Toward a Broader View of Security Protocols

  • Matt Blaze
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3957)


Computer and network security researchers usually focus on the security of computers and networks. Although it might seem as if there is more than enough insecurity here to keep all of us fully occupied for the foreseeable future, this narrow view of our domain may actually be contributing to the very problems that we are trying to solve. We miss important insights from, and opportunities to make contributions to, a larger world that has been grappling with security since long before the computer was invented.


Security Policy Security Requirement Security Protocol Security Property Trust Management 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Abadi, M., Needham, R.: Prudent engineering practice for cryptographic protocols. IEEE Transactions on Software Engineering 22(1), 6–15 (1996)CrossRefGoogle Scholar
  2. 2.
    Anderson, R., Kuhn, M.: Tamper resistance - a cautionary note. In: Proceedings of the Second Usenix Workshop on Electronic Commerce, pp. 1–11 (November 1996)Google Scholar
  3. 3.
    Anderson, R.: Security Engineering. Wiley, Chichester (2001)Google Scholar
  4. 4.
    Anderson, T., Shenker, S., Stoica, I., Wetherall, D.: Design guidelines for robust internet protocols (2002)Google Scholar
  5. 5.
    Arbaugh, W.A.: Chaining Layered Integrity Checks. PhD thesis, University of Pennsylvania (1999)Google Scholar
  6. 6.
    Blaze, M.: Cryptology and physical security: Rights amplification in master-keyed mechanical locks. IEEE Security and Privacy 1(2) (March/April 2003)Google Scholar
  7. 7.
    Blaze, M., Feigenbaum, J., Ioannidis, J., Keromytis, A.: The role of trust management in distributed systems security. In: Vitek, J. (ed.) Secure Internet Programming. LNCS, vol. 1603, pp. 185–210. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  8. 8.
    Blaze, M., Feigenbaum, J., Ioannidis, J., Keromytis, A.D.: The KeyNote Trust Management System Version 2. Internet RFC 2704 (September 1999)Google Scholar
  9. 9.
    Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized Trust Management. In: Proc. of the 17th Symposium on Security and Privacy, pp. 164–173. IEEE Computer Society Press, Los Alamitos (1996)Google Scholar
  10. 10.
    Blaze, M., Feigenbaum, J., Strauss, M.J.: Compliance Checking in the PolicyMaker Trust Management System. In: Hirschfeld, R. (ed.) FC 1998. LNCS, vol. 1465, pp. 254–274. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  11. 11.
    Blaze, M., Ioannidis, J., Keromytis, A.D.: Experience with the keyNote trust management system: Applications and future directions. In: Nixon, P., Terzis, S. (eds.) iTrust 2003. LNCS, vol. 2692, pp. 284–300. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  12. 12.
    Blaze, M., Feigenbaum, J., Naor, M.: A formal treatment of remotely keyed encryption. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 251–265. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  13. 13.
    Federal Election Commission. Voting system standards (2002)Google Scholar
  14. 14.
    Keromytis, A.D.: STRONGMAN: A Scalable Solution To Trust Management in Networks. PhD thesis, University of Pennsylvania (2001)Google Scholar
  15. 15.
    Kocher, P.C., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  16. 16.
    Kocher, P.C.: Timing attacks on implementations of diffie-hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)Google Scholar
  17. 17.
    Kuhn, M.: Cipher instruction search attack on the bus-encryption microcontroller ds50002fp. 47(10) (October 1998)Google Scholar
  18. 18.
    Kuhn, M.G.: Optical time-domain eavesdropping risks of crt displays. In: Proceedings of the 2002 IEEE Symposium on Security and Privacy, pp. 3–18 (2002)Google Scholar
  19. 19.
    Needham, R.M.: Denial of service: An example. Communications of the ACM 37(11), 42–46 (1994)CrossRefGoogle Scholar
  20. 20.
    Oehlert, M.: Safe Technican’s Reference Manual. In: AOLA (1997)Google Scholar
  21. 21.
    Tobias, M.W.: Locks, Safes and Security. C. Thomas, Ltd. (2000)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Matt Blaze
    • 1
  1. 1.Department of Computer and Information ScienceUniversity of PennsylvaniaUSA

Personalised recommendations