Richard E. Smith

Bio: Richard E. Smith is an academic researcher from University of Minnesota. The author has contributed to research in topics: Robot & The Internet. The author has an hindex of 11, co-authored 21 publications receiving 588 citations. Previous affiliations of Richard E. Smith include Secure Computing & University of St. Thomas (Minnesota).

Authentication: From Passwords to Public Keys

Abstract: Computer access control is an ongoing challenge. Left to themselves, computers tend to treat one user no differently than another. Computers use authentication to confidently associate an identity with a person. Authentication: From Passwords to Public Keys gives readers a clear understanding of what an organization needs to reliably identify its users and how different techniques for verifying identity are executed. Authentication is one of the basic building blocks of security. To allow a computer system to distinguish between legitimate users and others, most sites give passwords to authorized users. Unfortunately, just as car thieves have found ways to defeat sophisticated locks and alarms, computer hackers are always finding new ways to circumvent password systems. The good news is that organizations now have available to them a broad range of alternatives to passwords, and a variety of ways to make passwords safer. A well-designed authentication system allows users to prove their identities conveniently and gain access to the network without threatening the safety of the organization. The first of its kind, Authentication describes the entire range of authentication methods used today. It examines situations in which certain techniques fail and points out ways to strengthen them. Network professionals, designers, developers, administrators, planners, and managers will find in these pages the authentication strategy to protect their valuable systems. Through diagrams and examples, the author thoroughly explains the technical concepts behind authentication, focusing on existing, off-the-shelf solutions to security problems. Authentication highlights real products and solutions. If you are a network professional searching for the how and why of computer authentication, this is the book that will help you prevent unauthorized access on your network.

Internet cryptography

Abstract: Never doubt with our offer, because we will always give what you need. As like this updated book, you may not find in the other place. But here, it's very easy. Just click and download, you can own the internet cryptography. When simplicity will ease your life, why should take the complicated one? You can purchase the soft file of the book right here and be member of us. Besides this book, you can also find hundreds lists of the books from many sources, collections, publishers, and authors in around the world.

Cost profile of a highly assured, secure operating system

Abstract: The Logical Coprocessing Kernel (LOCK) began as a research project to stretch the state of the art in secure computing by trying to meet or even exceed the “A1” requirements of the Trusted Computer System Evaluation Criteria (TCSEC). Over the span os seven years, the project was transformed into an effort to develop and deploy a product: the Standard Mail Guard (SMG). Since the project took place under a US government contract, the development team needed to maintain detailed records of the time spent on the project. The records from 1987 to 1992 have been combined with information about software code size and error detection. This information has been used to examine the practical impacts of high assurance techniques on a large-scale software development program. Tasks are associated with the A1 formal assurance requirements added approximately 58% to the development cost of security-critical software. In exchange for these costs, the formal assurance tasks (formal specifications, proofs, and specification code correspondence) uncovered 68% of the security flaws detected in LOCK's critical security mechanisms. However, a study of flaw detection during the SMG program found that only 14% of all flaws detected were of the type that could be detected using formal assurance, and that the work of the formal assusrance team only accounted for 19% of all flaws detected. While formal assurance is clearly effective at detecting flaws, its practicality hinges on the degree to which the formally modeled system properties represent all of a system's esential properties.

A Contemporary Look at Saltzer and Schroeder's 1975 Design Principles

Abstract: In 1975, Jerome Saltzer and Michael Schroeder published "The Protection of Information in Computer Systems," which outlined a series of design principles for secure systems. Some principles, like separation of privilege and least privilege, have become staples of information security practice. Other principles, like simplicity and complete mediation, have failed to thrive. Attempts to codify information security principles for general practice have also failed to thrive. With a few exceptions, modern textbooks either entirely omit lists of principles or present only the 1975 list. Although such lists might provide useful, if incomplete, guidelines for practitioners, their principal value might be in teaching students the fundamental concepts of information security.

Intramolecular dipolar cycloaddition reactions of azomethine ylides.

Abstract: It was in 1963 that Huisgen laid out the classification of 1,3-dipoles and the concepts for 1,3-dipolar cycloaddition reactions, although it was not until 1976 that the first intramolecular 1,3-dipolar cycloaddition reaction of an azomethine ylide was reported. Since then, impressive developments have been described in this area, with the establishment of various useful methods for the formation of azomethine ylides and the determination of the requirements for a successful intramolecular cycloaddition reaction. Use of this methodology for the synthesis of pyrrolidineand pyrrole-containing natural products has been expanding rapidly. This review aims to describe the background and mechanisms of azomethine ylide formation and intramolecular cycloaddition, giving a critical account including the very first example and covering to early 2005. It is hoped that this review will be a useful resource for chemists interested in cycloaddition reactions and will inspire further exciting developments in this area. Cycloaddition reactions are one of the most important class of reactions in synthetic chemistry. Within * Corresponding author. Tel: +44 (0)114 222 9428. Fax: +44 (0)114 222 9346. E-mail: i.coldham@sheffield.ac.uk. † University of Sheffield. ‡ Tripos Discovery Research Ltd. Iain Coldham (b. 1965) is a Reader in Organic Chemistry at the University of Sheffield. He obtained his undergraduate degree and Ph.D. from the University of Cambridge, completing his Ph.D. in 1989 under the supervision of Stuart Warren. After postdoctoral studies at the University of Texas with Philip Magnus, he joined the staff in 1991 at the University of Exeter, U.K. In 2003, he moved to the University of Sheffield where he is involved in research on chiral organolithium compounds and on dipolar cycloaddition reactions in synthetic organic chemistry.

Comparing passwords, tokens, and biometrics for user authentication

Abstract: For decades, the password has been the standard means for user authentication on computers. However, as users are required to remember more, longer, and changing passwords, it is evident that a more convenient and secure solution to user authentication is necessary. This paper examines passwords, security tokens, and biometrics-which we collectively call authenticators-and compares these authenticators and their combinations. We examine their effectiveness against several attacks and suitability for particular security specifications such as compromise detection and nonrepudiation. Examples of authenticator combinations and protocols are described to show tradeoffs and solutions that meet chosen, practical requirements. The paper endeavors to offer a comprehensive picture of user authentication solutions for the purposes of evaluating options for use and identifying deficiencies requiring further research.

System and method for providing context sensitive recommendations to digital services

Abstract: A system and method is disclosed to provide recommendations to a wireless device, based on stored bookmark/short-cut data. When a wireless device accesses services, data pertaining to the service access, along with any context related information is transmitted within the wireless device, or to a remote server. The data is processed in conjunction with bookmarks/short-cuts specified within the device, and are organized and presented to the wireless device in accordance with preference instructions specified within the wireless device.

Using trust for secure collaboration in uncertain environments

Abstract: The SECURE project investigates the design of security mechanisms for pervasive computing based on trust. It addresses how entities in unfamiliar pervasive computing environments can overcome initial suspicion to provide secure collaboration.