security.bib
@inproceedings{christ.radway.ea:differential,
author = {Miranda Christ and Sarah Radway and Steven M. Bellovin},
booktitle = {{IEEE} Symposium on Security and Privacy},
date = {2022-05-23},
date-added = {2022-03-06 12:52:49 -0500},
date-modified = {2022-07-08 11:16:33 -0400},
doi = {10.1109/SP46214.2022.00135},
month = {May 23,},
title = {Differential Privacy and Swapping: Examining
De-Identification's Impact on Minority Representation and
Privacy Preservation in the {U.S.} Census},
url = {https://www.computer.org/csdl/proceedings-article/sp/2022/131600b564/1CIO8gLsq2c},
year = {2022},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/DP_Swapping_Census_2-7.pdf}
}
@inproceedings{koh.nieh.ea:encrypted,
author = {John S. Koh and Jason Nieh and Steven Bellovin},
booktitle = {MobiSys 2021},
date-added = {2021-03-25 16:01:52 -0400},
date-modified = {2023-09-19 16:11:30 -0400},
month = {June},
title = {Encrypted Cloud Photo Storage Using {Google Photo}},
url = {https://dl.acm.org/doi/10.1145/3458864.3468220},
year = {2021},
bdsk-url-1 = {https://dl.acm.org/doi/10.1145/3458864.3468220}
}
@article{koh.bellovin.ea:making,
author = {John S. Koh and Steven M. Bellovin and Jason Nieh},
date-added = {2019-06-14 10:26:00 -0400},
date-modified = {2020-06-05 10:08:21 -0400},
journal = {{;login:}},
title = {Making It Easier to Encrypt Your Emails},
url = {https://www.usenix.org/publications/login/fall2019/koh},
volume = {September},
year = {2019},
bdsk-url-1 = {https://www.usenix.org/publications/login/fall2019/koh}
}
@inproceedings{koh.bellovin.ea:easy,
address = {Dresden, DE},
author = {John S. Koh and Steven M. Bellovin and Jason Nieh},
booktitle = {Proc. EuroSys 2019},
date = {2019-03},
date-added = {2019-02-10 20:35:53 -0500},
date-modified = {2019-03-25 05:53:23 -0400},
month = {March},
title = {Easy Email Encryption with Easy Key Management: Why
{Joanie} Can Encrypt},
url = {https://www.cs.columbia.edu/~smb/papers/eurosys-2019-submission408-e3-final-1.pdf},
year = {2019},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/eurosys-2019-submission408-e3-final-1.pdf}
}
@inproceedings{zimmeck.kim.ea:privacy,
author = {Sebastian Zimmeck and Hyungtae Kim and Steven M. Bellovin
and Tony Jebara},
booktitle = {Usenix Security},
date-added = {2017-05-11 15:58:58 +0000},
date-modified = {2017-09-07 03:02:08 +0000},
month = {August},
title = {A Privacy Analysis of Cross-device Tracking},
url = {https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/zimmeck},
year = {2017},
bdsk-url-1 = {https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/zimmeck}
}
@inproceedings{zimmeck.wang.ea:automated,
author = {Sebastian Zimmeck and Ziqi Wang and Lieyong Zou and Roger
Iyengar and Bin Liu and Florian Schaub and Shomir Wilson
and Norman Sadeh and Steven M. Bellovin and Joel
Reidenberg},
booktitle = {Proceedings of NDSS '17},
date-added = {2016-11-13 22:49:33 +0000},
date-modified = {2023-09-05 16:44:27 -0400},
month = {February},
title = {Automated Analysis of Privacy Requirements for Mobile
Apps},
url = {https://www.ndss-symposium.org/wp-content/uploads/2017/09/ndss2017_05A-5_Zimmeck_paper.pdf},
year = {2017},
bdsk-url-1 = {https://www.internetsociety.org/sites/default/files/ndss2017_05A-5_Zimmeck_paper.pdf}
}
@inproceedings{riederer.zimmeck.ea:i,
author = {Chris Riederer and Sebastian Zimmeck and Coralie Phanord
and Augustin Chaintreau and Steven M. Bellovin},
booktitle = {Proceedings of COSN '15},
date-added = {2015-10-21 20:34:23 +0000},
date-modified = {2015-10-21 20:34:23 +0000},
title = {I Don't Have a Photograph but You Can Have my
Footprints---Revealing the Demographics of Location Data},
year = {2015}
}
@inproceedings{zimmeck.bellovin:privee,
abstract = {Privacy policies on websites are based on the
notice-and-choice principle. They notify Web users of their
privacy choices. However, many users do not read privacy
policies or have difficulties understanding them. In order
to increase privacy transparency we propose Privee---a
software architecture for analyzing essential policy terms
based on crowdsourcing and automatic classification
techniques. We implement Privee in a proof of concept
browser extension that retrieves policy analysis results
from an online privacy policy repository or, if no such
results are available, performs automatic classifications.
While our classifiers achieve an overall F-1 score of 90%,
our experimental results suggest that classifier
performance is inherently limited as it correlates to the
same variable to which human interpretations
correlate---the ambiguity of natural language. This finding
might be interpreted to call the notice-and-choice
principle into question altogether. However, as our results
further suggest that policy ambiguity decreases over time,
we believe that the principle is workable. Consequently, we
see Privee as a promising avenue for facilitating the
notice-and-choice principle by accurately notifying Web
users of privacy practices and increasing privacy
transparency on the Web. },
address = {San Diego, CA},
author = {Sebastian Zimmeck and Steven M. Bellovin},
booktitle = {23rd USENIX Security Symposium (USENIX Security 14)},
date = {2014-08},
date-added = {2014-08-20 16:38:28 +0000},
date-modified = {2014-08-20 20:43:26 +0000},
isbn = {978-1-931971-15-7},
month = {August},
pages = {1--16},
publisher = {USENIX Association},
title = {Privee: An Architecture for Automatically Analyzing Web
Privacy Policies},
url = {https://www.usenix.org/conference/usenixsecurity14/technical-sessions/presentation/zimmeck},
year = {2014},
bdsk-url-1 = {http://blogs.usenix.org/conference/usenixsecurity14/technical-sessions/presentation/zimmeck}
}
@inproceedings{zhao.bellovin:high,
abstract = {Doing route selection based in part on source addresses is
a form of policy routing, which has started to receive
increased amounts of attention. In this paper, we extend
our previous work on ROFL (ROuting as the Firewall Layer)
to achieve source prefix filtering. This permits easy
definition of ``inside'' and ``outside'', even in MANET
environment where there is no topological boundary. We
present algorithms for route propagation and packet
forwarding using ROFL; we measure its performance in a
simulated environment with two different ad hoc routing
protocols. Simulation results demonstrate that ROFL can
significantly reduce unwanted packets without extra control
traffic incurred, and thus improves overall system
performance and preserves battery power of mobile nodes.
ROFL is the first scheme to provide a concrete defense
against some battery exhaustion attacks in MANETs.
Moreover, it requires only minor changes to existing ad hoc
network routing protocols, making it practical and feasible
to be deployed in real world.},
author = {Hang Zhao and Steven M. Bellovin},
booktitle = {International Conference on Mobile Ad-hoc and Sensor
Networks},
month = {December},
pages = {154--160},
title = {High Performance Firewalls in {MANETs}},
url = {https://www.cs.columbia.edu/~smb/papers/rofl-perf-msn10.pdf},
xaddress = {Los Alamitos, CA, USA},
xdoi = {http://doi.ieeecomputersociety.org/10.1109/MSN.2010.30},
xisbn = {978-0-7695-4315-4},
xpublisher = {IEEE Computer Society},
year = {2010},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/rofl-perf-msn10.pdf},
bdsk-url-2 = {http://doi.ieeecomputersociety.org/10.1109/MSN.2010.30}
}
@article{landwehr.boneh.ea:privacy,
author = {Carl Landwehr and Dan Boneh and John Mitchell and Steven
M. Bellovin and Susan Landau and Mike Lesk},
date-modified = {2012-12-18 16:25:20 +0000},
doi = {10.1109/JPROC.2012.2189794},
journal = {Proceedings of the {IEEE}},
number = {99},
pages = {1--15},
title = {Privacy and Cybersecurity: The Next 100 Years},
url = {http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6182691},
volume = {PP},
year = {2012},
bdsk-url-1 = {http://dx.doi.org/10.1109/JPROC.2012.2189794},
bdsk-url-2 = {http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6182691}
}
@article{bellovin.cheswick:network,
author = {Steven M. Bellovin and William R. Cheswick},
date-added = {2014-03-17 17:58:10 +0000},
date-modified = {2015-07-16 20:06:30 +0000},
doi = {10.1109/35.312843},
issn = {0163-6804},
journal = {IEEE Communications Magazine},
keyword = {Unix;computer networks;internetworking;network
servers;protocols;security of data;Internet;TCP/IP
protocol;UNIX operating system;UNIX programs;UNIX
systems;application gateways;circuit gateways;computer
network firewalls;computer security;network
gateways;networked computer;packet filtering;Application
software;Circuits;Computer networks;Computer
security;Information filtering;Information
filters;Internet;Operating systems;Protocols;TCPIP},
month = {Sept},
number = {9},
pages = {50-57},
title = {Network firewalls},
volume = {32},
year = {1994},
bdsk-url-1 = {http://dx.doi.org/10.1109/35.312843}
}
@misc{bellovin.cohen.ea:results,
author = {Steven M. Bellovin and C. Cohen and J. Havrilla and S.
Herman and B. King and J. Lanza and L. Pesante and R.
Pethia and S. McAllister and G. Henault and R.~T. Goodden
and A. P. Peterson and S. Finnegan and K. Katano and R.~M.
Smith and R.~A. Lowenthal},
month = {December},
title = {Results of the ``{Security} in {ActiveX} {Workshop}''},
url = {http://www.cert.org/reports/activeX_report.pdf},
year = {2000},
bdsk-url-1 = {http://www.cert.org/reports/activeX_report.pdf}
}
@inproceedings{bellovin:towards,
author = {Steven M. Bellovin},
booktitle = {Commercial {IPSO} Workshop, {INTEROP} '89},
month = {May},
title = {Towards a Commercial {IP} Security Option},
year = {1989}
}
@article{bellovin.bush:configuration,
author = {Steven M. Bellovin and Randy Bush},
journal = {{IEEE} Journal on Selected Areas in Communications},
month = {April},
number = {3},
pages = {268--274},
title = {Configuration Management and Security},
url = {https://www.cs.columbia.edu/~smb/papers/config-jsac.pdf},
volume = {27},
year = {2009},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/config-jsac.pdf}
}
@article{bellovin:distributed,
author = {Steven M. Bellovin},
htmurl = {https://www.cs.columbia.edu/~smb/papers/distfw.html},
journal = {;login:},
month = {November},
pages = {39--47},
psurl = {https://www.cs.columbia.edu/~smb/papers/distfw.ps},
title = {Distributed Firewalls},
url = {https://www.cs.columbia.edu/~smb/papers/distfw.pdf},
year = {1999},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/distfw.pdf}
}
@inproceedings{ioannidis.keromytis.ea:implementing,
address = {Athens, Greece},
author = {Sotiris Ioannidis and Angelos D. Keromytis and Steven M.
Bellovin and Jonathan M. Smith},
booktitle = {{ACM} Conference on Computer and Communications Security},
month = {November},
title = {Implementing a Distributed Firewall},
url = {https://www.cs.columbia.edu/~smb/papers/ccs-df.pdf},
year = {2000},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/ccs-df.pdf}
}
@inproceedings{bellovin:using*1,
address = {Salt Lake City, UT},
author = {Steven M. Bellovin},
booktitle = {Proceedings of the Fifth Usenix Unix Security Symposium},
month = {June},
pages = {199--208},
title = {Using the Domain Name System for System Break-Ins},
url = {https://www.cs.columbia.edu/~smb/papers/dnshack.pdf},
year = {1995},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/dnshack.pdf}
}
@inproceedings{cheswick.bellovin:dns,
address = {San Jose, CA},
author = {Bill Cheswick and Steven M. Bellovin},
booktitle = {Proceedings of the Sixth Usenix Unix Security Symposium},
pages = {15--19},
title = {A {DNS} Filter and Switch for Packet-filtering Gateways},
url = {http://www.cheswick.com/ches/papers/dnsproxy.html},
year = {1996},
bdsk-url-1 = {http://www.cheswick.com/ches/papers/dnsproxy.html}
}
@inproceedings{bellovin:there,
annote = {A discussion of attacks observed against our firewall.},
author = {Steven M. Bellovin},
booktitle = {Proceedings of the Third Usenix Unix Security Symposium},
month = {September},
pages = {1--16},
title = {There Be Dragons},
url = {https://www.cs.columbia.edu/~smb/papers/dragon.pdf},
year = {1992},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/dragon.pdf}
}
@article{bellovin:computer,
author = {Steven M. Bellovin},
journal = {Communications of the {ACM}},
month = {March},
number = {3},
title = {Computer Security---An End State?},
url = {https://www.cs.columbia.edu/~smb/papers/acm-predict.pdf},
volume = {44},
year = {2001},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/acm-predict.pdf}
}
@inproceedings{johnson.egelman.ea:facebook,
abstract = {We measure users' attitudes toward interpersonal privacy
concerns on Facebook and measure users' strategies for
reconciling their concerns with their desire to share
content online. To do this, we recruited 260 Facebook users
to install a Facebook application that surveyed their
privacy concerns, their friend network compositions, the
sensitivity of posted content, and their privacy-preserving
strategies. By asking participants targeted questions about
people randomly selected from their friend network and
posts shared on their profiles, we were able to quantify
the extent to which users trust their ``friends'' and the
likelihood that their content was being viewed by
unintended audiences. We found that while strangers are the
most concerning audience, almost 95\% of our participants
had taken steps to mitigate those concerns. At the same
time, we observed that 16.5\% of participants had at least
one post that they were uncomfortable sharing with a
specific friend---someone who likely already had the
ability to view it---and that 37\% raised more general
concerns with sharing their content with friends. We
conclude that the current privacy controls allow users to
effectively manage the outsider threat, but that they are
unsuitable for mitigating concerns over the insider
threat---members of the friend network who dynamically
become inappropriate audiences based on the context of a
post.},
author = {Maritza Johnson and Serge Egelman and Steven M. Bellovin},
booktitle = {Symposium On Usable Privacy and Security (SOUPS)},
date-modified = {2012-05-18 19:20:51 +0000},
month = {July},
title = {Facebook and Privacy: It's Complicated},
url = {https://www.cs.columbia.edu/~smb/papers/a9_Johnson.pdf},
year = {2012},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/a9_Johnson.pdf}
}
@article{cheswick.bellovin:how,
author = {William Cheswick and Steven M. Bellovin},
journal = {Scientific American},
month = {October},
pages = {106-107},
title = {How Computer Security Works: Firewalls},
year = {1998}
}
@misc{johnson.bellovin:policy,
author = {Maritza Johnson and Steven M. Bellovin},
howpublished = {Usenix HealthSec},
htmurl = {https://www.cs.columbia.edu/~smb/papers/johnson_healthSec.html},
month = {August},
note = {Position paper},
title = {Policy Management for E-Health Records},
url = {https://www.cs.columbia.edu/~smb/papers/johnson_healthSec.pdf},
year = {2010},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/johnson_healthSec.pdf}
}
@inproceedings{bellovin:look,
author = {Steven M. Bellovin},
booktitle = {Annual Computer Security Applications Conference},
month = {December},
note = {Invited paper},
title = {A Look Back at ``{Security} Problems in the {TCP/IP}
Protocol Suite''},
url = {https://www.cs.columbia.edu/~smb/papers/acsac-ipext.pdf},
year = {2004},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/acsac-ipext.pdf}
}
@article{bellovin:security*4,
annote = {An early paper describing some security risks from the
then-standard protocols in TCP/IP. Not all of the attacks
have happened yet\ldots.},
author = {Steven M. Bellovin},
journal = {Computer Communication Review},
month = {April},
number = {2},
pages = {32--48},
title = {Security Problems in the {TCP/IP} Protocol Suite},
url = {https://www.cs.columbia.edu/~smb/papers/ipext.pdf},
volume = {19},
year = {1989},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/ipext.pdf}
}
@inproceedings{potter.bellovin.ea:two,
author = {Shaya Potter and Steven M. Bellovin and Jason Nieh},
booktitle = {LISA '09},
month = {November},
title = {Two Person Control Administration: Preventing
Administration Faults through Duplication},
url = {http://www.usenix.org/events/lisa09/tech/full_papers/potter.pdf},
year = {2009},
bdsk-url-1 = {http://www.usenix.org/events/lisa09/tech/full_papers/potter.pdf}
}
@inproceedings{johnson.bellovin.ea:laissez-faire,
author = {Maritza Johnson and Steven M. Bellovin and Robert W.
Reeder and Stuart Schechter},
booktitle = {New Security Paradigms Workshop},
month = {September},
title = {Laissez-Faire File Sharing: Access Control Designed for
Individuals at the Endpoints},
url = {https://www.cs.columbia.edu/~smb/papers/nspw-use.pdf},
year = {2009},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/nspw-use.pdf}
}
@misc{bellovin.gansner:using,
author = {Steven M. Bellovin and Emden R. Gansner},
note = {Draft},
psurl = {https://www.cs.columbia.edu/~smb/papers/reroute.ps},
title = {Using Link Cuts to Attack {Internet} Routing},
url = {https://www.cs.columbia.edu/~smb/papers/reroute.pdf},
year = {2003},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/reroute.pdf}
}
@article{stolfo.bellovin.ea:measuring,
author = {Sal Stolfo and Steven M. Bellovin and David Evans},
date = {2011-05/2011-06},
doi = {10.1109/MSP.2011.48},
journal = {{IEEE} Security \& Privacy},
month = {May--June},
number = {3},
pages = {88},
title = {Measuring Security},
volume = {9},
xxurl = {https://www.cs.columbia.edu/~smb/papers/},
year = {2011},
bdsk-url-1 = {http://dx.doi.org/10.1109/MSP.2011.48}
}
@inproceedings{denker.bellovin.ea:moat,
author = {J.~S. Denker and Steven M. Bellovin and H. Daniel and
N.~L. Mintz and T. Killian and M.~A. Plotnick},
booktitle = {Proceedings of LISA XIII},
month = {November},
title = {Moat: A Virtual Private Network Appliance and Services
Platform},
url = {https://www.cs.columbia.edu/~smb/papers/moat.pdf},
year = {1999},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/moat.pdf}
}
@inproceedings{bellovin:security*5,
author = {Steven M. Bellovin},
booktitle = {Proceedings of the North American Serials Interest Group},
month = {June},
title = {Security and Uses of the {Internet}},
year = {1995}
}
@inproceedings{madejski.johnson.ea:study,
abstract = {Access control policies are notoriously difficult to
configure correctly, even people who are professionally
trained system administrators experience difficulty with
the task. With the increasing popularity of online social
networks (OSN) users of all levels are sharing an
unprecedented amount of personal information on the
Internet. Most OSNs give users the ability to specify what
they share with whom, but the difficulty of the task raises
the question of whether users' privacy settings match their
sharing intentions. We present the results of a study that
measures sharing intentions to identify potential
violations in users' real Facebook privacy settings. Our
results indicate a serious mismatch between intentions and
reality: every one of the 65 participants in our study had
at least one confirmed sharing violation. In other words,
OSN users' are unable to correctly manage their privacy
settings. Furthermore, a majority of users cannot or will
not fix such errors.},
author = {Michelle Madejski and Maritza Johnson and Steven M.
Bellovin},
booktitle = {Proceedings of SESOC 2012},
title = {A Study of Privacy Setting Errors in an Online Social
Network},
url = {https://www.cs.columbia.edu/~smb/papers/fb-violations-sesoc.pdf},
xnote = {An earlier version is available as Technical Report
CUCS-010-11.},
year = {2012},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/fb-violations-sesoc.pdf}
}
@inproceedings{zhao.lobo.ea:algebra,
author = {Hang Zhao and Jorge Lobo and Steven M. Bellovin},
booktitle = {Proceeding of the 9th IEEE Workshop on Policies for
Distributed Systems and Networks},
month = {June},
title = {An Algebra for Integration and Analysis of {Ponder2}
Policies},
url = {https://www.cs.columbia.edu/~smb/papers/ponder_short.pdf},
year = {2008},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/ponder_short.pdf}
}
@inproceedings{yee.wagner.ea:prerendered,
author = {Ka-Ping Yee and David Wagner and Marti Hearst and Steven
M. Bellovin},
booktitle = {Usenix/ACCURATE Electronic Voting Technology Workshop},
month = {August},
note = {An earlier version appeared as Technical Report
UCB/EECS-2006-35},
title = {Prerendered User Interfaces for Higher-Assurance
Electronic Voting},
url = {https://www.cs.columbia.edu/~smb/papers/prui-evt06.pdf},
year = {2006},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/prui-evt06.pdf}
}
@article{mahajan.bellovin.ea:controlling,
author = {Ratul Mahajan and Steven M. Bellovin and Sally Floyd and
John Ioannidis and Vern Paxson and Scott Shenker},
journal = {Computer Communication Review},
month = {July},
number = {3},
pages = {62--73},
title = {Controlling High Bandwidth Aggregates in the Network},
url = {https://www.cs.columbia.edu/~smb/papers/pushback-CCR.pdf},
volume = {32},
year = {2002},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/pushback-CCR.pdf}
}
@inproceedings{ioannidis.bellovin:implementing,
author = {John Ioannidis and Steven M. Bellovin},
booktitle = {Proc. Internet Society Symposium on Network and
Distributed System Security},
psurl = {https://www.cs.columbia.edu/~smb/papers/pushback-impl.ps},
title = {Implementing Pushback: Router-Based Defense Against
{DD}o{S} Attacks},
url = {https://www.cs.columbia.edu/~smb/papers/pushback-impl.pdf},
year = {2002},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/pushback-impl.pdf}
}
@inproceedings{zhao.chau.ea:rofl,
author = {Hang Zhao and Chi-Kin Chau and Steven M. Bellovin},
booktitle = {New Security Paradigms Workshop},
month = {September},
note = {A version is available as Technical Report CUCS-026-08},
title = {{ROFL}: Routing as the Firewall Layer},
url = {https://mice.cs.columbia.edu/getTechreport.php?techreportID=541},
year = {2008},
bdsk-url-1 = {https://mice.cs.columbia.edu/getTechreport.php?techreportID=541}
}
@inproceedings{zhao.lobo.ea:policy,
address = {Dublin, Ireland},
author = {Hang Zhao and Jorge Lobo and Arnab Roy and Steven M.
Bellovin},
booktitle = {The 12th IFIP/IEEE International Symposium on Integrated
Network Management (IM 2011)},
days = {23},
month = {May},
title = {Policy Refinement of Network Services for {MANETs}},
url = {https://www.cs.columbia.edu/~smb/papers/rofl-refine.pdf},
year = {2011},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/rofl-refine.pdf}
}
@inproceedings{johnson.atreya.ea:rust*1,
author = {Maritza Johnson and Chaitanya Atreya and Adam Aviv and
Mariana Raykova and Steven M. Bellovin and Gail Kaiser},
booktitle = {Usenix Workshop on Usability, Psychology, and Security},
month = {April},
title = {{RUST}: A Retargetable Usability Testbed for Website
Authentication Technologies},
url = {http://www.usenix.org/events/upsec08/tech/full_papers/johnson/johnson.pdf},
year = {2008},
bdsk-url-1 = {http://www.usenix.org/events/upsec08/tech/full_papers/johnson/johnson.pdf}
}
@inproceedings{bellovin:session,
author = {Steven M. Bellovin},
booktitle = {Proc. Usenix Conference},
issue = {Summer},
month = {Summer},
title = {The ``Session Tty'' Manager},
url = {https://www.cs.columbia.edu/~smb/papers/sessext.pdf},
year = {1988},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/sessext.pdf}
}
@inproceedings{bellovin:position,
author = {Steven M. Bellovin},
booktitle = {{W3C/IAB} Workshop on Strengthening the {Internet} Against
Pervasive Monitoring {(STRINT)}},
month = {March},
title = {Position Paper: Security and Simplicity},
url = {https://www.w3.org/2014/strint/papers/34.pdf},
year = {2014},
bdsk-url-1 = {https://www.w3.org/2014/strint/papers/34.pdf}
}
@inproceedings{ioannidis.bellovin.ea:sub-operating,
author = {Sotiris Ioannidis and Steven M. Bellovin and Jonathan
Smith},
booktitle = {SIGOPS European Workshop},
month = {September},
title = {Sub-Operating Systems: A New Approach to Application
Security},
url = {https://www.cs.columbia.edu/~smb/papers/subos.pdf},
year = {2002},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/subos.pdf}
}
@inproceedings{ioannidis.bellovin:building,
author = {Sotiris Ioannidis and Steven M. Bellovin},
booktitle = {Usenix Conference},
month = {June},
title = {Building a Secure Web Browser},
url = {https://www.cs.columbia.edu/~smb/papers/sub-browser.pdf},
year = {2001},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/sub-browser.pdf}
}
@incollection{gregory:why,
author = {Peter Gregory},
booktitle = {Solaris Security},
note = {(Foreword)},
otherauth = {Bellovin},
publisher = {Prentice-Hall},
title = {Why Systems Administration is Hard},
url = {https://www.cs.columbia.edu/~smb/papers/sysadmin.html},
year = {1999},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/sysadmin.html}
}
@inproceedings{gleitz.bellovin:transient,
author = {Peter M. Gleitz and Steven M. Bellovin},
booktitle = {Proceedings of the Eleventh Usenix Security Symposium},
date-modified = {2018-08-03 21:20:25 +0000},
month = {August},
title = {Transient Addressing for Related Processes: Improved
Firewalling by Using {IPv6} and Multiple Addresses per
Host},
url = {https://www.cs.columbia.edu/~smb/papers/tarp.pdf},
year = {2001},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/tarp.pdf}
}
@article{bellovin.keromytis.ea:worm,
author = {Steven M. Bellovin and Angelos Keromytis and Bill
Cheswick},
journal = {;login:},
month = {February},
pages = {70-76},
title = {Worm Propagation Strategies in an {IPv6} {Internet}},
url = {https://www.cs.columbia.edu/~smb/papers/v6worms.pdf},
year = {2006},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/v6worms.pdf}
}
@article{bellovin:virtual,
author = {Steven M. Bellovin},
htmurl = {http://www.csl.sri.com/users/neumann/insiderisks06.html#196},
journal = {Communications of the ACM},
month = {October},
note = {``Inside RISKS'' column},
number = {10},
pdfurl = {http://portal.acm.org/citation.cfm?id=1164414},
title = {Virtual Machines, Virtual Security},
volume = {49},
year = {2006}
}
@inproceedings{ioannidis.bellovin.ea:design,
address = {Linz, Austria},
author = {Sotiris Ioannidis and Steven M. Bellovin and John
Ioannidis and Angelos D. Keromytis and Jonathan M. Smith},
booktitle = {Proceedings of the {IEEE} International Workshops on
Enabling Technologies: Infrastructure for Collaborative
Enterprises {(WETICE)}, Workshop on Enterprise Security},
month = {June},
title = {Design and Implementation of Virtual Private Services},
url = {https://www.cs.columbia.edu/~smb/papers/vps.pdf},
year = {2003},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/vps.pdf}
}
@article{ioannidis.bellovin.ea:coordinated,
author = {Sotiris Ioannidis and Steven M. Bellovin and John
Ioannidis and Angelos D. Keromytis and Kostas Anagnostakis
and Jonathan M. Smith},
journal = {International Journal of Network Security},
month = {January},
number = {1},
pages = {69--80},
title = {Coordinated Policy Enforcement for Distributed
Applications},
url = {https://www.cs.columbia.edu/~smb/papers/ijns-2007-v4-n1-p69-80.pdf},
volume = {4},
year = {2007},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/ijns-2007-v4-n1-p69-80.pdf}
}
@inproceedings{johnson.bellovin:security,
abstract = {There are currently proposals for web access to devices.
The security threats are obvious. We propose design
principles intended to ensure that the user actually
controls access, despite potential errors in judgment,
tricky web pages, or flaws in browsers.},
author = {Maritza Johnson and Steven M. Bellovin},
booktitle = {Security for Access to Device APIs from the Web - W3C
Workshop},
month = {December},
title = {Security Assurance for Web Device {APIs}},
url = {https://www.cs.columbia.edu/~smb/papers/webapi.pdf},
year = {2008},
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/webapi.pdf}
}
@inproceedings{cheng.raykova.ea:zodiac,
author = {Yuu-Heng Cheng and Mariana Raykova and Alex Poylisher and
Scott Alexander and Martin Eiger and Steven M. Bellovin},
booktitle = {{IEEE} Policy 2009},
month = {July},
note = {Longer version issued as CUCS-023-09},
title = {The {Zodiac} Policy Subsystem: a Policy-Based Management
System for a High-Security {MANET}},
year = {2009}
}
@inproceedings{vo.bellovin:anonymous,
abstract = { Publish-subscribe protocols offer a unique means of data
distribution, that has many applications for distributed
systems. These protocols enable message delivery based on
subscription rather than specific addressing; meaning a
message is addressed by a subject string rather than to a
specific recipient. Recipients may then subscribe to
subjects they are interested in receiving using a variety
of parameters, and receive these messages immediately
without having to poll for them. This format is a natural
match for anonymous delivery systems: systems that enable
users to send messages without revealing their identity.
These systems are an area of great interest, ranging from
messaging relays like Tor, to publication systems like
FreeHaven. However, existing systems do not allow delivery
based on topics, a mechanism which is a natural match for
anonymous communication since it is not addressed based on
identity. We concretely describe the properties of and
propose a system that allows publish-subscribe based
delivery, while protecting the identities of both the
publishers and subscribers from each other, from outside
parties, and from entities that handle the implementation
of the system. },
address = {Beijing},
author = {Binh Vo and Steven M. Bellovin},
booktitle = {SECURECOMM},
month = {September},
title = {Anonymous Publish-Subscribe Systems},
url = {https://www.cs.columbia.edu/~smb/papers/anon-pubsub.pdf},
year = 2014,
bdsk-url-1 = {https://www.cs.columbia.edu/~smb/papers/anon-pubsub.pdf}
}