O Computer Security Resources O
Valerie J. H. Powell, RT(R), PhD, C&IS, RMU

& About public key encryption: Stephen Levy, Crypto : how the code rebels beat the government-- saving privacy in the digital age (Viking Penguin, 2002). RMU Libraries
005.8 L668c 2002 : See also http://mosaic.echonyc.com/~steven/crypto.html and review "Crypto: Three Decades in Review" by Declan McCullagh in Wired (2001): http://www.wired.com/news/politics/0,1283,41071,00.html

& William Stallings, Cryptography and network security: principles and practice (Prentice Hall, 1999) RMU Libraries 005.8 S782c 1999

& Bruce Schneier, Secrets and Lies: Digital Security in a Networked World RMU Libraries 005.8/S359s 2000

O Carolyn P. Meinel, "How Hackers Break In," Scientific American (October 1998): 98-105.

O Security issues related to international domain names - see: Wendy M. Grossman, URLs in Urdu? - International Domain Names Pose a New Security Rick, Scientific American (June 2002): 21, 25.

: RSA exercise (Richard Holowczak, Baruch College, CUNY): http://cisnet.baruch.cuny.edu/holowczak/classes/9444/rsademo/

: RSA exercise (Cary Sullivan and Rummy Makmur, Oregon State): http://oregonstate.edu/dept/honors/makmur/

: RSA exercise (Roger Morrison, Oregon State): http://islab.oregonstate.edu/koc/ece575/02Project/Mor/

: RSA page: http://www.rsasecurity.com/

: CERT Coordination Center: http://www.cert.org/

: CERIAS Center for Education and Research in Computer Assurance and Security, Purdue University: http://www.cerias.purdue.edu/

: CRA Computing Research Association: http://www.cra.org/home.html - see security topics

: Journal of Computer Security: http://www.csl.sri.com/programs/security/jcs/

: Encyclopedia of Computer Security: http://www.itsecurity.com/

: (US) NIST Computer Security Site: http://csrc.nist.gov/

: (US) DoE Computer Incident Advisory Capability (CIAC) Site: http://ciac.llnl.gov/ciac/

: (US) NIH Computer Security Site: http://www.alw.nih.gov/Security/security.html

: (UK Academic) Computer Security Research Centre Site: http://csrc.lse.ac.uk/default.asp

: Related Site: http://www.happyhacker.org

: AntiOnline Site: http://www.antionline.com/

: VoIP and Security

·        VoIP security a moving target,” bNetwork World, 10/25/2004: http://www.nwfusion.com/news/2004/102504von.html

·        VoIP Security: Not an Afterthought,” by Douglas C. Sicker and Tom Lookabaugh, ACM Queue 2, 6 (September 2004): http://acmqueue.com/modules.php?name=Content&pa=showpage&pid=209

·        “Voice over Internet Protocol (VoIP) Security Technical Implementation Guide, Version 1, Release 1, 13 January 2004: http://csrc.nist.gov/pcig/STIGs/VoIP-STIG-V1R1R-4PDF.pdf (Defense Information Systems Agency (DISA))

·        VoIP security, 'spit' concern experts,” by Mark Baard, SearchSecurity.com (28 Oct 2004): http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1020417,00.html

·        “VOIP: Don't overlook security,” by Jaikumar Vijayan, ComputerWorld, 10/7/2002 http://www.computerworld.com/securitytopics/security/story/0,10801,74840,00.html

·        “Cisco tightens VoIP security: Encryption for both high- and low-end phones..,” silicon.com, by Marguerite Reardon, 10/26/2004: http://networks.silicon.com/telecoms/0,39024659,39125297,00.html

·        Spam, DoS Headed VoIP's Way,” By Susan Kuchinskas, internetnews.com 8/23/2004: http://www.internetnews.com/infra/article.php/3398331

O Security articles in “Homeland Security” issue of CACM: Communications of the ACM 47, 3 (March 2004).

O "How Computer Security Works" articles on...

Firewalls (by William Cheswick and Steven M. Bellovin)

Digital Certificates (by Warwick Ford)

The Java Sandbox (by James Gosling)

...in Scientific American (October 1998): 106-109.

O Philip R. Zimmerman, "Cryptography for the Internet," Scientific American (October 1998): 110-115

O Ronald L. Rivest, "The Case Against Regulating Encryption Technology", Scientific American (October 1998): 116-117.

: Scientific American Site: http://www.sciam.com/