IEEE Security and Privacy

Network Neutrality versus Internet Trustworthiness?

Network Neutrality requirements are being proposed to promote investment and innovation for the Internet. However, these requirements will likely affect the Internet's trustworthiness too, and there is little discussion about this. Trustworthiness experts must start contributing to the debate their expertise about how to build systems that resist attack and failure.

Silver Bullet Talks with Adam Shostack

Gary McGraw interviews Adam Shostack. Shostack is a member of Microsoft's Secure Development Lifecycle Team. He's worked for Zero Knowledge as Most Evil Genius and Reflective where, as CTO, he focused on static analysis for software security. Shostack recently coauthored The New School of Information Security with Andrew Stewart.

News Briefs

A brief look at security and privacy news.

Open Wireless Networks on University Campuses

Open wireless networks raise privacy issues and entail increased risk of malicious attacks and illegal downloading activities. Such networks are nonetheless attractive—particularly to universities—because they enhance usability and thus expand access to nonsensitive system resources. At universities, such access brings numerous benefits to students, faculty, and the surrounding community alike. Here, the authors describe the challenges of removing individual user authentication requirements at the perimeter of a university network in which mobile device users access system resources over wireless links to the wired infrastructure. The authors discuss how to mitigate the security and privacy risks entailed in an open network of this sort, and also describe how IT departments can vary the network's degree of openness.

Second-Generation RFID

Current ultra-high frequency air interface protocols help users get the true benefits of second-generation RFID standards. However, these technologies also have some security drawbacks and limitations.

Transactional Confidentiality in Sensor Networks

In a sensor network environment, elements such as message rate, message size, mote frequency, and message routing can reveal transactional data—that is, information about the sensors deployed, frequency of events monitored, network topology, parties deploying the network, and location of subjects and objects moving through the networked space. Whereas the confidentiality of network communications content is secured through encryption and authentication techniques, the ability of network outsiders and insiders to observe transactional data can also compromise network confidentiality. Four types of transactional data are typically observable in sensor networks. Measures to limit the availability and utility of transactional data are essential to preserving confidentiality in sensor networks.

Remote Client Authentication

The effectiveness of remote client-authentication schemes varies significantly in relation to today's security challenges, which include phishing, man-in-the-middle attacks, and malicious software. A survey of remote authentication methods shows how each measures up and includes recommendations for solution developers and consumers.

Usage Control Enforcement: Present and Future

Both personal data and intellectual property must be protected for various reasons. The authors explore the state of the art in usage control, which is about controlling the use of such data after it has been given away, and identify room for improvement.

Learning by Failing (and Fixing)

Unfortunately, students can graduate with a software engineering degree without learning anything about building secure systems. However, for the past two years at the Norwegian University of Science and Technology, a software security course has been giving students the theoretical foundation and practical experience necessary to start comprehending software security issues.

Heuristics for De-identifying Health Data

Before releasing personal health information for secondary uses, such as research or public health monitoring, organizations must de-identify the data they've collected. Several common heuristics are useful for this purpose, but they also have limitations.

The Virtues of Mature and Minimalist Cryptography

This installment of Crypto Corner takes a concise look at some of the issues responsible for why cryptography usually ends up looking bad, in practice, and fails to establish the right threat model, let alone realize it. Ultimately, this failure is largely due to a lack of cryptographic competence and the dreaded habit of crammed-in-and-cobbled-together design.

Insiders Behaving Badly

This column goes beyond previous insider analyses to identify a framework for a taxonomy of insider threats including both malicious and inadvertent actions by insiders that put organizations or their resources at some risk. The framework includes factors reflecting the organization, the individual, the information technology system, and the environment.

Security and Privacy Landscape in Emerging Technologies

Recent events spawned a need for better communications of security systems, including industrial control systems and emergency management systems. This work is in initial phases and the author reports it here. In this final column for emerging standards and technologies, she also discusses the privacy and security challenges of Web 2.0 and globalization.

Strong Attractors

Dan Geer and Dan Conway examine the metrics of where attackers are, and where they seek out victims.

How the Human Brain Buys Security

Bruce Schneier examines prospect theory and how it applies to computer security. The solution is not to sell security directly, but to include it as part of a more general product or service. Vendors need to build security into the products and services that customers actually want. Security is inherently about avoiding a negative, so you can never ignore the cognitive bias embedded so deeply in the human brain. But if you understand it, you have a better chance of overcoming it.