security.bib
@misc{bellovin.cohen.ea:results,
author = {Steven M. Bellovin and C. Cohen and J. Havrilla and S.
Herman and B. King and J. Lanza and L. Pesante and R.
Pethia and S. McAllister and G. Henault and R.~T. Goodden
and A. P. Peterson and S. Finnegan and K. Katano and R.~M.
Smith and R.~A. Lowenthal},
title = {Results of the ``{Security} in {ActiveX} {Workshop}''},
month = {December},
year = 2000,
url = {http://www.cert.org/reports/activeX_report.pdf}
}
@inproceedings{bellovin:towards,
author = {Steven M. Bellovin},
year = 1989,
title = {Towards a Commercial {IP} Security Option},
booktitle = {Commercial {IPSO} Workshop, {INTEROP} '89}
}
@article{bellovin:distributed,
author = {Steven M. Bellovin},
title = {Distributed Firewalls},
journal = {{;login:}},
month = {November},
year = 1999,
pages = {39--47},
url = {http://www.cs.columbia.edu/~smb/papers/distfw.pdf},
psurl = {http://www.cs.columbia.edu/~smb/papers/distfw.ps},
htmurl = {http://www.cs.columbia.edu/~smb/papers/distfw.html}
}
@inproceedings{ioannidis.keromytis.ea:implementing,
author = {Sotiris Ioannidis and Angelos D. Keromytis and Steven M.
Bellovin and Jonathan M. Smith},
title = {Implementing a Distributed Firewall},
year = 2000,
booktitle = {{ACM} Conference on Computer and Communications Security},
address = {Athens, Greece},
month = {November},
url = {http://www.cs.columbia.edu/~smb/papers/ccs-df.pdf}
}
@inproceedings{bellovin:using,
author = {Steven M. Bellovin},
month = {June},
title = {Using the Domain Name System for System Break-Ins},
year = {1995},
booktitle = {Proceedings of the Fifth Usenix Unix Security Symposium},
address = {Salt Lake City, UT},
pages = {199--208},
url = {http://www.cs.columbia.edu/~smb/papers/dnshack.pdf}
}
@inproceedings{cheswick.bellovin:dns,
author = {Bill Cheswick and Steven M. Bellovin},
title = {A {DNS} Filter and Switch for Packet-filtering Gateways},
year = 1996,
booktitle = {Proceedings of the Sixth Usenix Unix Security Symposium},
address = {San Jose, CA},
pages = {15--19},
url = {http://www.cheswick.com/ches/papers/dnsproxy.html}
}
@inproceedings{bellovin:there,
author = {Steven M. Bellovin},
pages = {1--16},
month = {September},
title = {There Be Dragons},
booktitle = {Proceedings of the Third Usenix Unix Security Symposium},
year = {1992},
url = {http://www.cs.columbia.edu/~smb/papers/dragon.pdf},
annote = {A discussion of attacks observed against our firewall.}
}
@article{bellovin:computer,
author = {Steven M. Bellovin},
title = {Computer Security---An End State?},
journal = {Communications of the {ACM}},
volume = 44,
number = 3,
month = {March},
year = 2001,
url = {http://www.cs.columbia.edu/~smb/papers/acm-predict.pdf}
}
@article{cheswick.bellovin:how,
journal = {Scientific American},
title = {How Computer Security Works: Firewalls},
author = {William Cheswick and Steven M. Bellovin},
month = {October},
year = 1998,
pages = {106-107}
}
@inproceedings{bellovin:look,
author = {Steven M. Bellovin},
title = {A Look Back at ``{Security} Problems in the {TCP/IP}
Protocol Suite''},
year = 2004,
month = {December},
booktitle = {Annual Computer Security Applications Conference},
note = {Invited paper},
url = {http://www.cs.columbia.edu/~smb/papers/acsac-ipext.pdf}
}
@article{bellovin:security,
author = {Steven M. Bellovin},
journal = {Computer Communications Review},
month = {April},
number = {2},
pages = {32--48},
title = {Security Problems in the {TCP/IP} Protocol Suite},
volume = {19},
year = {1989},
annote = {An early paper describing some security risks from the
then-standard protocols in TCP/IP. Not all of the attacks
have happened yet\ldots.},
url = {http://www.cs.columbia.edu/~smb/papers/ipext.pdf}
}
@misc{bellovin.gansner:using,
author = {Steven M. Bellovin and Emden R. Gansner},
title = {Using Link Cuts to Attack {Internet} Routing},
year = 2003,
note = {Draft},
url = {http://www.cs.columbia.edu/~smb/papers/reroute.pdf},
psurl = {http://www.cs.columbia.edu/~smb/papers/reroute.ps}
}
@inproceedings{denker.bellovin.ea:moat,
author = {J.~S. Denker and S.~M. Bellovin and H. Daniel and N.~L.
Mintz and T. Killian and M.~A. Plotnick},
title = {Moat: A Virtual Private Network Appliance and Services
Platform},
year = 1999,
month = {November},
booktitle = {Proceedings of LISA XIII},
url = {http://www.cs.columbia.edu/~smb/papers/moat.pdf}
}
@inproceedings{bellovin:security*1,
author = {Steven M. Bellovin},
month = {June},
year = 1995,
title = {Security and Uses of the {Internet}},
booktitle = {Proceedings of the North American Serials Interest Group}
}
@article{mahajan.bellovin.ea:controlling,
author = {Ratul Mahajan and Steven M. Bellovin and Sally Floyd and
John Ioannidis and Vern Paxson and Scott Shenker},
title = {Controlling High Bandwidth Aggregates in the Network},
url = {http://www.cs.columbia.edu/~smb/papers/pushback-CCR.pdf},
journal = {Computer Communications Review},
year = 2002,
month = {July},
volume = 32,
number = 3,
pages = {62--73}
}
@inproceedings{ioannidis.bellovin:implementing,
author = {John Ioannidis and Steven M. Bellovin},
title = {Implementing Pushback: Router-Based Defense Against
{DD}o{S} Attacks},
booktitle = {Proc. Internet Society Symposium on Network and
Distributed System Security},
year = 2002,
url = {http://www.cs.columbia.edu/~smb/papers/pushback-impl.pdf},
psurl = {http://www.cs.columbia.edu/~smb/papers/pushback-impl.ps}
}
@inproceedings{bellovin:session,
author = {Steven M. Bellovin},
title = {The ``Session Tty'' Manager},
booktitle = {Proc. Usenix Conference},
year = 1988,
month = {Summer},
url = {http://www.cs.columbia.edu/~smb/papers/sessext.pdf}
}
@inproceedings{ioannidis.bellovin.ea:sub-operating,
author = {Sotiris Ioannidis and Steven M. Bellovin and Jonathan
Smith},
title = {Sub-Operating Systems: A New Approach to Application
Security},
booktitle = {SIGOPS European Workshop},
year = 2002,
month = {September},
url = {http://www.cs.columbia.edu/~smb/papers/subos.pdf}
}
@inproceedings{ioannidis.bellovin:building,
author = {Sotiris Ioannidis and Steven M. Bellovin},
title = {Building a Secure Web Browser},
booktitle = {Usenix Conference},
month = {June},
year = 2001,
url = {http://www.cs.columbia.edu/~smb/papers/sub-browser.pdf}
}
@incollection{gregory:why,
year = 1999,
title = {Why Systems Administration is Hard},
booktitle = {Solaris Security},
author = {Peter Gregory},
publisher = {Prentice-Hall},
note = {(Foreword)},
url = {http://www.cs.columbia.edu/~smb/papers/sysadmin.html},
otherauth = {Bellovin}
}
@inproceedings{gleitz.bellovin:transient,
author = {Peter M. Gleitz and Steven M. Bellovin},
title = {Transient Addressing for Related Processes: Improved
Firewalling by Using {IPv6} and Multiple Addresses per
Host},
booktitle = {Proceedings of the Eleventh Usenix Security Symposium,},
month = {August},
year = 2001,
url = {http://www.cs.columbia.edu/~smb/papers/tarp.pdf}
}
@article{bellovin.keromytis.ea:worm,
author = {Steven M. Bellovin and Angelos Keromytis and Bill
Cheswick},
title = {Worm Propagation Strategies in an {IPv6} {Internet}},
journal = {{;login:}},
month = {February},
year = 2006,
pages = {70-76},
url = {http://www.cs.columbia.edu/~smb/papers/v6worms.pdf}
}
@inproceedings{ioannidis.bellovin.ea:design,
author = {Sotiris Ioannidis and Steven M. Bellovin and John
Ioannidis and Angelos D. Keromytis and Jonathan M. Smith},
title = {Design and Implementation of Virtual Private Services},
booktitle = {Proceedings of the {IEEE} International Workshops on
Enabling Technologies: Infrastructure for Collaborative
Enterprises {(WETICE)}, Workshop on Enterprise Security},
year = 2003,
month = {June},
address = {Linz, Austria},
url = {http://www.cs.columbia.edu/~smb/papers/vps.pdf}
}
@article{ioannidis.bellovin.ea:coordinated,
author = {Sotiris Ioannidis and Steven M. Bellovin and John
Ioannidis and Angelos D. Keromytis and Kostas Anagnostakis
and Jonathan M. Smith},
title = {Coordinated Policy Enforcement for Distributed
Applications},
journal = {International Journal of Network Security},
year = 2007,
month = {January},
pages = {69--80},
volume = 4,
number = 1,
url = {http://www.cs.columbia.edu/~smb/papers/ijns-2007-v4-n1-p69-80.pdf}
}
@inproceedings{yee.wagner.ea:prerendered,
author = {Ka-Ping Yee and David Wagner and Marti Hearst and Steven
M. Bellovin},
title = {Prerendered User Interfaces for Higher-Assurance
Electronic Voting},
booktitle = {Usenix/ACCURATE Electronic Voting Technology Workshop},
year = {2006},
month = {August},
url = {http://www.cs.columbia.edu/~smb/papers/prui-evt06.pdf},
note = {An earlier version appeared as Technical Report
UCB/EECS-2006-35}
}
@inproceedings{zhao.lobo.ea:algebra,
author = {Hang Zhao and Jorge Lobo and Steven M. Bellovin},
title = {An Algebra for Integration and Analysis of {Ponder2}
Policies},
booktitle = {Proceeding of the 9th IEEE Workshop on Policies for
Distributed Systems and Networks},
year = 2008,
month = {June},
url = {http://www.cs.columbia.edu/~smb/papers/ponder_short.pdf}
}
@inproceedings{johnson.atreya.ea:rust,
author = {Maritza Johnson and Chaitanya Atreya and Adam Aviv and
Mariana Raykova and Steven M. Bellovin and Gail Kaiser},
title = {{RUST}: A Retargetable Usability Testbed for Website
Authentication Technologies},
year = 2008,
month = {April},
booktitle = {Usenix Workshop on Usability, Psychology, and Security},
url = {http://www.usenix.org/events/upsec08/tech/full_papers/johnson/johnson.pdf}
}
@inproceedings{cheng.raykova.ea:zodiac,
title = {The {Zodiac} Policy Subsystem: a Policy-Based Management
System for a High-Security {MANET}},
author = {Yuu-Heng Cheng and Mariana Raykova and Alex Poylisher and
Scott Alexander and Martin Eiger and Steve M. Bellovin},
booktitle = {{IEEE} Policy 2009},
month = {July},
year = 2009,
note = {Longer version issued as CUCS-23-09}
}
@inproceedings{johnson.bellovin:security,
title = {Security Assurance for Web Device {APIs}},
author = {Maritza Johnson and Steven M. Bellovin},
month = {December},
year = 2008,
booktitle = {Security for Access to Device APIs from the Web - W3C
Workshop},
url = {http://www.cs.columbia.edu/~smb/papers/webapi.pdf},
abstract = {There are currently proposals for web access to devices.
The security threats are obvious. We propose design
principles intended to ensure that the user actually
controls access, despite potential errors in judgment,
tricky web pages, or flaws in browsers. }
}
@inproceedings{zhao.chau.ea:rofl,
author = {Hang Zhao and Chi-Kin Chau and Steven M. Bellovin},
title = {{ROFL}: Routing as the Firewall Layer},
booktitle = {New Security Paradigms Workshop},
year = 2008,
month = {September},
note = {A version is available as Technical Report CUCS-026-08},
url = {http://mice.cs.columbia.edu/getTechreport.php?techreportID=541}
}
@article{bellovin.bush:configuration,
author = {Steven M. Bellovin and Randy Bush},
title = {Configuration Management and Security},
journal = {{IEEE} Journal on Selected Areas in Communications},
year = 2009,
month = {April},
volume = 27,
number = 3,
pages = {268--274},
url = {http://www.cs.columbia.edu/~smb/papers/config-jsac.pdf}
}
@inproceedings{johnson.bellovin.ea:laissez-faire,
title = {Laissez-Faire File Sharing: Access Control Designed for
Individuals at the Endpoints},
author = {Maritza Johnson and Steven M. Bellovin and Robert W.
Reeder and Stuart Schechter},
year = 2009,
month = {September},
booktitle = {New Security Paradigms Workshop},
url = {http://www.cs.columbia.edu/~smb/papers/nspw-use.pdf}
}
@inproceedings{potter.bellovin.ea:two,
title = {Two Person Control Administration: Preventing
Administration Faults through Duplication},
author = {Shaya Potter and Steven M. Bellovin and Jason Nieh},
year = 2009,
month = {November},
booktitle = {LISA '09},
url = {http://www.usenix.org/events/lisa09/tech/full_papers/potter.pdf}
}