13th Annual Computer Security Applications Conference

Technical Program Features and Organization

We continue to add diversity to the manner in which computer security applications are discussed at the conference. Paper sessions include refereed papers that describe the latest in implementations and applications-oriented research.

The conference includes two types of sessions designed to allow significant time for interaction with the audience: panel sessions are designed to provoke discussion on a controversial topic; forum sessions may report on the results of implementation activities or provide different perspectives on a single topic of interest.

Vendor presentations allow providers of products and/or services an opportunity to describe the innovative ways in which their products or services are being used to implement secure systems.

The Vendor Track will include vendor presentations on capabilities and applications of INFOSEC products to realistic civil, defense, and commercial problems. The Vendor Track will feature systems integrators, designers, and architects from the government and private sector. Displays will also be open on Wednesday during the evening reception and on Thursday during breaks between the sessions.

PROGRAM

Wednesday, December 10, 1997

General Session

7:30 Registration

9:00 Opening Remarks Dr. Gary Smith, Conference Chair
SAIC

9:05 Welcome to San Diego Hotel Manager

9:10 Distinguished Lecture
Click here for slides Marcus J. Ranum, V-ONE, Inc.

9:50 Student Paper Award Dr. Matt Bishop, Student Chair
UC, Davis

9:55 Technical Program Introduction Dr. Ron Ross, Program Chair
IDA

10:00 BREAK
TRACK A TRACK B TRACK C

10:30 Virtual Money
Chair: K. Keus, German Information Systems Agency
Micro-digital Money for Electronic Comerce, K. Nguyen, V. Varadharajan, Y. Mu, University of Western Sydney
An Efficient Off-Line Anonymous Cash Scheme, K. Nguyen, V. Varadharajan, Y. Mu, University of Western Sydney
The Secure Distribution of Digital Contents, E. von Faber, R. Hammelrath, F Heider, Debis IT Security Services
Forum: Evolving the Evaluation Paradigm
Chair: M. Schanken, NSA
Speakers:
K. Britton, NSA
G. Copeland, CSC
TBD
Click here for information and documents from the Assurance Approaches Working Group (AAWG)
Encryption
Chair: S. Reichert, NSA
A New Multilevel Secure AT Encryption System, G. Cohen, GTE
The Need for User Encryption Key Recovery in Security-Based Applications, R. Thompson, TIS, Inc.
NetFortress, P. Johannessom, DSN Technology

12:00 LUNCH

1:30 Assurance
Chair: J. Adams, TIS, Inc.
Simple Assured Bastion Hosts, C. Cant, S. Wiseman, Defense Evaluation and Research Agency
Kernel and Shell-Based Applications Integrity Assurance, G. Mohay, J. Zellers, Queensland University of Technology
Risk Assessment for Large Heterogeneous Systems, J. Freeman, T. Darr, R. Neely, CTA Incorporated
Database Security
Chair: L. Notargiacomo, Oracle Corp.
Securing an Object Relational Database, S. Lewis, S. Wiseman, Defense Evaluation and Research Agency
click for text . . Supporting Secure Canonical Upgrade Policies in Multilevel Secure Object Stores, S. Foley, University College Cork
Incremental Assurance for Multilevel Applications, D. Thompson, Secure Computing Corp., M. Denz, Air Force Research Laboratory
Risk
Chair: N. Kunes, Motorola
Which Security Solution is Correct for My System?, J. Luchko, Telos
VISART, A Risk Analysis Tool, D. Peeples, NSA
Quantifiable Risk Management, G. Adams, Trident Data Systems

3:00 BREAK

3:30 Forum: Product Assurance
Chair: J. Adams, TIS, Inc.
Panelists:
M. Diaz, Motorola
D. Gambel, Mitretek Systems
M. Aldrich, GRCI
Dr. R. Hefner, TRW
Network Security
Chair: S. LaFountain, NSA
An Efficient Message Authentication Scheme for Link State Routing, S. Cheung, UC, Davis
Detection and Classification of TCP/IP Network Services, K. Tan, B. Collie, Australian Federal Police
Achieving User Privacy in Mobile Networks, B. Askwith, M. Merabti, Q. Shi, K. Whiteley, Distributed Multimedia Systems Group

Intrusion Detection
Chair: M. Landesburg, GTE
Enterprise Security, E. Kaufman, CISCO
Integrated Network Monitoring Approach, J. Johnson, Internet Security, Inc.
Intrusion Management, P. Stephenson, Versalink

5:30 RECEPTION

Wednesday Reception starts promptly at 5:30 pm. The reception provides an opportunity for informal conversation and renewal of acquaintances. Vendor displays will be available to provide product and service information.

[ THURSDAY'S PROGRAM ]

[ HOW TO REGISTER ]

[ ACSAC HOME PAGE ] [ GENERAL INFORMATION ] [ MAIL ACSAC WEBMASTER ]

7:30	Registration
9:00	Opening Remarks	Dr. Gary Smith, Conference Chair SAIC
9:05	Welcome to San Diego	Hotel Manager
9:10	Distinguished Lecture Click here for slides	Marcus J. Ranum, V-ONE, Inc.
9:50	Student Paper Award	Dr. Matt Bishop, Student Chair UC, Davis
9:55	Technical Program Introduction	Dr. Ron Ross, Program Chair IDA
10:00	BREAK
	TRACK A	TRACK B	TRACK C
10:30	Virtual Money Chair: K. Keus, German Information Systems Agency Micro-digital Money for Electronic Comerce, K. Nguyen, V. Varadharajan, Y. Mu, University of Western Sydney An Efficient Off-Line Anonymous Cash Scheme, K. Nguyen, V. Varadharajan, Y. Mu, University of Western Sydney The Secure Distribution of Digital Contents, E. von Faber, R. Hammelrath, F Heider, Debis IT Security Services	Forum: Evolving the Evaluation Paradigm Chair: M. Schanken, NSA Speakers: K. Britton, NSA G. Copeland, CSC TBD Click here for information and documents from the Assurance Approaches Working Group (AAWG)	Encryption Chair: S. Reichert, NSA A New Multilevel Secure AT Encryption System, G. Cohen, GTE The Need for User Encryption Key Recovery in Security-Based Applications, R. Thompson, TIS, Inc. NetFortress, P. Johannessom, DSN Technology
12:00	LUNCH
1:30	Assurance Chair: J. Adams, TIS, Inc. Simple Assured Bastion Hosts, C. Cant, S. Wiseman, Defense Evaluation and Research Agency Kernel and Shell-Based Applications Integrity Assurance, G. Mohay, J. Zellers, Queensland University of Technology Risk Assessment for Large Heterogeneous Systems, J. Freeman, T. Darr, R. Neely, CTA Incorporated	Database Security Chair: L. Notargiacomo, Oracle Corp. Securing an Object Relational Database, S. Lewis, S. Wiseman, Defense Evaluation and Research Agency click for text . . Supporting Secure Canonical Upgrade Policies in Multilevel Secure Object Stores, S. Foley, University College Cork Incremental Assurance for Multilevel Applications, D. Thompson, Secure Computing Corp., M. Denz, Air Force Research Laboratory	Risk Chair: N. Kunes, Motorola Which Security Solution is Correct for My System?, J. Luchko, Telos VISART, A Risk Analysis Tool, D. Peeples, NSA Quantifiable Risk Management, G. Adams, Trident Data Systems
3:00	BREAK
3:30	Forum: Product Assurance Chair: J. Adams, TIS, Inc. Panelists: M. Diaz, Motorola D. Gambel, Mitretek Systems M. Aldrich, GRCI Dr. R. Hefner, TRW	Network Security Chair: S. LaFountain, NSA An Efficient Message Authentication Scheme for Link State Routing, S. Cheung, UC, Davis Detection and Classification of TCP/IP Network Services, K. Tan, B. Collie, Australian Federal Police Achieving User Privacy in Mobile Networks, B. Askwith, M. Merabti, Q. Shi, K. Whiteley, Distributed Multimedia Systems Group	Intrusion Detection Chair: M. Landesburg, GTE Enterprise Security, E. Kaufman, CISCO Integrated Network Monitoring Approach, J. Johnson, Internet Security, Inc. Intrusion Management, P. Stephenson, Versalink
5:30	RECEPTION