Skip header Section
Skip Bibliometrics Section
Security Engineering: A Guide to Building Dependable Distributed SystemsFebruary 2001
- Author:
- Ross J. Anderson
Skip Abstract Section
Abstract
From the Publisher:
The first quick reference guide to the do's and don'ts of creating high quality security systems.
Ross Anderson, widely recognized as one of the world's foremost authorities on security engineering, presents a comprehensive design tutorial that covers a wide range of applications. Designed for today's programmers who need to build systems that withstand malice as well as error (but have no time to go do a PhD in security), this bookillustrates basic concepts through many real-world system design successes and failures. Topics range from firewalls, through phone phreaking and copyright protection, to frauds against e-businesses. Anderson's book shows how to use a wide range of tools, from cryptology through smartcards to applied psychology. As everything from burglar alarms through heart monitors to bus ticket dispensers starts talking IP, the techniques taught in this book will become vital to everyone who wants to build systems that are secure, dependable and manageable.
Cited By
- Mitropoulos D, Sotiropoulos T, Koutsovasilis N and Spinellis D (2019). PDGuard: an architecture for the control and secure processing of personal data, International Journal of Information Security, 19:4, (479-498), Online publication date: 1-Aug-2020.
- Wang H, Shi Q, Forte D and Tehranipoor M (2019). Probing Assessment Framework and Evaluation of Antiprobing Solutions, IEEE Transactions on Very Large Scale Integration (VLSI) Systems, 27:6, (1239-1252), Online publication date: 1-Jun-2019.
- Farajallah M, Assad S and Deforges O (2018). Cryptanalyzing an image encryption scheme using reverse 2-dimensional chaotic map and dependent diffusion, Multimedia Tools and Applications, 77:21, (28225-28248), Online publication date: 1-Nov-2018.
Padget J and Vasconcelos W (2018). Fine-Grained Access Control via Policy-Carrying Data, ACM Transactions on Internet Technology, 18:3, (1-24), Online publication date: 31-Aug-2018.- Gomez-Barrero M, Maiorana E, Galbally J, Campisi P and Fierrez J (2017). Multi-biometric template protection based on Homomorphic Encryption, Pattern Recognition, 67:C, (149-163), Online publication date: 1-Jul-2017.
- Zulkipli N and Wills G An event-based access control for IoT Proceedings of the Second International Conference on Internet of things, Data and Cloud Computing, (1-4)
- Gupta S, Kodam S and Yang B Multichannel key exchange Proceedings of the Second International Conference on Internet of things, Data and Cloud Computing, (1-5)
- Guo Z, Han W, Liu L, Xu W, Bu R and Ni M SPA Proceedings of the 20th ACM Symposium on Access Control Models and Technologies, (221-231)
- Jaidi F and Ayachi F The problem of integrity in RBAC-based policies within relational databases Proceedings of the 9th International Conference on Ubiquitous Information Management and Communication, (1-8)
- Arzapalo D, Chiprianov V, Gallon L and Aniorté P A Model-Driven Security Requirements Approach to Deduce Security Policies Based on OrBAC Information Security and Cryptology, (150-169)
- (2014). DAG-based attack and defense modeling, Computer Science Review, 13:C, (1-38), Online publication date: 1-Nov-2014.
- Bossuet L, Grand M, Gaspar L, Fischer V and Gogniat G (2013). Architectures of flexible symmetric key crypto engines—a survey, ACM Computing Surveys, 45:4, (1-32), Online publication date: 1-Aug-2013.
- Alhaj A, Aljawarneh S, Masadeh S and Abu-Taieh E (2013). A Secure Data Transmission Mechanism for Cloud Outsourced Data, International Journal of Cloud Applications and Computing, 3:1, (34-43), Online publication date: 1-Jan-2013.
- Bernard N and Leprévost F (2012). Hardened Bloom Filters, with an Application to Unobservability, Annales UMCS, Informatica, 12:4, (11-22), Online publication date: 1-Dec-2012.
- Cavalcante R, Bittencourt I, da Silva A, Silva M, Costa E and Santos R (2012). A survey of security in multi-agent systems, Expert Systems with Applications: An International Journal, 39:5, (4835-4846), Online publication date: 1-Apr-2012.
- Mohammadi S, Golara S and Mousavi N (2012). Selecting Adequate Security Mechanisms in E-Business Processes Using Fuzzy TOPSIS, International Journal of Fuzzy System Applications, 2:1, (35-53), Online publication date: 1-Jan-2012.
- Mustafić T, Messerman A, Camtepe S, Schmidt A and Albayrak S Behavioral biometrics for persistent single sign-on Proceedings of the 7th ACM workshop on Digital identity management, (73-82)
- Haredasht S and Rashidi H Evaluation of the existing security patterns in software security Proceedings of the 11th WSEAS international conference on Applied computer science, (35-40)
- Magnusson C (2011). ICT pollution and liability, ACM SIGCAS Computers and Society, 41:1, (48-53), Online publication date: 1-Oct-2011.
- Kalyango S and Maiga G A technique for strengthening weak passwords in electronic medical record systems Proceedings of the First international conference on Foundations of Health Informatics Engineering and Systems, (207-224)
- Al‐Shawi A (2011). Data mining techniques for information security applications, WIREs Computational Statistics, 3:3, (221-229), Online publication date: 4-Apr-2011.
- Avoine G, Bingöl M, Kardaş S, Lauradoux C and Martin B (2011). A framework for analyzing RFID distance bounding protocols, Journal of Computer Security, 19:2, (289-317), Online publication date: 1-Apr-2011.
- Avoine G, Bingöl M, Kardaş S, Lauradoux C and Martin B (2011). A framework for analyzing RFID distance bounding protocols, Journal of Computer Security, 19:2, (289-317), Online publication date: 1-Apr-2011.
- Eichler J Lightweight modeling and analysis of security concepts Proceedings of the Third international conference on Engineering secure software and systems, (128-141)
- Tague P, Nabar S, Ritcey J and Poovendran R (2011). Jamming-aware traffic allocation for multiple-path routing using portfolio selection, IEEE/ACM Transactions on Networking, 19:1, (184-194), Online publication date: 1-Feb-2011.
- Di Pietro R, Mancini L and Mei A (2010). Hierarchies of keys in secure multicast communications, Journal of Computer Security, 18:5, (839-860), Online publication date: 1-Sep-2010.
- Hao F and Ryan P J-PAKE Transactions on computational science XI, (192-206)
- Birge C Enhancing research into usable privacy and security Proceedings of the 27th ACM international conference on Design of communication, (221-226)
- Atakli I, Chen Y, Wu Q and Craver S BLINK Proceedings of the 11th ACM workshop on Multimedia and security, (171-176)
- Potkonjak M, Nahapetian A, Nelson M and Massey T Hardware Trojan horse detection using gate-level characterization Proceedings of the 46th Annual Design Automation Conference, (688-693)
- Park A Domain Specific Intended Use Evaluation Method Proceedings of the 3rd International Conference and Workshops on Advances in Information Security and Assurance, (778-787)
- Olagunju A, Cameron M and Mowe R Graduate follow up as a vehicle for CSIT curriculum assessment and improvement Proceedings of the 14th Western Canadian Conference on Computing Education, (96-102)
- Slater D, Tague P, Poovendran R and Matt B A coding-theoretic approach for efficient message verification over insecure channels Proceedings of the second ACM conference on Wireless network security, (151-160)
- Junod P, Karlov A and Lenstra A Improving the Boneh-Franklin Traitor Tracing Scheme Proceedings of the 12th International Conference on Practice and Theory in Public Key Cryptography: PKC '09, (88-104)
- Höhn S Model-based reasoning on the achievement of business goals Proceedings of the 2009 ACM symposium on Applied Computing, (1589-1593)
- Ghani N and Sidek Z (2009). Personal information privacy protection in e-commerce, WSEAS Transactions on Information Science and Applications, 6:3, (407-416), Online publication date: 1-Mar-2009.
- Majzoobi M, Koushanfar F and Potkonjak M (2009). Techniques for Design and Implementation of Secure Reconfigurable PUFs, ACM Transactions on Reconfigurable Technology and Systems, 2:1, (1-33), Online publication date: 1-Mar-2009.
- Guarda P and Zannone N (2009). Towards the development of privacy-aware systems, Information and Software Technology, 51:2, (337-350), Online publication date: 1-Feb-2009.
- Ghani N and Sidek Z Personal information and privacy in E-commerce application Proceedings of the 7th WSEAS international conference on Information security and privacy, (28-32)
- Palmer A (2008). Criteria to evaluate Automated Personal Identification Mechanisms, Computers and Security, 27:7-8, (260-284), Online publication date: 1-Dec-2008.
- Narasimhan V and Lal Das M (2008). Data and information security (DIS) for BS and MS programs, ACM SIGCSE Bulletin, 40:4, (95-99), Online publication date: 30-Nov-2008.
- Majzoobi M, Koushanfar F and Potkonjak M Lightweight secure PUFs Proceedings of the 2008 IEEE/ACM International Conference on Computer-Aided Design, (670-673)
- Chan E, Carlyle J, David F, Farivar R and Campbell R BootJacker Proceedings of the 15th ACM conference on Computer and communications security, (555-564)
- Alkabani Y and Koushanfar F Active control and digital rights management of integrated circuit IP cores Proceedings of the 2008 international conference on Compilers, architectures and synthesis for embedded systems, (227-234)
- Khattab S, Mosse D and Melhem R Jamming Mitigation in Multi-Radio Wireless Networks Proceedings of the 4th international conference on Security and privacy in communication netowrks, (1-10)
- Goldwasser S, Kalai Y and Rothblum G One-Time Programs Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology, (39-56)
- Grunske L and Joyce D (2008). Quantitative risk-based security prediction for component-based systems with explicitly modeled attack profiles, Journal of Systems and Software, 81:8, (1327-1345), Online publication date: 1-Aug-2008.
- Halderman J, Schoen S, Heninger N, Clarkson W, Paul W, Calandrino J, Feldman A, Appelbaum J and Felten E Lest we remember Proceedings of the 17th conference on Security symposium, (45-60)
- Hao F and Ryan P Password authenticated key exchange by juggling Proceedings of the 16th International conference on Security protocols, (159-171)
- Cvrček D and Danezis G Fighting the 'good' internet war Proceedings of the 16th International conference on Security protocols, (3-11)
- Voyiatzis A and Serpanos D (2008). The security of the Fiat--Shamir scheme in the presence of transient hardware faults, ACM Transactions on Embedded Computing Systems, 7:3, (1-13), Online publication date: 1-Apr-2008.
- Pournaghshband V A new watermarking approach for relational data Proceedings of the 46th Annual Southeast Regional Conference on XX, (127-131)
- Grummt E and Müller M Fine-grained access control for EPC information services Proceedings of the 1st international conference on The internet of things, (35-49)
- Roy J, Koushanfar F and Markov I EPIC Proceedings of the conference on Design, automation and test in Europe, (1069-1074)
- Phillips B, Schmidt C and Kelly D Recovering data from USB flash memory sticks that have been damaged or electronically erased Proceedings of the 1st international conference on Forensic applications and techniques in telecommunications, information, and multimedia and workshop, (1-6)
- Sadeghi A Trusted computing Proceedings of the 34th conference on Current trends in theory and practice of computer science, (98-117)
- Gassend B, Dijk M, Clarke D, Torlak E, Devadas S and Tuyls P (2008). Controlled physical random functions and applications, ACM Transactions on Information and System Security, 10:4, (1-22), Online publication date: 1-Jan-2008.
- Elahi G and Yu E A goal oriented approach for modeling and analyzing security trade-offs Proceedings of the 26th international conference on Conceptual modeling, (375-390)
- Jourdan G (2007). Centralized Web Proxy Services, IEEE Internet Computing, 11:6, (46-52), Online publication date: 1-Nov-2007.
- Suh G, O'Donnell C and Devadas S (2007). Aegis, IEEE Design & Test, 24:6, (570-580), Online publication date: 1-Nov-2007.
- Tague P and Poovendran R (2007). A canonical seed assignment model for key predistribution in wireless sensor networks, ACM Transactions on Sensor Networks, 3:4, (19-es), Online publication date: 1-Oct-2007.
- Lang A, Dittmann J, Kiltz S and Hoppe T Future perspectives Proceedings of the 26th international conference on Computer Safety, Reliability, and Security, (40-53)
- Nakamura Y, Sato F and Chung H Syntactic Validation of Web Services Security Policies Proceedings of the 5th international conference on Service-Oriented Computing, (319-329)
- Goi B, Phan R and Chuah H Cryptanalysis of two non-anonymous buyer-seller watermarking protocols for content protection Proceedings of the 2007 international conference on Computational science and its applications - Volume Part I, (951-960)
- Alkabani Y and Koushanfar F Active hardware metering for intellectual property protection and security Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium, (1-16)
- Wu Q, Susilo W, Mu Y and Qin B Cryptanalysis of BGW broadcast encryption schemes for DVD content protection Proceedings of the 4th international conference on Autonomic and Trusted Computing, (32-41)
- Phan R and Goi B On the analysis and design of a family tree of smart card based user authentication schemes Proceedings of the 4th international conference on Ubiquitous Intelligence and Computing, (1213-1221)
- Verbauwhede I and Schaumont P Design methods for security and trust Proceedings of the conference on Design, automation and test in Europe, (672-677)
- Derrick E, Tibbs R and Reynolds L Investigating new approaches to data collection, management and analysis for network intrusion detection Proceedings of the 45th annual southeast regional conference, (283-287)
- Hopper N, Molnar D and Wagner D From weak to strong watermarking Proceedings of the 4th conference on Theory of cryptography, (362-382)
- Anderson R Position statement in RFID S&P panel Proceedings of the 11th International Conference on Financial cryptography and 1st International conference on Usable Security, (46-49)
- Phan R and Goi B Cryptanalysis of two provably secure cross-realm C2C-PAKE protocols Proceedings of the 7th international conference on Cryptology in India, (104-117)
- Dagorn N Cooperative intrusion detection for web applications Proceedings of the 5th international conference on Cryptology and Network Security, (286-302)
- Becker S, Hasselbring W, Paul A, Boskovic M, Koziolek H, Ploski J, Dhama A, Lipskoch H, Rohr M, Winteler D, Giesecke S, Meyer R, Swaminathan M, Happe J, Muhle M and Warns T (2006). Trustworthy software systems, ACM SIGSOFT Software Engineering Notes, 31:6, (1-18), Online publication date: 1-Nov-2006.
- Lee J and Kim H A framework for ensuring security in ubiquitous computing environment based on security engineering approach Proceedings of the 10th international conference on Knowledge-Based Intelligent Information and Engineering Systems - Volume Part I, (1250-1258)
- Hoh B, Gruteser M, Xiong H and Alrabady A (2006). Enhancing Security and Privacy in Traffic-Monitoring Systems, IEEE Pervasive Computing, 5:4, (38-46), Online publication date: 1-Oct-2006.
- Hao F, Anderson R and Daugman J (2006). Combining Crypto with Biometrics Effectively, IEEE Transactions on Computers, 55:9, (1081-1088), Online publication date: 1-Sep-2006.
- Lu C, Zhang T, Shi W and Lee H (2006). M-TREE, Journal of Parallel and Distributed Computing, 66:9, (1116-1128), Online publication date: 1-Sep-2006.
- Baiardi F, Suin S, Telmon C and Pioli M Assessing the risk of an information infrastructure through security dependencies Proceedings of the First international conference on Critical Information Infrastructures Security, (42-54)
- Newman R, Gavette S, Yonge L and Anderson R Protecting domestic power-line communications Proceedings of the second symposium on Usable privacy and security, (122-132)
- Gaw S and Felten E Password management strategies for online accounts Proceedings of the second symposium on Usable privacy and security, (44-55)
- Erlingsson Ú and MacCormick J (2006). Ad hoc extensibility and access control, ACM SIGOPS Operating Systems Review, 40:3, (93-101), Online publication date: 1-Jul-2006.
- Mouratidis H, Jürjens J and Fox J Towards a comprehensive framework for secure systems development Proceedings of the 18th international conference on Advanced Information Systems Engineering, (48-62)
- Haley C, Moffett J, Laney R and Nuseibeh B A framework for security requirements engineering Proceedings of the 2006 international workshop on Software engineering for secure systems, (35-42)
- Chandra P, Chess B and Steven J (2006). Putting the Tools to Work, IEEE Security and Privacy, 4:3, (80-83), Online publication date: 1-May-2006.
- Becher A, Benenson Z and Dornseif M Tampering with motes Proceedings of the Third international conference on Security in Pervasive Computing, (104-118)
- Hwang D, Schaumont P, Tiri K and Verbauwhede I (2006). Securing Embedded Systems, IEEE Security and Privacy, 4:2, (40-49), Online publication date: 1-Mar-2006.
- Yang S, Sakiyama K and Verbauwhede I (2006). Efficient and secure fingerprint verification for embedded devices, EURASIP Journal on Advances in Signal Processing, 2006, (24-24), Online publication date: 1-Jan-2006.
- Adelsbach A, Huber U and Sadeghi A Property-Based broadcast encryption for multi-level security policies Proceedings of the 8th international conference on Information Security and Cryptology, (15-31)
- Zhu F, Mutka M and Ni L (2005). Service Discovery in Pervasive Computing Environments, IEEE Pervasive Computing, 4:4, (81-90), Online publication date: 1-Oct-2005.
- Baiardi F and Telmon C A theoretical model for the average impact of attacks on billing infrastructures Proceedings of the Third international conference on Mathematical Methods, Models, and Architectures for Computer Network Security, (298-310)
- Flechais I, Riegelsberger J and Sasse M Divide and conquer Proceedings of the 2005 workshop on New security paradigms, (33-41)
- Zhang N, Ryan M and Guelev D Evaluating access control policies through model checking Proceedings of the 8th international conference on Information Security, (446-460)
- Yeo G and Phan R On the security of the WinRAR encryption method Proceedings of the 8th international conference on Information Security, (402-416)
- Yang S, Schaumont P and Verbauwhede I Microcoded coprocessor for embedded secure biometric authentication systems Proceedings of the 3rd IEEE/ACM/IFIP international conference on Hardware/software codesign and system synthesis, (130-135)
- Jaferian P, Elahi G, Ayatollahzadeh Shirazi M and Sadeghian B RUPSec Proceedings of the 31st EUROMICRO Conference on Software Engineering and Advanced Applications, (232-239)
- Shakshuki E, Luo Z and Gong J (2005). An agent-based approach to security service, Journal of Network and Computer Applications, 28:3, (183-208), Online publication date: 1-Aug-2005.
- Karlof C, Sastry N and Wagner D Cryptographic voting protocols Proceedings of the 14th conference on USENIX Security Symposium - Volume 14, (3-3)
- Mouratidis H, Kolp M, Faulkner S and Giorgini P A secure architectural description language for agent systems Proceedings of the fourth international joint conference on Autonomous agents and multiagent systems, (578-585)
- Moran T and Naor M Basing cryptographic protocols on tamper-evident seals Proceedings of the 32nd international conference on Automata, Languages and Programming, (285-297)
- Mead N and McGraw G (2005). A Portal for Software Security, IEEE Security and Privacy, 3:4, (75-79), Online publication date: 1-Jul-2005.
- McGregor J, Yin Y and Lee R A traitor tracing scheme based on RSA for fast decryption Proceedings of the Third international conference on Applied Cryptography and Network Security, (56-74)
- Suh G, O'Donnell C, Sachdev I and Devadas S Design and Implementation of the AEGIS Single-Chip Secure Processor Using Physical Random Functions Proceedings of the 32nd annual international symposium on Computer Architecture, (25-36)
- Wright C and Ayton P (2005). Focusing on what might happen and how it could feel, International Journal of Human-Computer Studies, 62:6, (759-783), Online publication date: 1-Jun-2005.
- Bryce C, Dimmock N, Krukow K, Seigneur J, Cahill V and Wagealla W Towards an evaluation methodology for computational trust systems Proceedings of the Third international conference on Trust Management, (289-304)
- Manzanares A, Márquez J, Estevez-Tapiador J and Castro J Attacks on port knocking authentication mechanism Proceedings of the 2005 international conference on Computational Science and Its Applications - Volume Part IV, (1292-1300)
- Suh G, O'Donnell C, Sachdev I and Devadas S (2005). Design and Implementation of the AEGIS Single-Chip Secure Processor Using Physical Random Functions, ACM SIGARCH Computer Architecture News, 33:2, (25-36), Online publication date: 1-May-2005.
- Zhu F, Mutka M and Ni L (2005). Facilitating secure ad hoc service discovery in public environments, Journal of Systems and Software, 76:1, (45-54), Online publication date: 1-Apr-2005.
- Hommersom A, Meyer J and de Vink E (2005). Toward Reasoning about Security Protocols, Electronic Notes in Theoretical Computer Science (ENTCS), 126:C, (53-75), Online publication date: 8-Mar-2005.
- Giorgini P, Massacci F and Zannone N Security and trust requirements engineering Foundations of Security Analysis and Design III, (237-272)
- Jürjens J Model-Based security engineering with UML Foundations of Security Analysis and Design III, (42-77)
- Arkin B, Stender S and McGraw G (2005). Software Penetration Testing, IEEE Security and Privacy, 3:1, (84-87), Online publication date: 1-Jan-2005.
- Duri S, Elliott J, Gruteser M, Liu X, Moskowitz P, Perez R, Singh M and Tang J (2004). Data protection and data sharing in telematics, Mobile Networks and Applications, 9:6, (693-701), Online publication date: 1-Dec-2004.
- Chapman R and Hilton A (2004). Enforcing security and safety models with an information flow analysis tool, ACM SIGAda Ada Letters, XXIV:4, (39-46), Online publication date: 1-Dec-2004.
- Androutsellis-Theotokis S and Spinellis D (2004). A survey of peer-to-peer content distribution technologies, ACM Computing Surveys, 36:4, (335-371), Online publication date: 1-Dec-2004.
- Deubler M, Grünbauer J, Jürjens J and Wimmel G Sound development of secure service-based systems Proceedings of the 2nd international conference on Service oriented computing, (115-124)
- Chapman R and Hilton A Enforcing security and safety models with an information flow analysis tool Proceedings of the 2004 annual ACM SIGAda international conference on Ada: The engineering of correct and reliable software for real-time & distributed systems using Ada and related technologies, (39-46)
- Yu Y and Chiueh T Display-only file server Proceedings of the 4th ACM workshop on Digital rights management, (31-39)
- Shaikh S Information security education in the UK Proceedings of the 1st annual conference on Information security curriculum development, (53-58)
- Flinn S and Stoyles S Omnivore Proceedings of the 2004 workshop on New security paradigms, (97-105)
- Greenwald S, Olthoff K, Raskin V and Ruch W The user non-acceptance paradigm Proceedings of the 2004 workshop on New security paradigms, (35-43)
- Drouineaud M, Bortin M, Torrini P and Sohr K A First Step Towards Formal Verification of Security Policy Properties for RBAC Proceedings of the Quality Software, Fourth International Conference, (60-67)
- Peysakhov M, Artz D, Sultanik E and Regli W Network Awareness for Mobile Agents on Ad Hoc Networks Proceedings of the Third International Joint Conference on Autonomous Agents and Multiagent Systems - Volume 1, (368-376)
- Zugenmaier A FLASCHE – a mechanism providing anonymity for mobile users Proceedings of the 4th international conference on Privacy Enhancing Technologies, (121-141)
- Knight J An Introduction to Computing System Dependability Proceedings of the 26th International Conference on Software Engineering, (730-731)
- Anderson R The dancing bear Proceedings of the 12th international conference on Security Protocols, (231-238)
- Bush W, Ng A, Simon D and Mathiske B A mechanism for secure, fine-grained dynamic provisioning of applications on small devices Proceedings of the 2004 international conference on Construction and Analysis of Safe, Secure, and Interoperable Smart Devices, (86-107)
- White A, O'Brien J, Pryde G, Ralph T and Gilchrist A Quantum gates in optics Proceedings of the winter international synposium on Information and communication technologies, (1-1)
- Peltsverger B, Shah A and Peltsverger S Inter-personnel communications and network security procedures Proceedings of the winter international synposium on Information and communication technologies, (1-6)
- Wood A, Stankovic J and Son S JAM Proceedings of the 24th IEEE International Real-Time Systems Symposium
- Suh G, Clarke D, Gassend B, Dijk M and Devadas S Efficient Memory Integrity Verification and Encryption for Secure Processors Proceedings of the 36th annual IEEE/ACM International Symposium on Microarchitecture
- Yang S and Verbauwhede I A secure fingerprint matching technique Proceedings of the 2003 ACM SIGMM workshop on Biometrics methods and applications, (89-94)
- Alkassar A, Stüble C and Sadeghi A Secure object identification Proceedings of the 2003 workshop on New security paradigms, (77-85)
- Da Cruz D, Rumpe B and Wimmel G Retrofitting security into a web-based information system Proceedings of the 2003 international conference on Web engineering, (301-305)
- Anderson R Cryptography and competition policy Proceedings of the twenty-second annual symposium on Principles of distributed computing, (3-10)
- Mouratidis H, Giorgini P and Manson G Integrating security and systems engineering Proceedings of the 15th international conference on Advanced information systems engineering, (63-78)
- Benini L, Macii A, Macii E, Omerbegovic E, Pro F and Poncino M Energy-aware design techniques for differential power analysis protection Proceedings of the 40th annual Design Automation Conference, (36-41)
- Knight J Computing systems dependability Proceedings of the 25th International Conference on Software Engineering, (742-743)
- Seničar V, Jerman-Blažič B and Klobučar T (2003). Privacy-enhancing technologies, Computer Standards & Interfaces, 25:2, (147-158), Online publication date: 1-May-2003.
- Benini L, Macii A, Macii E, Omerbegovic E, Poncino M and Pro F A novel architecture for power maskable arithmetic units Proceedings of the 13th ACM Great Lakes symposium on VLSI, (136-140)
- Gassend B, Clarke D, van Dijk M and Devadas S Delay-based circuit authentication and applications Proceedings of the 2003 ACM symposium on Applied computing, (294-301)
- McGraw G (2003). From the Ground Up, IEEE Security and Privacy, 1:2, (59-66), Online publication date: 1-Mar-2003.
- Kraft R Designing a distributed access control processor for network services on the Web Proceedings of the 2002 ACM workshop on XML security, (36-52)
- Vetterling M, Wimmel G and Wisspeintner A Secure systems development based on the common criteria Proceedings of the 10th ACM SIGSOFT symposium on Foundations of software engineering, (129-138)
- Gassend B, Clarke D, van Dijk M and Devadas S Silicon physical random functions Proceedings of the 9th ACM conference on Computer and communications security, (148-160)
- Stajano F Security for whom? the shifting security assumptions of pervasive computing Proceedings of the 2002 Mext-NSF-JSPS international conference on Software security: theories and systems, (16-27)
- Vetterling M, Wimmel G and Wisspeintner A (2002). Secure systems development based on the common criteria, ACM SIGSOFT Software Engineering Notes, 27:6, (129-138), Online publication date: 1-Nov-2002.
- Wood A and Stankovic J (2002). Denial of Service in Sensor Networks, Computer, 35:10, (54-62), Online publication date: 1-Oct-2002.
- Offen R (2002). Desert Island Reading, Automated Software Engineering, 9:4, (405-409), Online publication date: 1-Oct-2002.
- Greenwald S and Schaefer M Assurance in life/nation critical endeavors a panel Proceedings of the 2002 workshop on New security paradigms, (91-96)
- Smetters D and Grinter R Moving from the design of usable security technologies to the design of useful secure applications Proceedings of the 2002 workshop on New security paradigms, (82-89)
- Loughry J and Umphress D (2002). Information leakage from optical emanations, ACM Transactions on Information and System Security, 5:3, (262-289), Online publication date: 1-Aug-2002.
- Knight J (2002). Desert Island Books, Automated Software Engineering, 9:3, (321-334), Online publication date: 1-Aug-2002.
- Knight J Dependability of embedded systems Proceedings of the 24th International Conference on Software Engineering, (685-686)
- Butler S Security attribute evaluation method Proceedings of the 24th International Conference on Software Engineering, (232-240)
- Jürjens J Using UMLsec and goal trees for secure systems development Proceedings of the 2002 ACM symposium on Applied computing, (1026-1030)
- Hall A and Chapman R (2002). Correctness by Construction, IEEE Software, 19:1, (18-25), Online publication date: 1-Jan-2002.
- Jürjens J and Wimmel G Formally Testing Fail-Safety of Electronic Purse Protocols Proceedings of the 16th IEEE international conference on Automated software engineering
- Bond M and Anderson R (2001). API-Level Attacks on Embedded Systems, Computer, 34:10, (67-75), Online publication date: 1-Oct-2001.
- Orłowski C, Cofta P, Wąsik M, Welfler P and Pastuszka J The Use of Group Decision-Making to Improve the Monitoring of Air Quality Transactions on Computational Collective Intelligence XXXIV, (127-145)