tech.bib

@techreport{bellovin.cheswick:privacy-enhanced,
  author = {Steven M. Bellovin and William R. Cheswick},
  institution = {Department of Computer Science, Columbia University},
  month = {September},
  number = {CUCS-034-07},
  smb-type = {crypto},
  title = {Privacy-Enhanced Searches Using Encrypted {Bloom}
		  Filters},
  url = {https://mice.cs.columbia.edu/getTechreport.php?techreportID=483},
  year = 2007,
  bdsk-url-1 = {https://mice.cs.columbia.edu/getTechreport.php?techreportID=483}
}
@techreport{androulaki.raykova.ea:opentor,
  author = {Elli Androulaki and Mariana Raykova and Angelos Stavrou
		  and Steven M. Bellovin},
  institution = {Department of Computer Science, Columbia University},
  month = {September},
  number = {CUCS-031-07},
  smb-type = {crypto},
  title = {OpenTor: Anonymity as a Commodity Service},
  url = {https://mice.cs.columbia.edu/getTechreport.php?techreportID=480},
  year = 2007,
  bdsk-url-1 = {https://mice.cs.columbia.edu/getTechreport.php?techreportID=480}
}
@techreport{androulaki.choi.ea:reputation,
  author = {Elli Androulaki and Seung Geol Choi and Steven M. Bellovin
		  and Tal Malkin},
  institution = {Department of Computer Science, Columbia University},
  month = {September},
  number = {CUCS-029-07},
  smb-type = {crypto},
  title = {Reputation Systems for Anonymous Networks},
  url = {https://mice.cs.columbia.edu/getTechreport.php?techreportID=478},
  year = 2007,
  bdsk-url-1 = {https://mice.cs.columbia.edu/getTechreport.php?techreportID=478}
}
@techreport{zhao.bellovin:policy,
  author = {Hang Zhao and Steven M. Bellovin},
  institution = {Department of Computer Science, Columbia University},
  month = {March},
  note = {Also presented at the Annual Conference of the ITA, 2007},
  number = {CUCS-017-07},
  smb-type = {security},
  title = {Policy Algebras for Hybrid Firewalls},
  url = {https://mice.cs.columbia.edu/getTechreport.php?techreportID=453},
  year = 2007,
  bdsk-url-1 = {https://mice.cs.columbia.edu/getTechreport.php?techreportID=453}
}
@techreport{dent.bellovin:newspeak,
  author = {Kyle Dent and Steven M. Bellovin},
  institution = {Department of Computer Science, Columbia University},
  month = {February},
  number = {CUCS-008-08},
  smb-type = {security},
  title = {Newspeak: A Secure Approach for Designing Web
		  Applications},
  url = {https://mice.cs.columbia.edu/getTechreport.php?techreportID=506},
  year = 2008,
  bdsk-url-1 = {https://mice.cs.columbia.edu/getTechreport.php?techreportID=506}
}
@techreport{androulaki.bellovin:anonymous*1,
  author = {Elli Androulaki and Steven M. Bellovin},
  institution = {Department of Computer Science, Columbia University},
  month = {February},
  number = {CUCS-010-09},
  smb-type = {crypto},
  title = {An Anonymous Credit Card System},
  url = {https://mice.cs.columbia.edu/getTechreport.php?techreportID=590&format=pdf&},
  year = 2009,
  bdsk-url-1 = {https://mice.cs.columbia.edu/getTechreport.php?techreportID=590&format=pdf&}
}
@techreport{pappas.raykova.ea:trade-offs,
  abstract = { Encrypted search --- performing queries on protected data
		  --- is a well researched problem. However, existing
		  solutions have inherent inefficiency that raises questions
		  of practicality. Here, we step back from the goal of
		  achieving maximal privacy guarantees in an encrypted search
		  scenario to consider efficiency as a priority. We propose a
		  privacy framework for search that allows tuning and
		  optimization of the trade-offs between privacy and
		  efficiency. As an instantiation of the privacy framework we
		  introduce a tunable search system based on the SADS scheme
		  and provide detailed measurements demonstrating the
		  trade-offs of the constructed system. We also analyze other
		  existing encrypted search schemes with respect to this
		  framework. We further propose a protocol that addresses the
		  challenge of document content retrieval in a search setting
		  with relaxed privacy requirements. },
  author = {Vasilis Pappas and Mariana Raykova and Binh Vo and Steven
		  M. Bellovin and Tal Malkin},
  institution = {Department of Computer Science, Columbia University},
  month = {September},
  number = {CUCS-022-10},
  smb-type = {crypto},
  title = {Trade-offs in Private Search},
  url = {https://mice.cs.columbia.edu/getTechreport.php?techreportID=1436&format=pdf&},
  year = 2010,
  bdsk-url-1 = {https://mice.cs.columbia.edu/getTechreport.php?techreportID=1436&format=pdf&}
}
@techreport{maennel.bush.ea:better,
  author = {Olaf Maennel and Randy Bush and Luca Cittadini and Steven
		  M. Bellovin},
  institution = {Department of Computer Science, Columbia University},
  month = {September},
  number = {CUCS-041-08},
  smb-type = {net},
  title = {A Better Approach than Carrier-Grade-{NAT}},
  url = {https://mice.cs.columbia.edu/getTechreport.php?techreportID=560},
  year = 2008,
  bdsk-url-1 = {https://mice.cs.columbia.edu/getTechreport.php?techreportID=560}
}
@techreport{cheng.alexander.ea:zodiac,
  author = {Yuu-Heng Cheng and Scott Alexander and Alex Poylisher and
		  Mariana Raykova Steven M. Bellovin},
  institution = {Department of Computer Science, Columbia University},
  month = {May},
  number = {CUCS-023-09},
  smb-type = {security},
  title = {The {Zodiac} Policy Subsystem: a Policy-Based Management
		  System for a High-Security {MANET}},
  url = {https://mice.cs.columbia.edu/getTechreport.php?techreportID=603},
  year = 2009,
  bdsk-url-1 = {https://mice.cs.columbia.edu/getTechreport.php?techreportID=603}
}
@techreport{zhao.bellovin:source,
  author = {Hang Zhao and Steven M. Bellovin},
  institution = {Department of Computer Science, Columbia University},
  month = {July},
  number = {CUCS-033-09},
  smb-type = {security},
  title = {Source Prefix Filtering in {ROFL}},
  url = {https://mice.cs.columbia.edu/getTechreport.php?techreportID=613},
  year = 2009,
  bdsk-url-1 = {https://mice.cs.columbia.edu/getTechreport.php?techreportID=613}
}
@techreport{androulaki.bellovin:secure*1,
  author = {Elli Androulaki and Steven M. Bellovin},
  institution = {Department of Computer Science, Columbia University},
  month = {October},
  note = {A revised version will appear at the 1st Workshop on
		  Real-Life Cryptographic Protocols and Standardization},
  number = {CUCS-044-09},
  smb-type = {crypto},
  title = {A Secure and Privacy-Preserving Targeted Ad-System},
  url = {https://mice.cs.columbia.edu/getTechreport.php?techreportID=625},
  year = 2009,
  bdsk-url-1 = {https://mice.cs.columbia.edu/getTechreport.php?techreportID=625}
}
@techreport{androulaki.vo.ea:real-world,
  abstract = {Cybersecurity mechanisms have become increasingly
		  important as online and offline worlds converge. Strong
		  authentication and accountability are key tools for dealing
		  with online attacks, and we would like to realize them
		  through a token-based, centralized identity management
		  system. In this report, we present aprivacy-preserving
		  group of protocols comprising a unique per user digital
		  identity card, with which its owner is able to authenticate
		  himself, prove possession of attributes, register himself
		  to multiple online organizations (anonymously or not) and
		  provide proof of membership. Unlike existing
		  credential-based identity management systems, this card is
		  revocable, i.e., its legal owner may invalidate it if
		  physically lost, and still recover its content and
		  registrations into a new credential. This card will protect
		  an honest individual's anonymity when applicable as well as
		  ensure his activity is known only to appropriate users.},
  author = {Elli Androulaki and Binh Vo and Steven M. Bellovin},
  institution = {Department of Computer Science, Columbia University},
  month = {April},
  number = {CUCS-008-10},
  smb-type = {crypto},
  title = {A Real-World Identity Management System with Master Secret
		  Revocation},
  url = {https://mice.cs.columbia.edu/getTechreport.php?techreportID=1421&format=pdf&},
  year = 2010,
  bdsk-url-1 = {https://mice.cs.columbia.edu/getTechreport.php?techreportID=1421&format=pdf&}
}
@techreport{androulaki.vo.ea:privacy-preserving*1,
  abstract = {Current banking systems do not aim to protect user
		  privacy. Purchases made from a single bank account can be
		  linked to each other by many parties. This could be
		  addressed in a straight-forward way by generating
		  unlinkable credentials from a single master credential
		  using Camenisch and Lysyanskaya's algorithm; however, if
		  bank accounts are taxable, some report must be made to the
		  tax authority about each account. Using unlinkable
		  credentials, digital cash, and zero knowledge proofs of
		  kmowledge, we present a solution that prevents anyone, even
		  the tax authority, from knowing which accounts belong to
		  which users, or from being able to link any account to
		  another or to purchases or deposits.},
  author = {Elli Androulaki and Binh Vo and Steven M. Bellovin},
  institution = {Department of Computer Science, Columbia University},
  month = {April},
  number = {CUCS-005-10},
  smb-type = {crypto},
  title = {Privacy-Preserving, Taxable Bank Accounts},
  url = {https://mice.cs.columbia.edu/getTechreport.php?techreportID=1418&format=pdf&},
  year = 2010,
  bdsk-url-1 = {https://mice.cs.columbia.edu/getTechreport.php?techreportID=1418&format=pdf&}
}
@techreport{srivatsan.johnson.ea:simple-vpn,
  abstract = {The IPsec protocol promised easy, ubiquitous encryption.
		  That has never happened. For the most part, IPsec usage is
		  confined to VPNs for road warriors, largely due to needless
		  configuration complexity and incompatible implementations.
		  We have designed a simple VPN configuration language that
		  hides the unwanted complexities. Virtually no options are
		  necessary or possible. The administrator specifies the
		  absolute minimum of information: the authorized hosts,
		  their operating systems, and a little about the network
		  topology; everything else, including certificate
		  generation, is automatic. Our implementation includes a
		  multitarget compiler, which generates
		  implementation-specific configuration files for three
		  different platforms; others are easy to add.},
  author = {Shreyas Srivatsan and Maritza Johnson and Steven M.
		  Bellovin},
  institution = {Department of Computer Science, Columbia University},
  month = {July},
  number = {CUCS-020-10},
  smb-type = {security},
  title = {Simple-{VPN}: Simple {IPsec} Configuration},
  url = {https://mice.cs.columbia.edu/getTechreport.php?techreportID=1433},
  year = 2010,
  bdsk-url-1 = {https://mice.cs.columbia.edu/getTechreport.php?techreportID=1433}
}
@techreport{madejski.johnson.ea:failure,
  abstract = {Increasingly, people are sharing sensitive personal
		  information via online social networks (OSN). While such
		  networks do permit users to control what they share with
		  whom, access control policies are notoriously difficult to
		  configure correctly; this raises the question of whether
		  OSN users' privacy settings match their sharing intentions.
		  We present the results of an empirical evaluation that
		  measures privacy attitudes and intentions and compares
		  these against the privacy settings on Facebook. Our results
		  indicate a serious mismatch: every one of the 65
		  participants in our study confirmed that at least one of
		  the identified violations was in fact a sharing violation.
		  In other words, OSN users' privacy settings are incorrect.
		  Furthermore, a majority of users cannot or will not fix
		  such errors. We conclude that the current approach to
		  privacy settings is fundamentally flawed and cannot be
		  fixed; a fundamentally different approach is needed. We
		  present recommendations to ameliorate the current problems,
		  as well as provide suggestions for future research. },
  author = {Michelle Madejski and Maritza Johnson and Steven M.
		  Bellovin},
  institution = {Department of Computer Science, Columbia University},
  month = {February},
  number = {CUCS-010-11},
  smb-type = {security},
  title = {The Failure of Online Social Network Privacy Settings},
  url = {https://mice.cs.columbia.edu/getTechreport.php?techreportID=1459},
  year = 2011,
  bdsk-url-1 = {https://mice.cs.columbia.edu/getTechreport.php?techreportID=1459}
}
@techreport{bellovin:economics,
  abstract = { Cyberwar is very much in the news these days. It is
		  tempting to try to understand the economics of such an
		  activity, if only qualitatively. What effort is required?
		  What can such attacks accomplish? What does this say, if
		  anything, about the likelihood of cyberwar?
		  
		  },
  author = {Steven M. Bellovin},
  institution = {Department of Computer Science, Columbia University},
  month = {April},
  number = {CUCS-010-14},
  smb-type = {t},
  title = {The Economics of Cyberwar},
  url = {https://mice.cs.columbia.edu/getTechreport.php?techreportID=1571},
  year = 2014,
  note = {Presented at the Institute for New Economic Thinking's
		  \emph{Human After All}}
}
@techreport{bellovin:frank-miller*1,
  abstract = {The invention of the one-time pad is generally credited to
		  Gilbert S. Vernam and Joseph O. Mauborgne. We show that it
		  was invented about 35 years earlier by a Sacramento banker
		  named Frank Miller. We provide a tentative identification
		  of which Frank Miller it was, and speculate on whether or
		  not Mauborgne might have known of Miller's work, especially
		  via his colleague Parker Hitt. },
  author = {Steven M. Bellovin},
  institution = {Department of Computer Science, Columbia University},
  month = {March},
  note = {A revised version appeared in \emph{Cryptologia} 35(3),
		  July 2011},
  number = {CUCS-009-11},
  smb-type = {crypto},
  title = {{Frank Miller}: Inventor of the One-Time Pad},
  url = {https://mice.cs.columbia.edu/getTechreport.php?techreportID=1460},
  year = 2011,
  bdsk-url-1 = {https://mice.cs.columbia.edu/getTechreport.php?techreportID=1460}
}
@techreport{raykova.zhao.ea:privacy,
  abstract = { Traditional access control models often assume that the
		  entity enforcing access control policies is also the owner
		  of data and resources. This assumption no longer holds when
		  data is outsourced to a third-party storage provider, such
		  as the \emph{cloud}. Existing access control solutions
		  mainly focus on preserving confidentiality of stored data
		  from unauthorized access and the storage provider. However,
		  in this setting, access control policies as well as users'
		  access patterns also become privacy sensitive information
		  that should be protected from the cloud. We propose a
		  two-level access control scheme that combines
		  coarse-grained access control enforced at the cloud, which
		  allows to get acceptable communication overhead and at the
		  same time limits the information that the cloud learns from
		  his partial view of the access rules and the access
		  patterns, and fine-grained cryptographic access control
		  enforced at the user's side, which provides the desired
		  expressiveness of the access control policies. Our solution
		  handles both \emph{read} and \emph{write} access control. },
  author = {Mariana Raykova and Hang Zhao and Steven M. Bellovin},
  institution = {Department of Computer Science, Columbia University},
  number = {CUCS-039-11},
  smb-type = {crypto},
  title = {Privacy Enhanced Access Control for Outsourced Data
		  Sharing},
  url = {https://mice.cs.columbia.edu/getTechreport.php?techreportID=1489},
  year = 2011,
  bdsk-url-1 = {https://mice.cs.columbia.edu/getTechreport.php?techreportID=1489}
}