Subject: RISKS DIGEST 13.28

Subject: RISKS DIGEST 13.28
REPLY-TO: [email protected]

RISKS-LIST: RISKS-FORUM Digest Monday 16 March 1992 Volume 13 : Issue 28

FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS
ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Contents:
"British plug in" (Grant Grundler)
Airport parking is expensive, but ... [this is ridiculous] (Tsutomu Shimomura)
Computer-Aided Robbery at Clydesdale Bank (Brian Randell)
X-15 reliability experience (Henry Spencer)
Fly-by-wire SAAB (Brian Randell)
Corporate Strategies for Info Protection, Ethics and Privacy (Sanford Sherizen)
RISKS backlog (PGN)
Re: American Mice (Mouse interference) (Scott Colwell, Rob Warnock, Craig,
Brian Rossmajer, Bob_Frankston)
Registration for IEEE SRSP (Research in Security and Privacy) (Liz Luntzel)

The RISKS Forum is moderated. Contributions should be relevant, sound, in
good taste, objective, coherent, concise, and nonrepetitious. Diversity is
welcome. CONTRIBUTIONS to [email protected], with relevant, substantive
"Subject:" line. Others may be ignored! Contributions will not be ACKed.
The load is too great. **PLEASE** INCLUDE YOUR NAME & INTERNET FROM: ADDRESS,
especially .UUCP folks. REQUESTS please to [email protected].
Vol i issue j, type "FTP CRVAX.SRI.COM<CR>login anonymous<CR>AnyNonNullPW<CR>
CD RISKS:<CR>GET RISKS-i.j<CR>" (where i=1 to 13, j always TWO digits). Vol i
summaries in j=00; "dir risks-*.*<CR>" gives directory; "bye<CR>" logs out.
The COLON in "CD RISKS:" is essential. "CRVAX.SRI.COM" = "128.18.10.1".
<CR>=CarriageReturn; FTPs may differ; UNIX prompts for username, password.
ALL CONTRIBUTIONS CONSIDERED AS PERSONAL COMMENTS; USUAL DISCLAIMERS APPLY.
Relevant contributions may appear in the RISKS section of regular issues
of ACM SIGSOFT's SOFTWARE ENGINEERING NOTES, unless you state otherwise.

----------------------------------------------------------------------

Date: Thu, 12 Mar 92 16:25:55 PST
From: [email protected] (Grant Grundler)
Subject: "British plug in"

This is so absurd I should consider submitting it to rec.humor.funny. My guess
is a lot of companies put plugs on anyway and the law finally caught up - I
just can't imagine it any other way.

The British Plug In (San Jose Mercury News, 2 Feb 1992)

Britain has just announced that makers of electrical appliances in that
country must begin to attaching plugs to the ends of electrical cords.
Britons, for we don't know how long, have been required to buy plugs and
attach them to their new toasters, irons and electrical what have yous.
But now the Royal Society for the Prevention of Accidents, citing its
research into the matter, says it was surprised to learn that "it is common
practice everywhere else in the world to sell electrical goods with a plug
attached."
[And now, a plug for the Royal Society... PGN]

------------------------------

Date: Thu, 12 Mar 92 15:09:34 -0700
From: [email protected] (Tsutomu Shimomura)
Subject: Airport parking is expensive, but ... [this is ridiculous]

One of the San Diego off-airport parking outfits gave me a "time in" ticket
dated February 30 (you can guess the real date). When I returned to retrieve
my car on March 6th, I was presented with a demand for $3771.00 (at $11/day,
$1/hour), to be paid before I was allowed to leave the lot. The garage
attendant decided that this wasn't quite right, reentered the date into his
"computer", and was again told that I was to pay $3771.00. At this point the
manager was called for help (the exit line was getting quite long).

I have a receipt here for $3771.00 for "parking". The travel accounting people
are going to have fun with this one... :-)

Tsutomu Shimomura [email protected]
Los Alamos National Laboratory Los Alamos, NM 87545

------------------------------

Date: Fri, 13 Mar 92 10:09:10 GMT
From: [email protected]
Subject: Computer-Aided Robbery at Clydesdale Bank

The item below is reprinted in its entirety, from today's Independent, a UK
national newspaper. I do not recall any previous reports in RISKS of similar
cases of in-house "high-tech" cash dispenser robbery - but I must admit I have
not followed the stream of cash dispenser stories closely.
Brian Randell
====================

ROBBER 'FOILED BANK SYSTEM'

An electronics expert stole more than (pounds) 17,000 in a high-tech
robbery spree, plundering dozens of accounts from automatic cash dispensers
at banks, Paisley [Scotland] Sheriff Court was told yesterday.

Clydesdale Bank chiefs claimed their dispensing system was foolproof and told
angry customers that members of their own households must have been responsible
for making withdrawals without their knowledge.

Anthony Pratt, 32, a bank engineer, used a hand-held computer inside bank
premises to record transactions being made by customers at "hole-in-the-wall"
machines outside. He recorded the customer's secret number and later used it
on plastic cards he made with magnetic strips. Pratt, of East Kilbride, was
finally arrested after he took cash from a machine in Glasgow. He admitted
conspiracy to rob and robbery. Sentence was deferred for reports until 2 April.

Computing Laboratory, The University, Newcastle upon Tyne, NE1 7RU, UK
[email protected] PHONE = +44 91 222 7923 FAX = +44 91 222 8232

------------------------------

Date: Sun, 15 Mar 92 20:11:54 EST
From: [email protected] (Henry Spencer)
Subject: X-15 reliability experience

On reading the Proceedings of the X-15 First Flight 30th Anniversary
Celebration (NASA CP-3105, Jan 1991), I ran across a section of some relevance
to Risks. Insertions in [] are mine.

In 1962, a very comprehensive, but little known, study was
initiated by Bob Nagle at AFFTC to quantify the benefits of
having a pilot and redundant-emergency systems [this seems to
be essentially a buzzword for "redundant systems"] on a research
vehicle. Each individual malfunction or abnormal event that
occurred after B-52 [X-15 launch aircraft] takeoff for the
first 47 free flights of the X-15 was analyzed. The outcome
of each event was forecast for three hypothetical models;
one with only the pilot but no redundant-emergency systems,
one with only the redundant-emergency systems but with no pilot,
and one with neither the pilot nor redundant-emergency systems
(i.e. single-string [buzzword for no redundancy], unmanned).

[The bar chart of results shows an expected failure rate of over
50% for the "neither" configuration, with many of the failures
destroying aircraft. Adding just a pilot or just redundant systems
produces only small improvements. Adding both takes the failure
rate down to near zero and eliminates aircraft losses.]

[Referring to the graph.] The unmanned, single-string system
would have had 11 additional aborts and resulted in the loss of
15 X-15s. [The actual program built only three!] Not surprising
is the fact that the pilot is of little value in a system
without redundant-emergency systems. He must have some alternate
course available in order to be effective. The redundant-emergency
systems were also found to be of little value in an unmanned
system primarily because the fault detection and switchover logic
must presuppose the type of failure or event. For example, few
designers would have built in a capability to handle an
inadvertent nose gear extension at Mach 4.5.

[That last refers to something that actually happened to an X-15.
Landing gear is normally designed to be extended at a maximum
of a few hundred MPH. Having gear extend at 3000+ MPH is a
horrifying prospect, but the X-15 was landed safely with minor
damage to the aircraft and the pilot unhurt.]

Of more than academic interest was a parallel, but independent,
study conducted by Boeing on the first 60 flights of their
BOMARC missile, an unmanned, single-string, ramjet-powered
interceptor. The authors collaborated on the ground rules for
the study but not on the actual analysis. The similarity of
the results [a virtually identical bar chart] is striking,
especially when considering that the X-15 study was projecting
from a piloted, redundant design to an unpiloted, nonredundant
design, and the BOMARC study was the reverse...

("X-15 Contributions to the X-30", Robert G. Hoey, pp 103-121.)

Henry Spencer at U of Toronto Zoology [email protected] utzoo!henry

------------------------------

Date: Thu, 12 Mar 92 11:03:25 GMT
From: [email protected]
Subject: Fly-by-wire SAAB

The following article appeared in the Wednesday 11 March 1992 issue of The
Independent, a (quality) national paper here in the UK. It is quoted in its
entirety, except for the umlaut over the "a" in "Branneby", without permission.
(On a recent flight I took, as we taxied to the terminal after touch down, the
pilot thanked the passengers for flying with the particular airline, and
pointedly remarked that the safest part of our journey had just been completed
:-)
Brian Randell
=============

COMPUTER SYSTEMS DEVELOPED FOR AIRCRAFT ARE BEING ADAPTED FOR USE ON THE ROAD.

Susan Watts reports

CAR FIRM FORGES AHEAD WITH DRIVE-BY-WIRE PROTOTYPE

SAAB, the Swedish car maker, seems untouched by recent controversy over
fly-by-wire aircraft, and is pressing ahead with plans for a drive-by-wire car.
Fly-by-wire aircraft rely on software controls to a far greater extent than
conventional aircraft. Three fatal crashes of the A320 aircraft have raised
fears over the safety of such systems, and how easy they are to fly.

Saab's parent, the Saab Scania Group, has experience of computer-controlled
transport, having built the Grippen fly-by-wire fighter aircraft. Its
automotive engineers have produced a prototype computer-controlled car. The
Independent took a brief test drive yesterday. The car felt very smooth to
drive, and remarkably easy to handle, although we did only a few miles an hour.

Saab concedes that safety fears could be one of the biggest obstacles to
selling such a radical change in car design. But it predicts that by the time
the car is in production people will be more confident about
computer-controlled transport.

There is no steering wheel, but a joystick to one side of the driver. There is
no mechanical link between the joystick and the wheels a computer intervenes to
control and optimise the hydraulic steering. The car has a back-up control
system that performs the same basic tasks as the computer, but uses traditional
electronics. This is ready to switch into action if any part of the computer
fails, or the driver hits an emergency "stop" button. To steer, the driver
turns the joystick from side to side, and the computer translates this into
wheel movement. The car senses the driver's movements on the joystick,
translates these into the optimum wheel angles and feeds back information to
the driver by altering the response felt through the joystick. At low speeds,
for manoeuvres such as parking, a small movement of the joystick produces a
large change in direction of the wheels. At higher speeds this relationship
changes, so a larger movement of the joystick is needed to shift the wheels.

The prototype has a computer keyboard and flat-screen display in the passenger
seat, so the driver can modify the software to change the "feel" of the
joystick. Per Branneby, the Saab test engineer who heads the steer-by-wire
project, said: "I can make it feel like a go-kart or an American limousine."

The idea is that driving without a steering wheel is physically safer, because
you can fit an airbag where the steering wheel would be and avoid the crushing
injuries often sustained by drivers in accidents.

It should also be safer because the computer and hydraulics in between the
wheels and the joystick filter out "noise" from the road that would normally
make the steering wheel shake and judder such as stones in the road or gusty
winds.

Mr Branneby said drivers get most of the information they need to steer the car
by monitoring sideways forces on their seat. In the Saab car, the computer is
fed data from sensors that tell it about these forces, as well as the car's
speed and acceleration. The car does not sense the environment it is in, so
cannot respond automatically and change its steering to deal with a bumpy or
icy road, or a skid. This is the next stage in Saab's research.

The two-litre Saab 9000 Turbo used to test the active steering has automatic
gears and anti-lock brakes and a conventional accelerator, although Mr Branneby
said these may eventually be linked to the central computer. He does not
envisage production models of cars using steer-by-wire joysticks until 2010 or
2015, although a version with active steering applied to a conventional
steering wheel may come sooner. He also said a production model would probably
have two joysticks one for each arm so the driver can swap the arm in control.

Computing Laboratory, The University, Newcastle upon Tyne, NE1 7RU, UK
[email protected] PHONE = +44 91 222 7923 FAX = +44 91 222 8232

------------------------------

Date: Fri, 13 Mar 92 07:06:38 -0800
From: [email protected]
Subject: Bugging ISDN

------- Forwarded Message

Date: Thu, 12 Mar 92 19:15 GMT
From: Sanford Sherizen <[email protected]>
Subject: Corporate Strategies for Information Protection, Ethics and Privacy

As the Conference Program Director, I would like to invite readers of RISKS to
attend an important upcoming executive briefing entitled

AVOIDING MANAGERIAL LIABILITY: DEVELOPING CORPORATE STRATEGIES FOR
INFORMATION PROTECTION, ETHICS AND PRIVACY

Sunday evening, April 26 and all day Monday, April 27, 1992 at Bentley
College, Waltham, Mass.

Sponsored by the Center for Business Ethics at Bentley College

Managers are on the hotseat. They are increasingly being given responsibilities
for information protection, ethics and privacy issues. The emphasis of this
briefing will be on how managers can best respond to these challenges.

Technological developments are intensifying protection, ethics and privacy as
business problems. The Federal Sentencing Guidelines and other legal decisions
are defining senior managers as directly responsible for developing corporate
conduct rules and programs to deter organizational and employee wrongdoing. The
media and public opinion are more clearly defining appropriate and inappropriate
activities.

Managers need assistance to understand these complex issues and to select
appropriate business policy choices. Those attending this briefing will:

Evaluate information protection, ethics and privacy issues in
managerial/business terms;

Hear successful policy choices, options and tradeoffs;

Learn how to respond appropriately to these issues;

Have an opportunity to network with peers from around the nationa who
are facing similar decisions.

John Poduska, a respected figure in the computer field, will give the keynote
address on Sunday evening. On Monday, there will be overview presentations on
technology, law, and ethics strategies. Joe Murphy, co-editor of Corporate
Conduct Quarterly, will give a luncheon speech on the Federal Sentencing
Guidelines. Small interactive discussion groups will be formed to evaluate
scenario and to discuss specific strategies. The day will end with general
sessions and idea exchanges.

The fee for this exciting day-and-a-half conference will be $300. That includes
the program, a reception, all meals and informative briefing materials.

For further information, contact the Center for Business Ethics, Bentley
College, 175 Forest Street, Waltham, MA 02154-4705, (617) 891-2981. Specific
questions can also be sent to me by E-mail at MCI Mail 396-5782.

Sanford Sherizen, Data Security Systems, Natick, Mass.

------------------------------

Date: Mon, 16 Mar 92 14:45:03 PST
From: RISKS Forum <[email protected]>
Subject: Backlog

The backlog is excessive, I was overly busy, and our computer systems suffered
several outages at times that might otherwise have permitted me to put out
another issue. Sorry for the delay. However, the backlog is mostly second-
and third-order stuff, which may or may not get included in the future,
depending. During the previous week I think I was too permissive, so I am
likely to swing back the other way for a while. Thanks for your patience. PGN

------------------------------

Date: Wed, 11 Mar 92 13:46:09 +1000
From: [email protected] (Scott Colwell)
Subject: Mice do roar! was re: Mouse restrictions on American Airlines

[John Bartlett tells of his encounter with a flight attendant over the
regulations restricting the use of external mice (mouses?)]

Just 2 weeks ago I attended the RFI emission testing of our one of our
X terminals and where did the major emission come from? If you guessed the
mouse then you're right.

A major source of emissions from equipment in the VHF band is the
cables. They act as antennas, radiating whatever noise is on the circuits
that connect to them. Mouse cables are often the worst offender since they
are rarely shielded.

So there is a very definite technological basis for this regulation but
perhaps the problem could be covered better. I would prefer to see the
regulation require that the mouse have FCC class B or CISPR 22 class B
approval if this reduces the RFI levels to suitable levels. If this does
not remove the problem then a new more stringent standard needs to be
developed.

But if a lower level of RFI is required, then why don't the laptops
themselves interfere with navigation instruments ? It is risky in the least
to assume that removing the mouse will turn an FCC class B laptop into a
significantly quieter device.

(By the way, leaving the mouse plugged in will most likely still radiate
regardless of whether it is used or not.)

Scott Colwell
Labtam Australia Pty. Ltd. net: [email protected]
Melbourne, Australia phone: +61-3-587-1444

------------------------------

Date: Mon, 9 Mar 92 08:37:06 GMT
From: [email protected] (Rob Warnock)
Subject: Re: Mouse restrictions on American Airlines (Frankston, RISKS-13.26)

But there very well may be [a difference]. I have seen cases in which
*significant* interference was radiated from an external mouse cable [into a
nearly audio input, as it happened]. All it takes is the airline running into
one such case, and they will tend to ban the entire class of device. Such is
the reasoning which [correctly, in my view] led to the banning quite a few
years ago of "pin printers" on airplanes. When I would ask if I could use my
portable computer [back then it was required that you ask], the answer was
always, "Yes, but not if it has a printer on it." Seems the output drivers for
the pins radiated a lot. These days, the boogyman de jure may be external mice.
I don't doubt that they've seen at least one such case...

Rob Warnock, MS-9U/510 Silicon Graphics, Inc., 2011 N. Shoreline Blvd.,
Mountain View, CA 94039-7311 (415)335-1673 [email protected]

------------------------------

Date: Mon, 9 Mar 92 01:29:08 PST
From: [email protected] (Usenet Newsmaster, [email protected])
Subject: Re: Mouse restrictions on American Airlines (Frankston, RISKS-13.26)

There is a potentially big difference. The wire leading to the mouse could
make a wonderful transmitting antenna through which the RF soup in your
shielded computer might leak out. Remember that it is only by the airline's
good graces that you're allowed to use the computer at all. Electronic devices
such as computers, radios and TV's are all potential sources of RF interference.
Only radios and TVs are typically banned because of the specific way in which
they interfere with VOR recievers. My guess is that American has traced
some interference to the use of a mouse. Other airlines can't be far behind.

Let's find ways to cooperate before the NTSB has to put the use of a mouse as a
probable cause for an accident. I'd rather know that the aircraft's navigation
equipment is working without interference than use a mouse. But then I *am*
typing this on a PowerBook.
--Craig

------------------------------

Date: Sun, 8 Mar 92 14:26:05 EST
From: Brian Rossmajer <[email protected]>
Subject: Risky humour

Several people have mentioned that mouse cords can affect aircraft
instrumentation. What are the known effects of, say, a six-foot mouse cord on
the altimeter of an Airbus 320?

[email protected] (Brian W. Rossmajer)

------------------------------

Date: Mon 9 Mar 1992 09:15 -0500
From: <[email protected]>
Subject: Antennas

To all of you pointing out that a mouse cord can act as an antenna. Yes, I
know it is possible, but was just passing on another's comment and didn't want
to confuse the issue by adding my own editorial commentary.

While I realize that air safety is a crucial issue, the airlines should have
some of the burden of establishing a rational policy . If there is a
significant danger from mouse cords, then they should explain and
substantiate it. Otherwise, I'll confine all my flying to red-eyes since
I'll have to treat airplanes as being good only for sleeping. If I'm awake,
who knows what damage I'd do.

On a slightly more serious note, are the electronics in airplane's all that
fragile? Is a laptop computer really worse than a thunderstorm? Are
camcorders allowed? Handheld LCD games? Flashbulbs? As our electronics
become more mobile, the airlines have an opportunity to be compete the for
the best environment. Some will provide travellers with better ways to work
while travelling while others will offer an electronics-free environment for
relaxation. Of course, the nonE flights would mean you can't even write a
letter home without learning how to write with a pen (remember those?)

------------------------------

Date: Mon, 16 Mar 92 14:47:01 -0800
From: Elizabeth Luntzel <[email protected]>
Subject: Email registration for IEEE SRSP [Program from RISKS-13.05 repeated]

[This is an annual meeting of the security research community,
for serious security folks, and is usually an outstanding
gathering. Space limited, register early. See you there? PGN]

1992 SYMPOSIUM ON RESEARCH IN SECURITY AND PRIVACY, 4-6 May 1992
REGISTRATION INFORMATION

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

7:00am: Registration opens
8:45--9:00: Welcoming Remarks: Deborah Cooper, John McLean

9:00--10:30: DISTRIBUTED SYSTEMS: John Rushby, Session Chair
9:00-- 9:30: On Inter-Realm Authentication in Large Distributed Systems
Virgil Gligor, Shyh-Wei Luan, Joseph Pato
9:30--10:00: Integrating Security in a Group Oriented Distributed System
Michael Reiter, Kenneth Birman, Li Gong
10:00--10:30: Authorization in Distributed Systems: A Formal Approach
Thomas Woo, Simon Lam

11:00--12:00: COVERT CHANNELS: Tom Berson, Session Chair
11:00--11:30: Lattice Scheduling and Covert Channels
Wei-Ming Hu
11:30--12:00: The Influence of Delay Upon an Idealized Channel's Bandwidth
Ira Moskowitz, Allen Miller

12:00--2:00: LUNCH (included in registration)

2:00--3:00: INTEGRITY: Dick Kemmerer, Session Chair
Marshall Abrams, Ed Amoroso, Teresa Lunt, James Williams

3:30--5:00: CRYPTOGRAPHIC PROTOCOLS: Dan Nessett, Session Chair
3:30--4:00: Encrypted Key Exchange: Password-Based Protocols Secure
Against Dictionary Attacks
Steven Bellovin, Michael Merritt
4:00--4:30 On Message Integrity in Cryptographic Protocols
Stuart Stubblebine, Virgil Gligor
4:30--5:00: Roles in Cryptographic Protocols
Einar Snekkenes

5:30 RECEPTION (good food and drinks, on the house)

8:00: POSTER SESSIONS

TUESDAY

9:00--10:30: SECURITY MODELS: George Dinolt, Session Chair
9:00-- 9:30: The Typed Access Matrix Model
Ravi Sandhu
9:30--10:00: A Resource Allocation Model for Denial of Service
Jonathan Millen
10:00--10:30: Non-Monotonic Transformation of Access Rights
Ravi Sandhu, Gurpreet Suri

11:00--12:00: INFORMATION FLOW: Dale Johnson, Session Chair
11:00--11:30 A Logical Approach to Multilevel Security of Probabilistic
Systems
James Gray, Paul Syverson
11:30--12:00 Using Traces of Procedure Calls to Reason About Composability
Catherine Meadows

12:00--2:00: LUNCH (included in registration)

2:00--3:00: INVITED SPEAKER: John McLean, Session Chair
2:00--3:00 Security in Distributed Systems
Butler Lampson

3:30--5:00: CONCURRENCY CONTROL: Tom Haigh, Session Chair
3:30--4:00: A Multilevel Transaction Problem for Multilevel Secure
Database Systems and Its Solution for the Replicated
Architecture
Oliver Costich, John McDermott
4:00--4:30: A Two Snapshot Algorithm for Concurrency Control Algorithm
in Secure Multi-Level Databases
Paul Ammann, Frank Jaeckle, Sushil Jajodia
4:30--5:00: Alternative Correctness Criteria for Concurrent
Execution of Transactions in Multilevel Secure Database
Systems
Sushil Jajodia, Vijayalakshmi Atluri

5:00: MEETING OF THE IEEE Technical Committee on Security and Privacy

8:00: POSTER SESSIONS

WEDNESDAY

9:00--10:30: SYSTEMS: Tanya Korelsky, Session Chair
9:00-- 9:30: Evolution of a Trusted B3 Window System Prototype
Jeremy Epstein, John McHugh, Rita Pascale,
Charles Martin, Douglas Rothnie, Hilarie Orman,
Ann Marmor-Squires, Martha Branstad, Bonnie Danner
9:30--10:00: A Neural Network Component For An Intrusion Detection System
Herve Debar, Monique Becker, Didier Siboni
10:00--10:30: An Optimal Solution to the Secure Reader Writer Problem
Glenn Benson

11:00--12:00: DATABASE SECURITY: John Dobson, Session Chair
11:00--11:30: Security for Object-Oriented Database Systems
Jonathan Millen, Teresa Lunt
11:30---12:00 A Natural Decomposition of Multi-level Relations
Frederic Cuppens, Kioumars Yazdanian

12:00--12:15: AWARDS
12:15: SYMPOSIUM ADJOURNS

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

ADVANCE (Mar/9/92 TO Mar/23/92) MEMBER $230
NONMEMBER $290
STUDENT $ 50

LATE (Mar/24/92 TO Apr/10/92) MEMBER $280
NONMEMBER $360
STUDENT $ 50

Since payment must be in US dollars only, please WIRE FEE to

Account Name: 1992 SYMP on RESRCH SEC & PRIVACY
Bank and Address: Home Savings of America
1800 North Sepulveda Boulevard
Manhattan Beach, CA 90266-9977
Bank Routing Number: 322070006
Bank Account Number: 1369041221

AND fax a copy of the wiring information to Liz Luntzel,
1 415 859-2844, so we know you've paid.

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

You may email the following information to me, [email protected],
to register for the symposium.

Name:
Company:
Mail Stop:
Street Address:
City/State/Zip/Country:
Phone Number:

IEEE or IEEE Computer Society Member Number:

Do You Wish to Present at a Poster Session?

Have you participated in any recent research, development, or evaluation
project in computer Security? If so, please name the project and the area of
computer security:

cut:^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

CLAREMONT RESORT REGISTRATION: (YOU MUST REGISTER DIRECTLY WITH THE
CLAREMONT.) Cut-off Date: April 2, 1992

1992 IEEE Symposium on Research in Security and Privacy, May 4-6, 1992

Check-in time is after 3:00pm; check-out is 12:00 noon

SINGLE:
DOUBLE: (2 persons/1 bed)
DOUBLE DOUBLE (2 persons/2 beds)

All reservations must be accompanied by an advance deposit or credit card
guarantee. You may cancel your individual reservations up to 72 hours prior to
arrival, after which your deposit becomes nonrefundable. The telephone number
of the hotel is: (415)843-3000

To reserve Oakland Airport Transportation, please call 24 hours in advance to
(415)843-3000, x133.

Group Rates: $91 Single $103 Double

Name: (sharing with):

Company/Group:

Street Address:

City/State/Zip/Country::

I WILL ARRIVE ON (DAY) ____ (DATE):____
I WILL DEPART ON (DAY) ____ (DATE):____

I WILL GUARANTEE MY RESERVATION WITH:

ADVANCE DEPOSIT: ____
CREDIT CARD: ____
Type: Expiration Date:

Please mail this section of the form with your payment to:
The Claremont Resort
Ashby & Domingo Avenues
Oakland, CA 94623-0363

cut:^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Delta Airlines, Inc., is offering special fares to the Symposium. These fares
are based on Delta's published round-trip fares within the U.S. and San Juan.
A 5% discount off any published fare (except group, military, government
contract, Visit USA, and Delta's Canadian fares), providing all rules and
conditions of the airfare are met; a 45% discount off the unrestricted Coach
(Y,YN,Y1) fare. Seven days advance reservations and ticketing is required.
Exceptions: Travel from Delta's Canadian cities will apply at 40% discount, and
travel solely on Delta Connection Carriers will appy at a 35% discount. To
take advantage of these discounts, call Delta, or have your travel agent call,
at 1-800-241-6760, for reservations (8-11:00pm EST daily). Refer to file
number H0575. Certain restrictions may apply and seats are limited. These
discounts are available only through Delta's toll-free number.

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

If you need any further information, including an on-line or FAX copy of the
program, please email me. We look forward to seeing you at the Symposium!

Liz Luntzel (Teresa Lunt's Assistant)

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

------------------------------

End of RISKS-FORUM Digest 13.28
************************