References
Next: ISO Protocol Security
Up: Security in Open Systems
Previous: Policy Aspects That
References
- AMPH87
-
Abrams, Marshall, Podell, and Harold.
Computer and Network Security.
Catalog No. EH0255-0. IEEE Computer Society Press, 1987.
- Ank92
-
R. Ankney.
Security Services in Message Handling Environments.
The Messaging Technology Report, 1(5), June 1992.
- ANS85
-
Financial Institution Key Management (Wholesale) Standard.
American National Standard X9.17, American National Standards
Institute, 1985.
- ANS86
-
Financial Institution Message Authentication (Wholesale).
Technical Report X9.9, American National Standards Institute, 1986.
- ANS89
-
Database Language - SQL with Integrity Inhancements.
American National Standard X3.135, American National Standards
Institute, 1989.
- ANS92
-
Database Language SQL.
American National Standard X3.135-1992, American National Standards
Institute, 1992.
- ATT90
-
AT&.
UNIX System V Release 4 Network User's and
Administrator's Guide, 1990.
- Bel89
-
Steven M. Bellovin.
Security Problems in the TCP/IP Protocol Suite.
Computer Communications Review, 9(2):32-48, April 1989.
- bel90
-
Integrated Information Systems Architecture Seminar.
Bell Atlantic, February 22 1990.
- Bel92
-
Steven M. Bellovin.
There Be Dragons.
In USENIX Security Symposium III Proceedings, pages 1-16.
USENIX Association, September 14-16 1992.
- CA-92
-
CERT Advisory: Altered System Binaries Incident.
CERT, June 22 1992.
- CA-93
-
CERT Advisory: Anonymous FTP Activity.
CERT, July 14 1993.
- CB94
-
William R. Cheswick and Steven M. Bellovin.
Firewalls and Internet Security.
Addison-Wesley, Reading, MA, 1994.
- CCI88a
-
X.400, Message handling system and service overview.
CCITT, 1988.
- CCI88b
-
X.402, Message handling systems: Overall architecture.
CCITT, 1988.
- CCI88c
-
X.411, Message handling systems - Message transfer system: Abstract
service definition and procedures.
CCITT, 1988.
- CCI88d
-
X.509, The Directory - Authentication Framework.
CCITT, 1988.
- Cha92
-
D. Brent Chapman.
Network (In)Security Through IP Packet Filtering.
In USENIX Security Symposium III Proceedings, pages 63-76.
USENIX Association, September 14-16 1992.
- Che90
-
William R. Cheswick.
The Design of a Secure Internet Gateway.
In USENIX Summer Conference Proceedings. USENIX Association,
June 1990.
- CM89
-
D. Rush C. Mitchell, M. Walker.
CCITT/ISO Standards for Secure Message Handling.
IEEE Journal on Selected Areas in Communications, 7(4), May
1989.
- Com86
-
Federal Communications Commission.
Computer Inquiry III.
FCC, June 1986.
- Cou89
-
National Research Council.
Growing Vulnerability of the Public Switched Networks.
National Academy Press, 1989.
- Cou90
-
National Security Telecommunications Advisory Council.
Report of the Network Security Task Force.
National Security Telecommunications Advisory Council, 1990.
- CTC93
-
The Canadian Trusted Computer Product Evaluation Criteria
(CTCPEC) Version 3.0e.
Canadian System Security Centre, Communications Security
Establishment, Government of Canada, January 1993.
- Cur92
-
D. Curry.
UNIX System Security.
Addison-Wesley Publishing Company, Inc., 1992.
- Dol88
-
S.E. Dolan.
Open Network Architecture from an Operational Perspective.
In IEEE Globecom. IEEE, 1988.
- Dwo91
-
F.S. Dworak.
Approaches to Detecting and Resolving Feature Interactions.
In Proceedings, IEEE Globecom. IEEE, 1991.
- Fah92
-
Paul Fahn.
Answers to Frequently Asked Questions About Today's
Cryptography.
RSA Laboratories, 1992.
- FC92
-
Federal Criteria for Information Technology Security Version 1.0.
National Institute of Standards and Technology and National
Security Agency, December 1992.
- FIP85
-
Computer Data Authentication.
Federal Information Processing Standards Publication FIPS 113,
National Bureau of Standards (U.S.), May 30 1985.
- FIP90
-
Database Language SQL.
Federal Information Processing Standard 127-1, National Institute of
Standards and Technology, 1990.
- FIP92
-
Key Management Using ANSI X9.17.
Federal Information Processing Standards Publication 171, National
Institute of Standards and Technology, April 27 1992.
- FIP93a
-
Database Language SQL.
Federal Information Processing Standard 127-2, National Institute of
Standards and Technology, January 1993.
- FIP93b
-
Portable Operating System Interface (POSIX) - System Application
Program Interface [C Language].
Federal Information Processing Standard 151-2, National Institute of
Standards and Technology, May 12 1993.
- FIP93c
-
Draft Digital Signature Standard (DSS).
Federal Information Processing Standard, National Institute of
Standards and Technology, February 1 1993.
- FIP93d
-
Draft Standard Security Label for Information Transfer.
Federal Information Processing Standard, National Institute of
Standards and Technology, September 30 1993.
- FIP94
-
Security Requirements for Cryptographic Modules.
Federal Information Processing Standards Publication 140-1, National
Institute of Standards and Technology, January 11 1994.
- Fis93
-
G. Fisher.
Application Portability Profile (APP) The U.S. Government's Open
System Environment Profile OSE/1 Version 2.0.
NIST Special Publication 500-187. National Institute of Standards and
Technology, June 1993.
- For94
-
Warwick Ford.
Computer Communications Security.
Prentice-Hall, Englewood Cliffs, NJ, 1994.
- GS91
-
S. Garfinkel and G. Spafford.
Practical Unix Security.
O'Reilly & Associates, Inc., 1991.
- Hel90
-
Dan Heller.
XView Programming Manual.
O'Reilly & Associates, Inc., 1990.
- iee86
-
Helping Computers Communicate.
IEEE Spectrum, March 1986.
- ISO90a
-
Information Technology - Portable Operating System Interface
(POSIX) - Part 1: System Application Program Interface (API)
[C Language].
ISO/IEC 9945-1, 1990.
- ISO90b
-
Remote Database Access - Part 1: Generic Model.
ISO/JTC1/SC21 N4282, Information Processing Systems - Open Systems
Interconnect, 1990.
- ISO90c
-
Remote Database Access - Part 2: SQL Specialization.
ISO/JTC1/SC21 N4281, Information Processing Systems - Open Systems
Interconnect, 1990.
- ISO92
-
ISO-ANSI Working Draft Database Language SQL (SQL3).
ISO/IEC JTC1/SC21 N6931, ISO/IEC, July 1992.
- ITS91
-
Information Technology Security Evaluation Criteria (ITSEC).
Department of Trade and Industry, London, June 1991.
Harmonized Criteria of France, Germany, the Netherlands, and
the United Kingdom;.
- JS92
-
Saqib Jang and Vipin Samar.
Network Information Service Plus (NIS+): An Enterprise
Naming Service.
Solaris 2.0 White Papers, SunSoft, 1992.
- Klu92
-
H.M. Kluepfel.
A Systems Engineering Approach to Security Baselines for
SS7.
Technical Report TM-STS-020882, Bellcore, 1992.
- Koh91
-
J.T. Kohl.
The Evolution of the Kerberos Authentication Service.
In Proceedings - Spring 1991 EurOpen Conference, 1991.
- Koh92
-
J.T. Kohl.
The Kerberos Network Authentication Service (V5), RFC,
Revison #5.
MIT, April 1992.
- Kuh91
-
D.R. Kuhn.
IEEE's POSIX: Making Progress.
IEEE Spectrum, December 1991.
- LeF92
-
William LeFebvre.
Restricting Network Access to System Daemons Under
SunOS.
In USENIX Security Symposium III Proceedings, pages 93-104.
USENIX Association, September 14-16 1992.
- Lin90
-
J. Linn.
Practical Authentication for Distributed Computing.
In 1990 Security and Privacy Symposium. IEEE CS Press, May
1990.
- Nec92
-
James Nechvatal.
A Public-Key Certificate Management System.
National Institute of Standards and Technology, May 1992.
- NIS91a
-
Advanced Athentication Technology.
NIST Computer Systems Laboratory Bulletin, NIST, November
1991.
- NIS91b
-
Public-Key Cryptography.
NIST Special Publication 800-2. National Institute of Standards and
Technology, April 1991.
- OB91
-
Karen Olsen and John Barkley.
Issues in Transparent File Access.
NIST Special Publication 500-186. National Institute of Standards and
Technology, April 1991.
- PI93
-
W. Timothy Polk and Lawrence E. Bassham III.
Security Issues in the Database Language SQL.
NIST Special Publication, 800-8. National Institute of
Standards and Technology, August 1993.
- POS92a
-
Draft Guide to the POSIX Open Systems Environment.
P1003.0/D16, IEEE, 1992.
- POS92b
-
Draft Standard for Information Technology - Portable Operating
System Interface (POSIX) - Amendment: Protection, Audit and
Control Interfaces.
P1003.1e/D13, IEEE, November 1992.
- POS92c
-
Draft Standard for Information Technology - Portable Operating
System Interface (POSIX) - Part 2: Shell and Utilities -
Amendment: Protection and Control Utilities.
P1003.2c/D13, IEEE, November 1992.
- POS93
-
Draft Standard for Transparent File Access Amendment to Portable
Operating System Interface (POSIX).
P1003.1f/D8, IEEE, November 1993.
- PR91
-
Holbrook P. and J. Reynolds.
RFC 1244: Security Policy Handbook.
prepared for the Internet Engineering Task Force, 1991.
- Ran92
-
Marcus Ranum.
An Internet Firewall.
In World Conference on Systems Management and Security, 1992.
- Ran93
-
Marcus Ranum.
Thinking About Firewalls.
In SANS-II Conference, April 1993.
- Rap93
-
Raptor Systems Incorporated.
Eagle Network Security Management System, User's
Guide, 1993.
- Ros90
-
Marshall T. Rose.
The Open Book.
Prentice-Hall, 1990.
- Ros91
-
David S. H. Rosenthal.
Inter-Client Communication Conventions Manual.
MIT X Consortium, 1991.
MIT X Consortium Standard. X Version 11, Release 5.
- RS89
-
J. Gettys R.W. Scheifler.
The X Window System.
ACM Transactions on Graphics, 5(2), 1989.
- Rus91
-
G. T. Russell, Deborah & Gangemi Sr.
Computer Security Basics.
O'Reilly & Associates, Inc., 1991.
- Sch91
-
Robert Scheifler.
X Security.
MIT X Consortium, 1991.
MIT X Consortium Standard. X Version 11, Release 5.
- SH88
-
G. Giridharagopal S. Homayoon.
ONA: Demands on Provisioning and Performance.
In IEEE Globecom. IEEE, 1988.
- Sim88
-
L. Simpson.
Open Network Architecture: OAM Perspective, an RBOC's
View.
In IEEE Globecom. IEEE, 1988.
- SMS87
-
J.I. Schiller S.P. Miller, B.C. Neuman and J.H. Saltzer.
Kerberos Authentication and Authorization System.
Section E.2.1, MIT Project Athena, December 21 1987.
- SQ92
-
Carl-Mitchell S. and John S. Quarterman.
Building Internet Firewalls.
UnixWorld, pages 93-102, February 1992.
- SUN90a
-
Sun Microsystems Inc.
Network Programming Guide, Revision A March 27 1990.
- SUN90b
-
Sun Microsystems Inc.
System & Network Administration, Revision A March 27
1990.
- TA91
-
J.J. Tardo and K. Alagappan.
SPX: Global Authentication Using Public Key
Certificates.
In Proc. IEEE Symp. Research in Security and Privacy. IEEE CS
Press, 1991.
- TCS85
-
Trusted Computer System Evaluation Criteria.
DOD 5200.28-STD, National Computer Security Center, December 1985.
- TDI91
-
Trusted Database Management System Interpretation.
NCSC-TG 021, National Computer Security Center, April 1991.
- TNI90
-
Trusted Network Interpretation.
NCSC-TG 005, National Computer Security Center, August 1990.
- Ven92
-
Wietse Venema.
TCP Wrapper: Network Montoring, Access Control and
Booby Traps.
In USENIX Security Symposium III Proceedings, pages 85-92.
USENIX Association, September 14-16 1992.
- WL92
-
T.Y.C. Woo and Simon S. Lam.
Authentication for Distributed Systems.
IEEE CS Press, 1992.
- Woo87
-
J. P. L Woodward.
Security Requirements for System High and Compartmented
Mode Workstations.
Technical Report MTR 9992, Revision 1, The MITRE Corporation,
Bedford, MA, November 1987.
Also published by the Defense Intelligence Agency as document
DDS-2600-5502-87.
John Barkley
Fri Oct 7 16:17:21 EDT 1994