USA
  • Enabling Secure On-Line DNS Dynamic Update §, Xunhua Wang, Yih Huang, David Rine, George Mason University and Yvo Desmedt, Florida State University, USA
  • Finance Industry
    Chair: Vic Lindberg, Pulse Engineering, USA

  • How the Finance Industry is Thinking About PKI, Marino Buitrago, FannieMae, USA
  • The FDIC Public Key Infrastructure, Russell Davis, FDIC, USA
  • An Architecture for E-Business Application Security, Bill Wear, Hewlett-Packard, USA
  • 12:00 LUNCH
    1:30 Engineering and Analysis
    Chair: Jan Filsinger, NAI Labs, USA

  • Layering Boundary Protections: An Experiment in Information Assurance §, Dale M. Johnson, The MITRE Corp., Lee Benzinger, NAI Labs., USA
  • Extending Java for Package-Based Access Control §, Mauricio Papa, Oliver Bremer, Rodrigo Chandia, John Hale, & Sujeet Shenoi, Univ. of Tulsa, USA
  • Secure Smart Homes Using Jini and UIUC SESAME §, Jalal Al-Muhtadi, Manish Anand, M. Denis Mickunas, & Roy H. Campbell, Univ. of Illinois at Urbana-Champaign, USA
  • Panel: Defining, Computing, and Interpreting Trust
    Chair: Daniel Faigin, The Aerospace Corp., USA

  • Michael Clifford, The Aerospace Corp, USA
  • Matt Bishop, Univ. of Cal Davis, USA
  • Marshall Abrams, The MITRE Corp., USA
  • Public Key Infrastructure
    Chair: Laura Montano, Booz Allen & Hamilton, Inc.

  • Voting Over the Internet (VOI), Ed Rodriguez, Booz Allen & Hamilton, Inc., USA
  • PKI in a Large-Scale Environment, Jayne Schaefer, Motorola, USA
  • PKI Case Study: Enabling Secure Inter-company Collaboration, Lina Liberti, RSA Data Security, USA
  • 3:00 BREAK
    3:30 Security Policy
    Chair: LouAnna Notargiacomo, Trusted Computer Solutions, USA

  • Implementing Security Policies Using the Safe Areas of Computation Approach §, André L. M. dos Santos & Richard Kemmerer, Univ. of Cal. Santa Barbara, USA
  • Policy Mediation for Multi-Enterprise Environments §, Pablo Galiasso, Oliver Bremer, John Hale, & Sujeet Shenoi, Univ. of Tulsa, USA, David Ferraiolo & Vincent Hu, National Institute of Standards and Technology
  • Protection Profiles for Remailer Mixes - Do the new Evaluation Criteria help? § Kai Rannenberg, Microsoft Research, UK & Giovanni Iachello, Freiburg Univ., Germany
  • Public Key Infrastucture
    Chair: Ross Anderson, Cambridge University, UK

  • Binding Identities and Attributes Using Digitally Signed Certificates §, Joon S. Park, Naval Research Lab., & Ravi Sandhu, George Mason Univ., USA
  • Applications in Health Care using Public-Key Certificates and Attribute Certificates §, Petra Wohlmacher, Univ. of Klagenfurt, Austria & Peter Pharow, Otto-von-Guericke Univ. of Magdeburg, Germany
  • Scalable, Policy Driven and General Purpose Public Key Infrastructure For the Internet §, Vishwa Prasad, Sreenivasa Potakamuri, Michael Ahern, Igor Balabine, Michah Lerner, & Partha Dutta, AT&T Labs., USA
  • Emerging Business
    Chair: Chris McBride, NSA, USA

  • Liability Implications of Security Vulnerabilities, Paul McNabb, Argus Systems Group, Inc., USA
  • Possible Legal Consequences of Knowing Neglect of Information System Security Vulnerabilities, Bill Martin, Dell, USA
  • Security and Privacy: The Business and IT Challenge for the Age of E-Business, Paul Ashley, Tivoli Systems, USA
  • 5:30 RECEPTION
    Wednesday Conference Reception
    The reception is included in the conference registration fee.
    Guest ticket can be ordered on the pre-registration form for $35.00

    Sponsored by

    Argus logo
    Argus Systems Group

    BAH logo
    Booz-Allen & Hamilton

    § This symbol indicates papers that were anonymously peer reviewed by four or more reviewers before acceptance.

    [ Thursday ] [ Friday ]