Remote Timing Attacks Are Practical

EBook Description: Timing attacks enable an attacker to extract secrets maintained in a security system by observing the time it takes the system to respond to various queries

This paper describes an asynchronous state-machine replication system that tolerates Byzantine faults, which can be caused by malicious attacks or software errors.

IO-Lite: A Unified I/O Buffering and Caching System

Are your systems and network functioning correctly? Can you be sure at this moment? Every administrator has some need to be able to answer these or similar questions on an ongoing basis.

Security in Plan 9

The security architecture of the Plan 9(tm) operating system has recently been redesigned to address some technical shortcomings. This redesign provided an opportunity also to make the system more convenient to use securely. Plan 9 has thus improved in two ways not usually seen together: it has become more secure and easier to use.

CPCMS: A Configuration Management System Based on Cryptographic Names

Online Free

The Dos and Don'ts of Client Authentication on the Web

We provide a description of the limitations, requirements, and security models specific to Web client authentication. This includes the introduction of the interrogative adversary, a surprisingly powerful adversary that can adaptively query a Web site.

NT Security in an Open Academic Environment

Stanford Linear Accelerator Center (SLAC) was faced with the need to secure its PeopleSoft/Oracle business system in an academic environment which only has a minimal firewall. To provide protected access to the database servers for NT-based users all over the site while not hindering the lab's open connectivity with the Internet, we implemented a pseudo three-tier architecture for PeopleSoft with Windows Terminal Server and Citrix MetaFrame technology

The Design and Analysis of Graphical Passwords

In this paper we explore an approach to user authentication that generalizes the notion of a textual password and that, in many cases, improves the security of user authentication over that provided by textual passwords.

Dealing with Public Ethernet Jacks - Switches, Gateways, and Authentication

This paper describes the tools and techniques developed and deployed to address the problem of blocking unauthorized users on unprotected Ethernet jacks.

A Retrospective on Twelve Years of LISA Proceedings

System administrators don't have a lot of time for introspection of their field. So work is repeated and new administrators, or people trying to do research on system administration, don't know where to start. To provide a starting point, we have examined the last twelve years of LISA proceedings and have categorized the papers in two separate ways

Bro: A System for Detecting Network Intruders in Real-Time

With growing Internet connectivity comes growing opportunities for attackers to illicitly access computers over the network. The problem of detecting such attacks is termed network intrusion detection, a relatively new area of security research

• Free IAS eBooks
• Free GRE eBooks
• Free MBA eBooks
• Free GATE eBooks