9. References

< Day Day Up >

The following references may not be available in all countries.

[ABA, 1989] American Bar Association, Section of Science and Technology, Guide to the Prosecution of Telecommunication Fraud by the Use of Computer Crime Statutes, American Bar Association, 1989.

[Appelman et al., 1995] Appelman, Heller,Ehrman, White, and McAuliffe, The Law and The Internet, USENIX 1995 Technical Conference on UNIX and Advanced Computing, New Orleans, January 16-20, 1995.

[Aucoin, 1989] R. Aucoin, Computer Viruses: Checklist for Recovery, Computers in Libraries, 9, 2, 4, February 1989.

[Barrett, 1996] D. Barrett, Bandits on the Information Superhighway, O'Reilly & Associates, Sebastopol, CA, 1996.

[Bates, 1992] R. Bates, Disaster Recovery Planning: Networks, Telecommunications and Data Communications, McGraw-Hill, New York, 1992.

[Bellovin, 1989] S. Bellovin, Security Problems in the TCP/IP Protocol Suite, Computer Communication Review, 19, 2, 32-48, April 1989.

[Bellovin, 1990] S. Bellovin, and M. Merritt, Limitations of the Kerberos Authentication System, Computer Communications Review, October 1990.

[Bellovin, 1992] S. Bellovin, There Be Dragon, USENIX: Proceedings of the Third Usenix Security Symposium, Baltimore, September, 1992.

[Bender, 1894] D. Bender, Computer Law: Evidence and Procedure, M. Bender, New York, 1978-present.

[Bloombecker, 1990] B. Bloombecker, Spectacular Computer Crimes, Dow Jones-Irwin, Homewood, IL, 1990.

[Brand, 1990] R. Brand, Coping with the Threat of Computer Security Incidents: A Primer from Prevention through Recovery, R. Brand, 8 June 1990.

[Brock, 1989] J. Brock, November 1988 Internet Computer Virus and the Vulnerability of National Telecommunications Networks to Computer Viruses, GAO/T-IMTEC-89-10, Washington, D.C., 20 July 1989.

[BS 7799] British Standard, BS Tech Committee BSFD/12, Info. Sec. Mgmt, BS 7799: 1995 Code of Practice for Information Security Management, British Standards Institution, London, 54, effective 15 February 1995.

[Caelli, 1988] W. Caelli, Ed., Computer Security in the Age of Information, Proceedings of the 5th IFIP International Conference on Computer Security, IFIP/Sec '88.

[Carroll, 1987] J. Carroll, Computer Security, 2nd ed., Butterworth Publishers, Stoneham, MA, 1987.

[Cavazos and Morin, 1995] E. Cavazos and G. Morin, Cyber-Space and The Law, MIT Press, Cambridge, MA, 1995.

[CCH, 1989] Commerce Clearing House, Guide to Computer Law (Topical Law Reports), Chicago, 1989.

[Chapman, 1992] B. Chapman, Network (In) Security Through IP Packet Filtering, USENIX: Proceedings of the 3rd UNIX Security Symposium, Baltimore, September 1992.

[Chapman and Zwicky, 1995] B. Chapman and E. Zwicky, Building Internet Firewalls, O'Reilly & Associates, Sebastopol, CA, 1995.

[Cheswick, 1990] W. Cheswick, The Design of a Secure Internet Gateway, Proceedings of the Summer Usenix Conference, Anaheim, CA, June 1990.

[Cheswick, 1994] W. Cheswick, An Evening with Berferd in which a Cracker is Lured, Endured, and Studied, AT&T Bell Laboratories.

[Cheswick and Bellovin, 1994] W. Cheswick and S. Bellovin, Firewalls and Internet Security: Repelling the Wily Hacker, Addison-Wesley, Reading, MA, 1994.

[Conly, 1989] C. Conly, Organizing for Computer Crime Investigation and Prosecution, U.S. Dept. of Justice, Office of Justice Programs, under Contract Number OJP-86-C-002, National Institute of Justice, Washington, D.C., July 1989.

[Cooper, 1989] J. Cooper, Computer and Communications Security: Strategies for the 1990s, McGraw-Hill, New York, 1989.

[CPSR, 1989] Computer Professionals for Social Responsibility, CPSR Statement on the Computer Virus, Communications of the ACM, 32, 6, 699, June 1989.

[CSC-STD-002-85, 1985] Department of Defense, Password Management Guideline, CSC-STD-002-85, 12 April 1985.

[Curry, 1990] D. Curry, Improving the Security of Your UNIX System, SRI International Report ITSTD-721-FR-90-21, April 1990.

[Curry, 1992] D. Curry, UNIX System Security: A Guide for Users and Systems Administrators, Addison-Wesley, Reading, MA, 1992.

[DDN88] Defense Data Network, BSD 4.2 and 4.3 Software Problem Resolution, DDN MGT Bulletin #43, DDN Network Information Center, 3 November 1988.

[DDN89] DCA DDN Defense Communications System, DDN Security Bulletin 03, DDN Security Coordination Center, 17 October 1989.

[Denning, 1990] P. Denning, Ed., Computers Under Attack: Intruders, Worms, and Viruses, ACM Press, New York, 1990.

[Eichin and Rochlis, 1989] M. Eichin and J. Rochlis, With Microscope and Tweezers: An Analysis of the Internet Virus of November 1988, Massachusetts Institute of Technology, February 1989.

[Eisenberg et al., 1989] T. Eisenberg,D. Gries,J. Hartmanis,D. Holcomb,M. Lynn, and T. Santoro, The Computer Worm, Cornell University, 6 February 1989.

[Ermann, Williams, and Gutierrez, 1990] D. Ermann, M. Williams, and C. Gutierrez, Eds., Computers, Ethics, and Society, Oxford University Press, New York, 1990.

[Farmer and Spafford, 1990] D. Farmer and E. Spafford, The COPS Security Checker System, Proceedings of the Summer 1990 USENIX Conference, Anaheim, CA, pp. 165-170, June 1990.

[Farrow, 1991] R. Farrow, UNIX Systems Security, Addison-Wesley, Reading, MA, 1991.

[Fenwick, 1985] W. Fenwick, Chair, Computer Litigation, 1985: Trial Tactics and Techniques, Litigation Course Handbook Series No. 280, prepared for distribution at the Computer Litigation, 1985: Trial Tactics and Techniques Program, February-March 1985.

[Fites et al., 1989] M. Fites,P. Kratz, and A. Brebner, Control and Security of Computer Information Systems, Computer Science Press, Rockville, MD, 1989.

[Fites, Johnson, and Kratz, 1992] Fites,Johnson, and Kratz, The Computer Virus Crisis, 2nd ed., Van Nostrand Reinhold, New York, 1992.

[Forester and Morrison, 1990] T. Forester and P. Morrison, Computer Ethics: Tales and Ethical Dilemmas in Computing, MIT Press, Cambridge, MA, 1990.

[GAO/IMTEX-89-57, 1989] General Accounting Office, Computer Security - Virus Highlights Need for Improved Internet Management, United States General Accounting Office, Washington, D.C., 1989.

[Garfinkel and Spafford, 1991] S. Garfinkel and E. Spafford, Practical Unix Security, O'Reilly & Associates, Sebastopol, CA, May 1991.

[Garfinkel, 1995] S. Garfinkel, PGP: Pretty Good Privacy, O'Reilly & Associates, Sebastopol, CA, 1996.

[Garfinkel and Spafford, 1996] S. Garfinkel and E. Spafford, Practical UNIX and Internet Security, O'Reilly & Associates, Sebastopol, CA, 1996.

[Gemignani, 1989] M. Gemignani, Viruses and Criminal Law, Communications of the ACM, Vol. 32, No. 6, Pgs. 669-671, June 1989.

[Goodell, 1996] J. Goodell, The Cyberthief and the Samurai: The True Story of Kevin Mitnick - And The Man Who Hunted Him Down, Dell Publishing, New York, 1996.

[Gould, 1989] C. Gould, Ed., The Information Web: Ethical and Social Implications of Computer Networking, Westview Press, Boulder, CO, 1989.

[Greenia, 1989] M. Greenia, Computer Security Information Sourcebook, Lexikon Services, Sacramento, CA, 1989.

[Hafner and Markoff, 1991] K. Hafner and J. Markoff, Cyberpunk: Outlaws and Hackers on the Computer Frontier, Touchstone, Simon & Schuster, New York, 1991.

[Hess, Safford, and Pooch] D. Hess,D. Safford, and U. Pooch, A Unix Network Protocol Security Study: Network Information Service, Texas A&M University.

[Hoffman, 1990] L. Hoffman, Rogue Programs: Viruses, Worms, and Trojan Horses, Van Nostrand Reinhold, NY, 1990.

[Howard, 1995] G. Howard, Introduction to Internet Security: From Basics to Beyond, Prima Publishing, Rocklin, CA, 1995.

[Huband and Shelton, 1986] F. Huband and R. Shelton, Eds., Protection of Computer Systems and Software: New Approaches for Combating Theft of Software and Unauthorized Intrusion, papers presented at a workshop sponsored by the National Science Foundation, 1986.

[Hughes, 1995] L. Hughes Jr., Actually Useful Internet Security Techniques, New Riders Publishing, Indianapolis, IN, 1995.

[IAB-RFC1087, 1989] Internet Activities Board, Ethics and the Internet, RFC1087, IAB, January 1989.

[Icove, Seger, and VonStorch, 1995] D. Icove,K. Seger, and W. VonStorch, Computer Crime: A Crimefighter's Handbook, O'Reilly & Associates, Sebastopol, CA, 1995.

[IVPC, 1996] International Virus Prevention Conference '96 Proceedings, NCSA, 1996.

[Johnson and Podesta] D. Johnson and J. Podesta, Formulating a Company Policy on Access to and Use and Disclosure of Electronic Mail on Company Computer Systems, International Virus Prevention Conference '96 Proceedings, NCSA, 1996.

[Kane, 1994] P. Kane, PC Security and Virus Protection Handbook: The Ongoing War Against Information Sabotage, M&T Books, New York, 1994.

[Kaufman, Perlman, and Speciner, 1995] C. Kaufman,R. Perlman, and M. Speciner, Network Security: PRIVATE Communication in a PUBLIC World, Prentice Hall, Englewood Cliffs, NJ, 1995.

[Kent, 1990] S. Kent, E-Mail Privacy for the Internet: New Software and Strict Registration Procedures will be Implemented this Year, Business Communications Review, 20, 1, 55, 1 January 1990.

[Levy, 1984] S. Levy, Hacker: Heroes of the Computer Revolution, Delta, 1984.

[Lewis, 1996] S. Lewis, Disaster Recovery Yellow Pages, The Systems Audit Group, 1996.

[Littleman, 1996] J. Littleman, The Fugitive Game: Online with Kevin Mitnick, Little, Brown, Boston, 1996.

[Lu and Sundareshan, 1989] W. Lu and M. Sundareshan, Secure Communication in Internet Environments: A Hierarchical Key Management Scheme for End-to-End Encryption, IEEE Transactions on Communications, 37, 10, 1014, 1 October 1989.

[Lu and Sundareshan, 1990] W. Lu and M. Sundareshan, A Model for Multilevel Security in Computer Networks, IEEE Transactions on Software Engineering, 16, 6, 647, 1 June 1990.

[Martin and Schinzinger, 1989] M. Martin and R. Schinzinger, Ethics in Engineering, 2nd ed., McGraw Hill, New York, 1989.

[Merkle] R. Merkle, A Fast Software One-Way Hash Function, Journal of Cryptology, 3, 1990.

[McEwen, 1989] J. McEwen, Dedicated Computer Crime Units, report contributors: D. Fester and H. Nugent, prepared for the National Institute of Justice, U.S. Department of Justice, by Institute for Law and Justice, Inc., under contract number OJP-85-C-006, Washington, D.C., 1989.

[MIT, 1989] Massachusetts Institute of Technology, Teaching Students About Responsible Use of Computers, MIT, 1985-1986.

[Mogel, 1989] Mogel, J., Simple and Flexible Datagram Access Controls for UNIX-based Gateways, Digital Western Research Laboratory Research Report 89/4, March 1989.

[Muffett, 1992] A. Muffett, Crack Version 4.1: A Sensible Password Checker for Unix, NCSAI, 1992.

[NCSA1, 1995] NCSA, NCSA Firewall Policy Guide, 1995.

[NCSA2, 1995] NCSA, NCSA's Corporate Computer Virus Prevention Policy Model, NCSA, 1995.

[NCSA, 1996] NCSA, Firewalls and Internet Security Conference '96 Proceedings, 1996.

[NCSC-89-660-P, 1990] National Computer Security Center, Guidelines for Formal Verification Systems, The Center, Fort George G. Meade, MD, 1 April 1990.

[NCSC-89-254-P, 1988] National Computer Security Center, Glossary of Computer Security Terms, The Center, Fort George G. Meade, MD, 21 October 1988.

[NCSC-C1-001-89, 1989] Tinto, M., Computer Viruses: Prevention, Detection, and Treatment, National Computer Security Center C1 Technical Report C1-001-89, June 1989.

[NCSC Conference, 1989] National Computer Security Conference, 12th National Computer Security Conference: Baltimore Convention Center, Baltimore, 10-13 October, 1989: Information Systems Security, Solutions for Today - Concepts for Tomorrow, National Institute of Standards and National Computer Security Center, 1989.

[NCSC-CSC-STD-003-85, 1985] National Computer Security Center, Guidance for Applying the Department of Defense Trusted Computer System Evaluation Criteria in Specific Environments, CSC-STD-003-85, NCSC, 25 June 1985.

[NCSC-STD-004-85, 1985] National Computer Security Center, Technical Rationale Behind CSC-STD-003-85: Computer Security Requirements, CSC-STD-004-85, NCSC, 25 June 1985.

[NCSC-STD-005-85, 1985] National Computer Security Center, Magnetic Remanence Security Guideline, CSC-STD-005-85, NCSC, 15 November 1985.

[NCSC-TCSEC, 1985] National Computer Security Center, Trusted Computer System Evaluation Criteria, DoD 5200.28-STD, CSC-STD-001-83, NCSC, December 1985.

[NCSC-TG-003, 1987] NCSC, A Guide to Understanding Discretionary Access Control in Trusted Systems, NCSC-TG-003, Version 1, 30 September 1987, 29 pages.

[NCSC-TG-001, 1988] NCSC, A Guide to Understanding AUDIT in Trusted Systems, NCSC-TG-001, Version 2, 1 June 1988, 25 pages.

[NCSC-TG-004, 1988] National Computer Security Center, Glossary of Computer Security Terms, NCSC-TG-004, NCSC, 21 October 1988.

[NCSC-TG-005, 1987] National Computer Security Center, Trusted Network Interpretation, NCSC-TG-005, NCSC, 31 July 1987.

[NCSC-TG-006, 1988] NCSC, A Guide to Understanding Configuration Management in Trusted Systems, NCSC-TG-006, Version 1, 28 March 1988, 31 pages.

[NCSC-TRUSIX, 1990] National Computer Security Center, Trusted UNIX Working Group (TRUSIX) rationale for selecting access control list features for the UNIX system, The Center, Fort George G. Meade, MD, 1990.

[NRC, 1991] National Research Council, Computers at Risk: Safe Computing in the Information Age, National Academy Press, 1991.

[Nemeth et al., 1995] E. Nemeth,G. Snyder,S. Seebass, and T. Hein, UNIX Systems Administration Handbook, Prentice Hall PTR, Englewood Cliffs, NJ, 1995.

[NIST, 1989] National Institute of Standards and Technology, Computer Viruses and Related Threats: A Management Guide, NIST Special Publication 500-166, August 1989.

[NSA] National Security Agency, Information Systems Security Products and Services Catalog, NSA, Quarterly Publication.

[NSF, 1988] National Science Foundation, NSF Poses Code of Networking Ethics, Communications of the ACM, 32, 6, 688, June 1989.

[NTISSAM, 1987] NTISS, Advisory Memorandum on Office Automation Security Guideline, NTISSAM COMPUSEC/1-87, 16 January 1987.

[OTA-CIT-310, 1987] United States Congress, Office of Technology Assessment, Defending Secrets, Sharing Data: New Locks and Keys for Electronic Information, OTA-CIT-310, October 1987.

[OTA-TCT-606] Congress of the United States, Office of Technology Assessment, Information Security and Privacy in Network Environments, OTA-TCT-606, September 1994.

[Palmer and Potter, 1989] I. Palmer and G. Potter, Computer Security Risk Management, Van Nostrand Reinhold, New York, 1989.

[Parker, 1989] D. Parker, Computer Crime: Criminal Justice Resource Manual, U.S. Dept. of Justice, National Institute of Justice, Office of Justice Programs, Under Contract Number OJP-86-C-002, Washington, D.C., August 1989.

[Parker, Swope, and Baker, 1990] D. Parker,S. Swope, and B. Baker, Ethical Conflicts: Information and Computer Science, Technology and Business, QED Information Sciences, Wellesley, MA.

[Pfleeger, 1989] C. Pfleeger, Security in Computing, Prentice-Hall, Englewood Cliffs, NJ, 1989.

[Quarterman, 1990] J. Quarterman, The Matrix: Computer Networks and Conferencing Systems World-wide, Digital Press, Bedford, MA, 1990.

[Ranum1, 1992] M. Ranum, An Internet Firewall, Proceedings of World Conference on Systems Management and Security, 1992.

[Ranum2, 1992] M. Ranum, A Network Firewall, Digital Equipment Corporation Washington Open Systems Resource Center, June 12, 1992.

[Ranum, 1993] M. Ranum, Thinking About Firewalls, 1993.

[Ranum and Avolio, 1994] M. Ranum and F. Avolio, A Toolkit and Methods for Internet Firewalls, Trusted Information Systems, 1994.

[Reinhardt, 1993] R. Reinhardt, An Architectural Overview of UNIX Network Security, ARINC Research Corporation, February 18, 1993.

[Reynolds-RFC1135, 1989] The Helminthiasis of the Internet, RFC 1135, USC/Information Sciences Institute, Marina del Rey, CA, December 1989.

[Russell and Gangemi, 1991] D. Russell and G. Gangemi, Computer Security Basics, O'Reilly & Associates, Sebastopol, CA, 1991.

[Schneier 1996] B. Schneier, Applied Cryptography: Protocols, Algorithms, and Source Code in C, 2nd ed., John Wiley & Sons, New York, 1996.

[Seeley, 1989] D. Seeley, A Tour of the Worm, Proceedings of 1989 Winter USENIX Conference, Usenix Association, San Diego, CA, February 1989.

[Shaw, 1986] E. Shaw Jr., Computer Fraud and Abuse Act of 1986, Congressional Record (3 June 1986), Washington, D.C., 3 June 1986.

[Shimomura, 1996] T. Shimomura with J. Markoff, Takedown: The Pursuit and Capture of Kevin Mitnick, America's Most Wanted Computer Outlaw - by the Man Who Did It, Hyperion, 1996.

[Shirey, 1990] R. Shirey, Defense Data Network Security Architecture, Computer Communication Review, 20, 2, 66, 1 April 1990.

[Slatalla and Quittner, 1995] M. Slatalla and J. Quittner, Masters of Deception: The Gang that Ruled Cyberspace, Harper Collins, New York, 1995.

[Smith, 1989] M. Smith, Commonsense Computer Security: Your Practical Guide to Preventing Accidental and Deliberate Electronic Data Loss, McGraw-Hill, New York, 1989.

[Smith, 1995] D. Smith, Forming an Incident Response Team, 6th Annual Computer Security Incident Handling Workshop, Boston, MA, July 25-29, 1995.

[Spafford, 1988] E. Spafford, The Internet Worm Program: An Analysis, Computer Communication Review, 19, 1, ACM SIGCOM, January 1989.

[Spafford, 1989] G. Spafford, An Analysis of the Internet Worm, Proceedings of the European Software Engineering Conference 1989, Warwick England, September 1989. Proceedings published by Springer-Verlag as: Lecture Notes in Computer Science #387. Also issued as Purdue Technical Report #CSD-TR-933.

[Spafford, Keaphy, and Ferbrache, 1989] E. Spafford,K. Heaphy, and D. Ferbrache, Computer Viruses: Dealing with Electronic Vandalism and Programmed Threats, ADAPSO, 1989.

[Stallings1, 1995] W. Stallings, Internet Security Handbook, IDG Books, Foster City CA, 1995.

[Stallings2, 1995] W. Stallings, Network and InterNetwork Security, Prentice Hall, Englewood Cliffs, NJ, 1995.

[Stallings3, 1995] W. Stallings, Protect Your Privacy: A Guide for PGP Users, PTR Prentice Hall, Englewood Cliffs, NJ, 1995.

[Stoll, 1988] C. Stoll, Stalking the Wily Hacker, Communications of the ACM, 31, 5, 484-497, May 1988.

[Stoll, 1989] C. Stoll, The Cuckoo's Egg, Doubleday, Garden City, NY, 1989.

[Treese and Wolman, 1993] G. Treese and A. Wolman, X Through the Firewall, and Other Applications Relays, Digital Equipment Corporation, Cambridge Research Laboratory, CRL 93/10, May 3, 1993.

[Trible, 1986] P. Trible, The Computer Fraud and Abuse Act of 1986, U.S. Senate Committee on the Judiciary, 1986.

[USENIX, 1988] USENIX, USENIX Proceedings: UNIX Security Workshop, Portland, OR, August 29-30, 1988.

[USENIX, 1990] USENIX, USENIX Proceedings: UNIX Security II Workshop, Portland, OR, August 27-28, 1990.

[USENIX, 1992] USENIX, USENIX Symposium Proceedings: UNIX Security III, Baltimore, MD, September 14-16, 1992.

[USENIX, 1993] USENIX, USENIX Symposium Proceedings: UNIX Security IV,Y Santa Clara, CA, October 4-6, 1993.

[USENIX, 1995] USENIX, The Fifth USENIX UNIX Security Symposium, Salt Lake City, UT, June 5-7, 1995.

[Wood et al., 1987] C. Wood,W. Banks,S. Guarro,A. Garcia,V. Hampel, and H. Sartorio, Computer Security: A Comprehensive Controls Checklist, John Wiley & Sons, New York, 1987.

[Wrobel, 1993] L. Wrobel, Writing Disaster Recovery Plans for Telecommunications Networks and LANs, Artech House, 1993.

[Vallabhaneni, 1989] S. Vallabhaneni, Auditing Computer Security: A Manual with Case Studies, Wiley, New York, 1989.

[Venema] W. Venema, TCP Wrapper: Network monitoring, access control, and booby traps, Mathematics and Computing Science, Eindhoven University of Technology, The Netherlands.

< Day Day Up >