Toward a secure system engineering methodology

Proceedings New Security Paradigms Workshop

Volumn Part F129230, Issue , 1998, Pages 2-10

  Salter, Chris ^a   Saydjari, O Sami ^b   Schneter, Bruce ^c   Watlner, Jim ^a  

^a NSA   (United States)

^b DEFENSE ADVANCED RESEARCH PROJECTS AGENCY   (United States)

^c Counterpane Systems ^*  (United States)

Author keywords

[No Author keywords available]

Indexed keywords

SECURITY OF DATA;

EASE-OF-USE; ENGINEERING METHODOLOGY; RISK TOLERANCE; SECURE SYSTEM; USER NEED;

LIFE CYCLE;

EID: 85020200328     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/310889.310900     Document Type: Conference Paper

References (15)

1. H. Abelson, R. Anderson, S.M. Bellovin, J. Benatoh, M. Blaze, W. Diffie, J. Gilmore, P.G. Neumann, R.L. Rivest, J.I. Schiller, and B. Schneier, "The Risks of Key Recovery, Key Escrow, and Trusted Third-Party Encryption," World Wide Web Journal, v. 2, n. 3, 1997, pp. 241-257.
2. M. Alexander, Net Security: Your Digital Doberman, Ventana Press, 1997.
3. E. Amoroso, Fundamentals of Computer Security Technology, Prentice-Hall, 1994.
4. Defense Science Board, Report of the Defense Science Board Task Force on Information Warfare-Defense, November 1996.
5. H.F. Fialka, War by Other Means, W.W. Norton and Co., 1997.
6. P. Gutmann, "Secure Deletion of Data from Magnetic and Solid-State Memory," The Sixth USENIX Security Symposium Proceedings, USENIX Association, 1996, pp. 77-90.
7. J. Kelsey, B. Schneier, D. Wagner, and C. Hall, "Cryptanalytic Attacks on Pseudorandom Number Generators," in preparation.
8. J.T. Kohl and B.C. Neuman, "The Kerberos Network Authentication Service," RFC 1510, Sep 1993.
9. L. Lund, W. Unkenholz, D. Parks, C. Bowers, H. Brill, B. Garner, "O'er the RAMparts We Watch: An Introduction to the Risk Analysis Model (RAM)", National Security Agency, 1996.
10. R. Needham, "Denial of Service," 1st ACM Conference on Computer and Communications Security, ACM Press, 1993, pp. 151-153.
11. B. Schneier, Secrets and Lies; The Myth of Security in the Digital World, John Wiley & Sons, 1998. (In preparation.)
12. S. Smith, "LAVA's Dynamic Threat Analysis," Proceedings of the 12th National Computer Security Conference, 1989.
13. J.D. Weiss, "A System Security Engineering Process," Proceedings of the 14th National Computer Security Conference, 1991.
14. I. Winkler, Corporate Espionage, Prima Publishing, 1997.
15. A. Young and M. Yung, "The Dark Side of 'Black-Box' Cryptography or: Should We Trust Capstone?" Advances in Cryptology-Crypto '96 Proceedings, Springer-Verlag, 1996.