w/in this Title
ACM Transactions on Information and System Security
1-10 of 71 reviews
Designing password policies for strength and usability
Shay R., Komanduri S., Durity A., Huh P., Mazurek M., Segreti S., Ur B., Bauer L., Christin N., Cranor L. ACM Transactions on Information and System Security 18(4): Article No. 13, 2016. Type: Article
Have you ever wondered why some websites use really annoying password policies? Or have you been responsible for designing a password policy for your organization, and been caught between the users’ demands for easy-to-remember passwords and...
Jun 27 2017
Cryptographic theory meets practice: efficient and privacy-preserving payments for public transport
Rupp A., Baldimtsi F., Hinterwälder G., Paar C. ACM Transactions on Information and System Security 17(3): 1-31, 2015. Type: Article
Electronic devices for executing transactions in real time for applications such as transit systems and vending machines require safekeeping mechanisms for users. But how should customers who use low-cost devices with scarce storage securely perfo...
Sep 15 2015
Gatling: automatic performance attack discovery in large-scale distributed systems
Lee H., Seibert J., Fistrovic D., Killian C., Nita-Rotaru C. ACM Transactions on Information and System Security 17(4): 1-34, 2015. Type: Article
A distributed system consists of many individual and independent nodes interacting with one another using a standardized set of protocols. Since the scale of nodes is often thousands or even millions, it is very hard, if not impossible, to detect ...
Aug 18 2015
Mutual authentication and trust bootstrapping towards secure disk encryption
Götzfried J., Müller T. ACM Transactions on Information and System Security 17(2): 1-23, 2014. Type: Article
The data on storage devices for laptops and mobile devices need protection from theft and misplacement, and require reliable security schemes. How can users securely access encrypted data on storage devices? The authors offer a tamper-proof bootst...
Mar 30 2015
SpartanRPC: remote procedure call authorization in wireless sensor networks
Chapin P., Skalka C. ACM Transactions on Information and System Security 17(2): 1-30, 2014. Type: Article
Communications in mobile reconnaissance mission systems require secure wireless sensor networks (WSNs). How should efficient and secure remote procedure calls (RPCs) be designed and implemented to allow servers to stipulate access policy and oblig...
Feb 17 2015
CPM: masking code pointers to prevent code injection attacks
Philippaerts P., Younan Y., Muylle S., Piessens F., Lachmund S., Walter T. ACM Transactions on Information and System Security 16(1): 1-27, 2013. Type: Article
One way for an attacker to take control of a computer is to replace the value of a code pointer or return address with the address of the attacker’s program. Code pointer masking (CPM) guards against this kind of attack by ANDing a bit patte...
Sep 19 2013
On two RFID privacy notions and their relations
Li Y., Deng R., Lai J., Ma C. ACM Transactions on Information and System Security 14(4): 1-23, 2011. Type: Article
As radio frequency identification (RFID) technology becomes widespread, such as for high-speed highway toll payments, ensuring user security and privacy is paramount. At issue is the unauthorized accessing of RFID user tags through an adversary RF...
Jun 20 2012
Practical and efficient cryptographic enforcement of interval-based access control policies
Crampton J. ACM Transactions on Information and System Security 14(1): 1-30, 2011. Type: Article
Cryptography-based hierarchical access control has received considerable attention, particularly in recent years. Since its conception, various enforcement schemes have been proposed that address the performance issues and various access control p...
Dec 12 2011
Empowering end users to confine their own applications: the results of a usability study comparing SELinux, AppArmor, and FBAC-LSM
Schreuders Z., McGill T., Payne C. ACM Transactions on Information and System Security 14(2): 1-28, 2011. Type: Article
Application security is at the core of current computing usage. This paper describes a Linux-based software product that may help organizations confine applications without consuming excessive support resources. It is for people with responsibilit...
Nov 29 2011
Remote data checking using provable data possession
Ateniese G., Burns R., Curtmola R., Herring J., Khan O., Kissner L., Peterson Z., Song D. ACM Transactions on Information and System Security 14(1): 1-34, 2011. Type: Article
As we increasingly embrace the concept of cloud computing, the risks of losing data could not be greater. This paper describes those risks, and offers a solution by providing a model for provable data possession....
Aug 25 2011
Reproduction in whole or in part without permission is prohibited. Copyright © 2000-2017 ThinkLoud, Inc.