Abstract
The force that drives fundamental changes in security is change in the use of information technology. To show how the environment impinges on security requirements and the selection of security mechanisms we compare familiar closed systems and emerging open systems. We illustrate how specific features of a given communications network influence security design and security analysis, and examine whether the new challenges we are facing in security should be described as issues of trust. Recommendations on directions in security research conclude the paper, with the development of suitable conceptual frameworks as a main objective.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Abadi, M., Needham, R.: Prudent engineering pratice for cryptographic protocols. In: Proceedings of the 1994 IEEE Symposium on Research in Security and Privacy, pp. 122–136 (1994)
Aura, T., Roe, M., Arkko, J.: Security of Internet location management. In: Proceedings of the 18th Annual Computer Security Applications Conference, December 2002, pp. 78–87 (2002)
Bell, D., LaPadula, L.: Secure computer system: Unified exposition and Multics interpretation. Technical Report ESD-TR-75-306, The MITRE Corporation, Bedford, MA (1975)
Blaze, M., Feigenbaum, J., Ioannidis, J., Keromytis, A.D.: The KeyNote Trust-Management System Version 2, RFC 2704 (September 1999)
Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized trust management. In: Proceedings of the 1996 IEEE Symposium on Security and Privacy, pp. 164–173 (1996)
Burrows, M., Abadi, M., Needham, R.: A logic of authentication. DEC Systems Research Center, Report 39, February 22 (1990) (revised)
DeTreville, J.: Binder, a logic-based security language. In: Proceedings of the 2002 IEEE Symposium on Security and Privacy, pp. 105–113 (2002)
Ellison, C.M., Frantz, B., Lampson, B., Rivest, R., Thomas, B.M., Ylonen, T.: SPKI Certificate Theory, RFC 2693 (September 1999)
International Organisation for Standardization. Basic Reference Model for Open Systems Interconnection (OSI) Part 2: Security Architecture. Genève, Switzerland (1989)
Gollmann, D.: What do we mean by entity authentication? In: Proceedings of the 1996 IEEE Symposium on Security and Privacy, pp. 46–54 (1996)
Gollmann, D.: Authentication by correspondence. IEEE Journal on Selected. Areas in Communications 21(1), 88–95 (2003)
Gollmann, D.: Analysing security protocols. In: Abdallah, A.E., Ryan, P.Y.A., Schneider, S. (eds.) FASec 2002. LNCS, vol. 2629, pp. 71–80. Springer, Heidelberg (2003)
Gong, L.: Inside Java 2 Platform Security. Addison-Wesley, Reading (1999)
Harkins, D., Kaufman, C., Kivinen, T., Kent, S., Perlman, R.: Design Rationale for IKEv2, Internet Draft, draft-ietf-ipsec-ikev2-rationale-00.txt (February 2002)
International Organization for Standardization. Information technology – Security techniques – Entity authentication mechanisms; Part 1: General model. Genève, Switzerland, ISO/IEC 9798-1, 2nd edn. (September 1991)
Kaufman, C.: Internet Key Exchange (IKEv2) Protocol, Internet Draft, draft-ietf-ipsec-ikev2-04.txt (January 2003)
LaMacchia, B., Lange, S., Lyons, M., Martin, R., Price, K.:.NET Framework Security. Addison Wesley Professional, Reading (2002)
Lampson, B., Abadi, M., Burrows, M., Wobber, E.: Authentication in distributed systems: Theory and practice. ACM Transactions on Computer Systems 10(4), 265–310 (1992)
Mäki, S., Aura, T.: Towards a survivable security architecture for ad-hoc networks. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds.) Security Protocols 2001. LNCS, vol. 2467, pp. 63–73. Springer, Heidelberg (2002)
Meadows, C.A.: Analysis of the Internet Key Exchange protocol using the NRL Protocol Analyzer. In: Proceedings of the 1999 IEEE Symposium on Security and Privacy, pp. 216–231 (1999)
Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1997)
Needham, R.: Keynote address: The changing environment (transcript of discussion). In: Malcolm, J.A., Christianson, B., Crispo, B., Roe, M. (eds.) Security Protocols 1999. LNCS, vol. 1796, pp. 1–5. Springer, Heidelberg (2000)
US Department of Defense. DoD Trusted Computer System Evaluation Criteria, DOD 5200.28-STD (1985)
Rannenberg, K.: How much details and negotiations can users handle? In: Cuppens, F., Deswarte, Y., Gollmann, D., Waidner, M. (eds.) ESORICS 2000. LNCS, vol. 1895, pp. 37–54. Springer, Heidelberg (2000)
Samuelson, P.: DRM {and, or, vs.} the Law. Communications of the ACM 46(4), 41–45 (2003)
Schaefer, M.: Symbol security condition considered harmful. In: Proceedings of the 1989 IEEE Symposium on Security and Privacy, pp. 20–46 (1989)
Sterne, D.F.: On the buzzword “Security Policy”. In: Proceedings of the 1991 IEEE Symposium on Research in Security and Privacy, pp. 219–230 (1991)
Zhou, J.: Fixing a security flaw in IKE protocols. Electronics Letters 35(13), 1072–1073 (1999)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Gollmann, D. (2003). Facets of Security. In: Priami, C. (eds) Global Computing. Programming Environments, Languages, Security, and Analysis of Systems. GC 2003. Lecture Notes in Computer Science, vol 2874. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-40042-4_6
Download citation
DOI: https://doi.org/10.1007/978-3-540-40042-4_6
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-20583-8
Online ISBN: 978-3-540-40042-4
eBook Packages: Springer Book Archive