|
|
REFERENCES
Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.
1 Chapman, D. and Zwicky, E. Internet Security Firewalls. O'Reilly, Sebastopol, Calif., 1995.
2 William R. Cheswick , Steven M. Bellovin, Firewalls and Internet security: repelling the wily hacker, Addison-Wesley Longman Publishing Co., Inc., Boston, MA, 1994
3 IEEE. Local and Metropolitean Area Networks: Interoperable LAN/MAN Security (SILS). IEEE Std 802.10, 1990.
4 Stephen T. Kent, Internet Privacy Enhanced Mail, Communications of the ACM, v.36 n.8, p.48-60, Aug. 1993
5 Morris, R. A Weakness in the 4.2BSD UNIX TCP/IP Software. Computing Science Technical Report No. 117, AT&T Bell Laboratories, Murray Hill, N J, Feb. 1985.
6 Oppliger, R. Authentication and key distribution in computer networks and distributed systems. In Communications and M~ltimedia Security. R. Posch, Ed. Chapman & Hall, London, UK, 1995.
7 Rolf Oppliger, Internet Security Enters the Middle Ages, Computer, v.28 n.10, p.100-101, October 1995
8 Rolf Oppliger, Authentication Systems for Secure Networks, Artech House, Inc., Norwood, MA, 1996
9 Bruce Schneier, Applied cryptography (2nd ed.): protocols, algorithms, and source code in C, John Wiley & Sons, Inc., New York, NY, 1995
10 E. H. Spafford, Crisis and aftermath, Communications of the ACM, v.32 n.6, p.678-687, June 1989
11 Gene Tsudik, Message authentication with one-way hash functions, ACM SIGCOMM Computer Communication Review, v.22 n.5, p.29-38, Oct. 1992
12 D. A. Wagner , S. M. Bellovin, A \"bump in the stack\" encryptor for MS-DOS systems, Proceedings of the 1996 Symposium on Network and Distributed System Security (SNDSS '96), p.155, February 22-23, 1996
CITINGS 8
Eric Ly, Distributed Java Applets for Project Management on the Web, IEEE Internet Computing, v.1 n.3, p.21-26, May 1997
Lorrie Faith Cranor, Internet privacy, Communications of the ACM, v.42 n.2, p.28-38, Feb. 1999
William Natale, TCP/IP and security software applications, The Journal of Computing in Small Colleges, v.16 n.3, p.205-211, March 2001
Alok Gupta , Y. Alex Tung , James R. Marsden, Digital signature: use and modification to achieve success in next generational e-business processes, Information and Management, v.41 n.5, p.561-575, May 2004
Robert N. Smith , Yu Chen , Sourav Bhattacharya, Cascade of Distributed and Cooperating Firewalls in a Secure Data Network, IEEE Transactions on Knowledge and Data Engineering, v.15 n.5, p.1307-1315, September 2003
Vijay V. Raghavan, Toward an integrative model of application-software security, Practicing software engineering in the 21st century, Idea Group Publishing, Hershey, PA, 2003
Susan J. Chinburg , Ramesh Sharda , Mark Weiser, Establishing the business value of network security using analytical hierarchy process, Creating business value with information technology: challenges and solutions, Idea Group Publishing, Hershey, PA, 2003
Rakesh Agrawal , Ramakrishnan Srikant, Privacy-preserving data mining, ACM SIGMOD Record, v.29 n.2, p.439-450, June 2000
INDEX TERMS
Primary Classification:
H. Information Systems
H.4 INFORMATION SYSTEMS APPLICATIONS
H.4.3 Communications Applications
Nouns: Internet
Additional Classification:
C. Computer Systems Organization
C.2 COMPUTER-COMMUNICATION NETWORKS
C.2.0 General
Subjects: Security and protection (e.g., firewalls)
C.2.2 Network Protocols
Nouns: TCP/IP
D. Software
D.4 OPERATING SYSTEMS
E. Data
General Terms:
Algorithms, Languages, Security, Standardization
REVIEW
\"Matthew Allen Bishop\"
Two techniques for enhancing the security of systems connected to the Internet are presented. The first technique, the use of firewalls, is currently available and popular. The second, making changes to applications and protocol implementations, holds greater promise but is still being developed. This expository paper provides a good but shallow overview of the protocols and implementation issues. It focuses on the technical details but also touches on the political and social ramifications of introducing and maintaining security. The author's analogies in support of security are thought-provoking. The presentation of firewall technology is shorter and less satisfying. It describes the main types of firewalls and contrasts their advantages and disadvantages. The paper includes a number of frustrating minor errors. For example, the author states that “PGP conforms to most parts of the PEM specification” (p.100). This is inaccurate: PGP provides a functionality similar to that of Privacy Enhanced Mail, and uses the same fundamental idea of differing interchange and session keys, but the two are incompatible. To be fair, the paper correctly notes the major differences in the trust model. This paper provides a reasonable and readable survey, but leaves the reader wanting to know more. Online Computing Reviews Service
Collaborative Colleagues: Rolf Oppliger: Andres Albanese
Riccardo Bettati
Martin Bracher
Andreas Greulich
Amit Gupta
Mark Moran
Ruedi Rytz
Peter Trachsel
Peer to Peer - Readers of this Article have also read:
Web application security assessment by fault injection and behavior monitoring Proceedings of the 12th international conference on World Wide Web
Yao-Wen Huang , Shih-Kun Huang , Tsung-Po Lin , Chung-Hung Tsai
Data structures for quadtree approximation and compression Communications of the ACM 28, 9
Hanan Samet
A hierarchical single-key-lock access control using the Chinese remainder theorem Proceedings of the 1992 ACM/SIGAPP Symposium on Applied computing
Kim S. Lee , Huizhu Lu , D. D. Fisher
Putting innovation to work: adoption strategies for multimedia communication systems Communications of the ACM 34, 12
Ellen Francik , Susan Ehrlich Rudman , Donna Cooper , Stephen Levine
The GemStone object database management system Communications of the ACM 34, 10
Paul Butterworth , Allen Otis , Jacob Stein |
|
/1 
IP卡
狗仔卡
发表于 2006-9-18 13:36:22
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡