[ACSAC History]

1988: Complete List of Papers from the Fourth ACSAC



Keynote Speaker, John J. Lane
Luncheon Speaker, John B. Odom


TRACK A
Session lA: Computer Viruses
Selective Disassembly: A First Step Towards Developing a Virus Filter
P.D. Gatneff
Exploring Computer Viruses
R. Davis
Current Computer Viral Infections
J. Beckman

Session 2A: Panel: Computer Viruses
Session 3A: Applications
Privacy Enhanced Electronic Mail
T.J. Casey and S.R. Wilbur
Denial of Service Flaws in SDI Software: An Initial Assessment
KA. Nyberg
Genesis of a Secure Application: A Multilevel Secure Message
Preparation Workstation Demonstration
C.E. Irvine, M.F. Thompson, R.R. Schell, T.F. Tao, R.E. Lessin,
J.R. Wopat, and E. BenArieh
Haystack: An Intrusion Detection System
S.E. Smaha

Session 4A: Panel: DBMS Security
Issues in Database Security
T.F.LImt
Balanced Assurance
W.R. Shockley
Trusted versus Advisory Labeling
L. Notargiacomo
Speculating on Trusted DBMS
D.E. Bell
Secure DBMS Requirements
R.K Burns

Session 5A: Database Security I
Implications of Multilevel Security on the Data Dictionary of a Secure
Relational DBMS
N.R. Jensen
Some Results from lhe Entity/Relationship Multilevel Secure DBMS Project
G.E. Gajnak
Toward a Multilevel Relational Data Language
T.F.Lunt, R.R. Schell, W.R. Shockley, and D. Warren


Session 6A: Database Security II
Making Databases Secure With TRUDATA Technology
R.B. Knode and R. A. Hunt
Implementation Design for a Kernelized Trusted DBMS
J.W. Davison

Industry and Government DBMS Security and Privacy Needs: A Comparison
R.R. Henning
Maintaining Correctness, Availability, and Unambiguity in Trusted Database
Management Systems
C. Meadows and S. Jajodia

Session 7A: Database Security III
Inference Controls for Frequency Count Tables: An Update
L.H. Cox
Query Processing in LDV: A Secure Database System
P. Dwyer, E. Onuegbe, P. Stachour, and B. Thuraisingham
Identifying and Representing the Security Semantics of an Application
G.W. Smith

Session 8A: Panel: Current Issues and Future Strategies
Secure System Development in Industry: A Perspective from Digital Equipment
M. Gasser and S.B. Lipner


TRACK B
Session lB: Panel: Trusted Systems Development
Secure Workstations: Where Do We Go from Here?
R.R. Henning

Session 2B: Panel: Development Issues for Future Trusted Systems
Development Issues for Future Trusted Systems
A.B. Marmor-Squires
Development Issues for Future Trusted Systems
M. Branstad
Environments for Building Secure Systems
J.McHugh
Trusted CASE for Trusted Systems
R J. Feiertag

Session 3B: Trusted Systems Dev 1/fR
Securing Trust in a Large General Purpose Operating System
T. A. Parker
An Alternative Implementation of the Reference Monitor Concept
G. King and W. Smith
Dual Labels Revisited
R.D. Graubart
A Mandatory Access Control Mechanism for the UNIX File System
T. Thomas

Session 4B: Trusted Systems Dev II
Producing Secure Digital Information Systems
D.I. Good
Developing Secure Systems: Issues and Solutions
J. Freeman, R. Neely, and L. Megalo
Bringing Down the Cost of AI Systems
D.M. Cooper

Session 5B: Trusted Systems Dev III
A Microprocessor Design for Multi evel Security
D B. Clifton and E.B. Fernandez
UNIX Guardians: Active User Intervention in Data Protection
G.I. Davida and BJ. Matt
Using CASE Tools to Improve the Security of Applications Systems
H.H. Hosmer and M. Merriman
Secured Windows
J. Ammirato

Session 6B: Trusted Systems Dev IV
Retrofitting and Developing Applications for a Trusted Computing Base
D. Gambel and S. Walter
Telling the Goodguys: Disseminating Information on Security Holes
C. Stoll
Dissemination of Vulnerability Information
DA. Jones
Developing Metrics for Trusted Code
M.E. Bisigrlani and T.S. Reed
On the Control and Dissemination of Information Concerning Security
Flaws and Their Corrections
P.H. Wiedemann

Session 7B: Trusted Systems Dev V
Security Protection Based on Mission Criticality
H.L. Johnson
A Model for Secure Distributed Computations in a Heterogeneous Environment
P.C. Chengand V.D. Gligor
A Multilevel Secure Message Switch with Minimal TCB: Architectural Outline
and Security Analysis
E.H. Lipper, B. Melamed, R J. T. Morris, and P. Zave

Session 8B: Panel: TNI
Using the Trusted Network Interpretation
A.W. Arsenault
Use of the TNI to Evaluate a Network System
C. Weissman
Using the TNI to Evaluate a Network System
P. Malleff
Results of an Evaluation of the Multinet Gateway against the Trusted Network
Interpretation
D. Chizmadia

Session 9B: Trusted Network Development
Configuring a Trusted System Using the TNI
EJ. Powanda and J.W. Genovese
Design and Implementation of a Secure Terminal Gateway
R. Cramer, B. Aldridge, E. Schallenmuller, WR. Shockley, and R.R. Schell
The Cascading Problem for Interconnected Networks
J.K Millen and M.W. Schwartz
Characterizing Network Covert Storage Channels
KW. Eggers and P.W. Mallett


TRACK C
Session 1C: Integrity I
Transaction Control Expressions for Separation of Duties
R. Sandhu
Providing Sofhvare Integrity Using Type Managers
R.M. Wong and Y.E. Ding
Report on the Clark-Wilson Initiative
WH. Murray

Session 2C: Integrity II
Integrity Controls for Military and Commercial Applications
R.R. Jueneman
Ensuring Software Integrity
J.D. Weiss and E.G. Arnoroso
The Importance of High Assurance Computers for Command, Control,
Communications, and Intelligence Systems
W.R. Shockley, R.R. Schell, and M.F. Thompson

Session 3C: Panel: Security in Public and Private Sectors
Computer and Cornmunication Security in the Public and PriYate Sectors
E.H. Sibley
Security, It Doesn't Sell
H.S. Maynard
Prospects for Computer Security
R. Morris
Interworking Standards, Security Policies, and Evaluation Standards
T.A. Parker
Issues and Trends in Security
L.F. Reese

Session 4C: Panel: Trusted Mach as B3 UNIX Compatible System
Security Issues of the Trusted Mach System
M. Branstad, H. Tajolli, and F. Mo~er
An Interpretation of a Refined Bell-La Padula Model for the TMach Kernel
F.L. Mayer
Embedding Cryptography into a Trusted Mach System
W.C Barker, P. Cochrane, and M. Branstad

Session SC: Modeling and Formal Verification
Security Modeling in the Ulysses Environment
T. Korelsky, B. Dean, C Eichenlaub, J. Hook, C Klopper, M. Lam,
D. McCullough, G. Pottinger, O. Rambow, D. Rosenthal, J.P. Seldin,
and D.G. Weber
Minix Security Policy Model
J.E. Roskos
Formal Specification and Verification in EHDM
F.W. von Henke
A Description of a Formal Verification and Validation (FVV) Process
B. Smith, C Reese, K Lindsoy, and B. Crane

Session 6C: Risk Analysis and Contingency Planning
Encryption Using Random Keys: A Scheme for Secure Communications
P.K Goyal and E.B. Femandez
Issues and Mechanisms for Network Risk Analysis
T.W. Osgood
Software Security Evaluation Based on a Top-Down McCall-Like Approach
F. Copigneaux and S. Marhn
A Taxonomy of the Causes of Proof Failures in Applications Using the
HDM Methodology9
KS. Lindsay

Session 7C: Panel: NASAPrograms
System Security in the Space Flight Operations Center
D.A. Wagner

Session 8C: Panel: State-of-Practice in Commercial World
State-of-the-Practice in the Commercial World
J.R. Wade
State-of-Practice Banking & Financial Systems
E.F. McDonough, Jr.
State-of-Practice: Manufacturing & Industrial Businesses
J.R. Wade

Session 9C: Panel: Policy and PL100-235