Subject: RISKS DIGEST 13.85

Subject: RISKS DIGEST 13.85
REPLY-TO: [email protected]

RISKS-LIST: RISKS-FORUM Digest Tuesday 20 October 1992 Volume 13 : Issue 85

FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS
ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Contents:
First Day Snafu at Pittsburgh Airport (Chuck Weinstock)
US Congress report on INSLAW case (Steve Cisler via Edward Vielmetti)
Re: 15th National Computer Security Conference (David A Willcox)
6th International Computer Security & Virus Conference (Richard W. Lefkon)
ESORICS 92: Preliminary Programme (Yves Deswarte)

The RISKS Forum is moderated. Contributions should be relevant, sound, in
good taste, objective, coherent, concise, and nonrepetitious. Diversity is
welcome. CONTRIBUTIONS to [email protected], with relevant, substantive
"Subject:" line. Others may be ignored! Contributions will not be ACKed.
The load is too great. **PLEASE** INCLUDE YOUR NAME & INTERNET FROM: ADDRESS,
especially .UUCP folks. REQUESTS please to [email protected].

Vol i issue j, type "FTP CRVAX.SRI.COM<CR>login anonymous<CR>AnyNonNullPW<CR>
CD RISKS:<CR>GET RISKS-i.j<CR>" (where i=1 to 13, j always TWO digits). Vol i
summaries in j=00; "dir risks-*.*<CR>" gives directory; "bye<CR>" logs out.
The COLON in "CD RISKS:" is essential. "CRVAX.SRI.COM" = "128.18.10.1".
<CR>=CarriageReturn; FTPs may differ; UNIX prompts for username, password.

For information regarding delivery of RISKS by FAX, phone 310-455-9300
(or send FAX to RISKS at 310-455-2364, or EMail to [email protected]).

ALL CONTRIBUTIONS CONSIDERED AS PERSONAL COMMENTS; USUAL DISCLAIMERS APPLY.
Relevant contributions may appear in the RISKS section of regular issues
of ACM SIGSOFT's SOFTWARE ENGINEERING NOTES, unless you state otherwise.

----------------------------------------------------------------------

Date: Mon, 05 Oct 92 12:12:49 EDT
From: Chuck Weinstock <[email protected]>
Subject: First Day Snafu at Pittsburgh Airport

I left Pittsburgh for a meeting in Chicago on Wednesday, September 30th. I
returned on Friday, October 2nd. In between the old Pittsburgh airport closed
and the new one began to operate. According to a friend who changed planes in
Pittsburgh on opening day (Thursday), things went smoothly. That may have
been true for folks hubbing at the airport, but for those Pittsburgh bound it
apparently was not.

In order to more easily retrieve my car I had parked with one of the
off-airport parking services. Upon return I asked the van driver how things
had gone the day before. He said that everything had gone pretty smoothly,
except for baggage claiming. He said that delays were around 40 minutes in
the morning, but had stretched to two hours by the afternoon. The supposed
reason: the airport has a new automated baggage handling system that reads bar
codes off luggage. A Britsh Air 747 had arrived with uncoded luggage, and the
machinery didn't know how to cope.

Chuck Weinstock

------------------------------

Date: Sat, 10 Oct 92 16:05:48 EDT
From: Edward Vielmetti <[email protected]>
Subject: US Congress report on INSLAW case

To: [email protected]
From: [email protected] (Steve Cisler)
Newsgroups: comp.archives
Subject: U.S. Congress Report on Inslaw case
Keywords: Inslaw, Promis, Dept. of Justice
Date: 10 Oct 92 19:20:50 GMT

OCR version of The U.S. Congress House report, "The Inslaw Affair". Rendered
into electronic file by <[email protected]>

Available on ftp.apple.com in the ftp/alug/rights directory 421 kb.

------------------------------

Date: Tue, 20 Oct 1992 15:36:36 GMT
From: [email protected] (David A Willcox)
Subject: Re: 15th National Computer Security Conference (Mercuri, RISKS-13.85)

>In the quest for tools one encounters the debate on provability and formal top
>level specification. Virgil Gligor referred to "formal top level specification
>as an unmitigated waste of time," saying that data structures and source may
>not map to the top level, there may not be enough relevant details provided,
>and excessive false illegal flows may occur. ...

A point of clarification: He didn't say that formal top level specifications
were a waste of time, but that doing covert channel analysis on them was an
_unmitigated_ (his emphasis) waste of time. His point was that you had to do a
CC analysis on the source code anyway (since channels would appear in code that
didn't show up in the specs). Since any channel found in the analysis of the
spec would also be found in the analysis of the code, and you have to do the
latter, anyway, doing the former is not useful. (This, of course, flies in the
face of the principle that it's much cheaper to find a bug found early in the
development process than late, but that's another discussion. Perhaps doing
the covert channel analysis is more expensive than fixing a specification bug
when you are done with the code.)

On another topic...

I think that the most surprising new proposal came in the session on the FBI's
Digital Telephony Initiative. (This is the proposed legislation that would
require telephone and data transport providers to build wiretap capabilities
into their systemms.) Someone pointed out that the really bad guys would just
use encryption for their data transmission, and that wiretapping wouldn't gain
any information on them. (The FBI doesn't want to deal with encryption right
now. They'll think about that when (if) they get the current proposal passed.)
Dorothy Denning suggested that anyone using high-level encryption over a public
network be required to register their encryption keys with some agency. This
agency would then distribute the keys when an appropriate court order was
presented. The risks of this are fairly obvious.

David A. Willcox, Motorola MCG - Urbana, 1101 E. University Ave., Urbana, IL
61801 217-384-8534 ...!uiucuxc!udc!willcox [email protected]

------------------------------

Date: Sat, 3 Oct 1992 09:31:35 -0700
From: Richard W. Lefkon <[email protected]>
Subject: 6th International Computer Security & Virus Conference

CONFERENCE ANNOUNCEMENT: 6TH INTERNATIONAL COMPUTER SECURITY & VIRUS
(no charge for exhibits only - complete & fax form by 11/27)
Wednesday Thru Friday March 10-12, 1993, New York Ramada

spons by DPMA Fin.Ind.Ch. in coop with ACM-SIGSAC, IEEE Computer Society,
Boston Comp Soc, Comms Mgrs Assn, Corp for Open Systems,
EDP Aud Assn (Ph), Info Sys Sec Assn (NY), NetWare Users Intl (NYLA)

* 5 tracks, 53 Vendors, 90 Speakers (first 24 speakers & chairs below)
* Identify Latest Threats to SNA, DEC, PC, MAC, X.25, OS2, ISDN, UNIXX
* Tools & Techniques: Learn What Major Corp's & Agencies Are Doing
* Specific Countermeasures: From Labs, Other Co's, Commercial Vendors
* Network One-to-One with the Experts & Your Counterparts Elsewhere
* 870-page 1993 bound Proceedings containing all papers
* Breakfast & Beverage breaks, Luncheon, Empire State Building Reception
* Entire Large Floor, Across from Penn Station & Garden, Parking Avail
* Group Prepayment Discount: $975 total for FOUR (4) CONF REGISTRATIONS

PRELIMINARY PROGRAM: 3 TRACKS BELOW, PLUS ONE EACH PC/LAN & MF/COM PRODS.

CIO/SVP Management/Practice Technical & Research Full-Day LAN/LAW

3/10 Wed am courses: Intro Computer Security & Viruses NetWare Setups
1:00 courses: Telecom Managemt Virus Tech Intro: Skulason Vines Setups
dinner: "Why Don't They Nail/Jail 'Em All?" vs. "Viruses as Free Speech"

3/11 Thursday:
9:00 Keynote Address: Seamless Security
10:15 Telecom I: Toll Fraud IBM Security Approach LAN HW/SW Defenses
R.Lefkon, NYU W.Vance, IBM (spkr) P.Peterson, MrtnM
12:00 (Buffet & Restaurant Luncheon Provided)
1:00 Risk Assessmt Panel MAC Attacks I Disinfecting Server
Katzke/Gilbert, NIST J.Paradise, Apple H.Highland,Compulit
2:30 Encryption, RSA, etc. UNIX Security I LAN Policy & Disaster
W.Murray, Deloitte T.Duff, Bell Labs K.van Wyk, CERT/CMU
4:00 TransBorders: EC,Law What's Wrong With AntiVirus Products & Testing
E.Okamoto, MITI G.Drusdow,F.Skulason,A.Solomon,P.Tippett,etc.
6:00 Empire State Building Observatory "MEET THE EXPERTS" Sit-Down Reception

3/12 Friday:
9:00 Publicly Avail Help Tekkies' Delight Intrusion DetectPrev
K.Brunnstein,U.Hamburg F.Cohen, ASP D.Parker, SRI
11:00 MAC II & DEC Attacks UNIX Security II Using CCrime Law, FBI
E.Spafford,(s)Purdue K.Levitt, U.C.Davis J.Bloombecker (s)
1:30 "ET TU HACKER? THE GREAT DEBATE": 9 experts, sometimes heated views,
incl R.Schiffreen, who cracked U.K. Queen's Husband's E-Mailbox
3:15 WAN/Warfare/Telecom II New Research & Ideas Recent CCrime Cases
G.Mallen, Mexico F.Skulason, F-Prot G.Thackeray,Maricopa
4:45 Continuation of Security Product "Shoot-Outs"

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
X X
X SIXTH INTERNATIONAL COMPUTER SECURITY & VIRUS CONFERENCE X
X Wednesday thru Friday March 10-12, 1993, NY Ramada X
X X
X Application for free pass to exhibits (late price: $30.00) X
X Fax to (303) 825-9151 by November 27, 1992 X
X or postmark to Box 894 New York NY 10268 X
X X
X First Name: ______________________ Last: ____________________ X
X X
X Organization: ___________________________ Title: ____________ X
X X
X Street Address: ______________________________________________ X
X X
X City: _____________________ State/Prov: _____ PostCode: _____ X
X X
X Day Telephone: (____) __________ Fax Telphone: __________ X
X X
X OPTIONAL: [_] CHECK IF INTERESTED IN CONF SESSIONS & COURSES X
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

------------------------------

Date: Wed, 14 Oct 1992 16:47:35 +0100
From: [email protected] (Yves Deswarte)
Subject: ESORICS 92: Preliminary Programme

===== Yves Deswarte - LAAS-CNRS & INRIA - 31077 Toulouse (France) =====
==== E-mail:[email protected] - Tel:+33/61336288 - Fax:+33/61336411 ====

ESORICS 92

Final Programme

European Symposium on Research in Computer Security
November 23-25, 1992, Toulouse, France

Computer security is concerned with the protection of information in
environments where there is a possibility of intrusion or malicious
action. The aim of ESORICS is to further the progress of research in
computer security by establishing a European forum for bringing
together researchers in this area, by promoting the exchange of
ideas with system developers and by encouraging links with resear-
chers in related areas. To achieve this aim under the best condi-
tions, ESORICS 92 will be a single track symposium and the selected
papers will be presented in a conference hall whose capacity is 290
attendees. ESORICS 92 is the second symposium of a series started
with ESORICS 90 held in Toulouse in October, 1990.

Symposium Chair: Gerard Eizenberg (ONERA/CERT, France)

Organized by AFCET
In Cooperation with
BCS The British Computer Society
CNRS Centre National de la Recherche Scientifique
DISSI Delegation Interministerielle pour la Securite des Systemes
d'Information
DRET Direction des Recherches Etudes et Techniques
ERCIM European Research Consortium for Informatics and Mathematics
GI Gesellschaft fur Informatik
IEE The Institution of Electrical Engineers
INRIA Institut National de Recherche en Informatique et Automatique
NGI Nederlands Genootschap voor Informatica

PROGRAMME

Monday, November 23, 1992

9:00-10:30 Registration and welcome coffee
10:30-11:00 Introduction to ESORICS 92
11:00-12:30 Session: Access Control (Chair: Jeremy Jacob)
Towards security in an open systems federation (John A. Bull, Li Gong,
Karen R. Sollins)
Type-level access controls for distributed structurally object-oriented
database systems (Udo Kelter)
On the Chinese wall model (Volker Kessler)
12:30-14:15 Lunch
14:15-15:45 Session: Formal Methods (Chair: Brian Randell)
Formal methods and automated tool for timing-channel identification
in TCB source code (Jingsha He, Virgil D. Gligor)
Separating the specification and implementation phases in cryptography
(Marie-Jeanne Toussaint)
Formal specification of security requirements using the theory of
normative positions (Andrew J. I. Jones, Marek Sergot)
15:45-16:15 Break
16:15-17:45 Invited Talks
Roger Needham: Key management
Yvo Desmedt: Breaking the Traditional Computer Security Barriers
18:00-... Buffet
18:30-... Poster Session

Posters:

Schema de protection et systemes d'information (Patrick Trane,
Jean-Marie Place)
ASAX: Universal Tool for Audit Trail Analysis (B. Le Charlier et al.)
Verification of Security Protocols (J.-R. Abrial, P. Bieber,
E. van Wickeren)
Bases de donnees reparties et securite (S. Moalla)
RACE/Securenet Project (D. Karagiannis et al.)
An Approach to the Evaluation of Operational Security of Computing Systems
(M. Dacier, M. Kaaniche)
Software with integrity - the key to secure applications (A. Wood,
N. Poulter)
Smart Cards and Public Key to Accreditations Management
(Didier Angebaud, Pierre Paradinas)
R&D Items on Distributed Systems Security (Manel Medina)
L'enseignement de la securite informatique en France (Michel Dupuy)

Tuesday, November 24, 1992

8:30- 9:00 Welcome coffee
9:00-10:30 Session: Authentication I (Chair: Thomas Beth)
Verification and modelling of authentication protocols (Ralf C. Hauser,
E. Stewart Lee)
KryptoKnight authentication and key distribution system (Refik Molva,
Gene Tsudik, Els Van Herreweghen, Stefano Zatti)
Associating metrics to certification paths (Anas Tarah, Christian Huitema)
10:30-11:00 Break
11:00-12:30 Session: Distributed Systems (Chair: Catherine Meadows)
An object-oriented view of fragmented data processing for fault and
intrusion tolerance in distributed systems (Jean-Charles Fabre,
Brian Randell)
The development and testing of the identity-based conference key
distribution system for the RHODOS distributed system (Michael Wang,
Andrzej Goscinski)
Policy enforcement in stub autonomous domains (Gene Tsudik)
12:30-14:15 Lunch
14:15-15:45 Session: Authentication II
Freshness assurance of authentication protocols (Kwok-Yan Lam,
Dieter Gollmann)
A formal framework for authentication (Colin Boyd)
Timely authentication in distributed systems (Kwok-Yan Lam, Thomas Beth)
15:45-16:15 Break
16:15-17:00 Invited Talk
Yvon Klein: What research for security evaluation ?
17:00-18:15 Panel: Availability and Integrity
Chair: Gerard Eizenberg, Participants: Thomas Beth, Frederic Cuppens,
Sushil Jajodia, Jean-Claude Laprie
18:30-... Poster Session
20:00-... Banquet

Wednesday, November 25, 1992

8:30- 9:00 Welcome coffee
9:00-10:30 Session: Database Security (Chair: Robert Demolombe)
Polyinstantiation for cover stories (Ravi S. Sandhu, Sushil Jajodia)
On transaction processing for multilevel secure replicated databases
(Iwen E. Kang, Thomas F. Keefe)
Security constraint processing in multilevel secure AMAC schemata
(Gunther Pernul)
10:30-11:00 Break
11:00-12:00 Session: System Architectures
M2S: A machine for multilevel security (Bruno d'Ausbourg,
Jean-Henri Llareus)
GDoM, a multilevel document manager (Christel Calas)
12:00-13:45 Lunch
13:45-15:15 Session: Applications (Chair: Michel Dupuy)
UEPS - A second generation electronic wallet (Ross J. Anderson)
A hardware design model for cryptographic algorithms (Joan Daemen,
Rene Govaerts, Joos Vandewalle)
ASAX: Software architecture and rule-based language for universal audit
trail analysis (Naji Habra, B. Le Charlier, A. Mounji, I. Mathieu)
15:15-15:30 Closing Remarks

Programme Committee:
Jean-Jacques Quisquater (UCL, Belgium), Chair
Bruno d'Ausbourg (ONERA-CERT, France)
Joachim Biskup (Universitat Hildesheim, Germany)
Peter Bottomley (RSRE, United Kingdom)
Yvo Desmedt (University of Wisconsin-Milwaukee, USA)
Yves Deswarte (LAAS-CNRS & INRIA, France)
Gerard Eizenberg (ONERA-CERT, France)
Amos Fiat (University of Tel-Aviv, Israel)
Dieter Gollmann (University of London, United Kingdom)
Franz-Peter Heider (GEI, Germany)
Jeremy Jacob (Oxford University, United Kingdom)
Helmut Kurth (IABG, Germany)
Jean-Claude Laprie (LAAS-CNRS, France)
Peter Landrock (Aarhus University, Denmark)
Teresa Lunt (SRI International, USA)
John McDermid (University of York, United Kingdom)
John McLean (NRL, USA)
Catherine Meadows (NRL, USA)
Jonathan Millen (MITRE, USA)
Emilio Montolivo (Fondazione Ugo Bordoni, Italy)
Roger Needham (University of Cambridge, United Kingdom)
Alfredo de Santis (Universita di Salerno, Italy)
Einar Snekkenes (NDRE, Norway)
Marie-Jeanne Toussaint (Universite de Liege, Belgium)
Kioumars Yazdanian (ONERA-CERT, France)

Organization Committee:
Yves Deswarte (LAAS-CNRS & INRIA, France), Chair
Laurent Cabirol (SCSSI, France)
Jean-Francois Cornet (Consultant, France)
Michel Dupuy (ENST, France)
Marie-Therese Ippolito (LAAS-CNRS, France)
Marie-France Kalogera (AFCET, France)
Paul Richy (CNET, France)
Pierre Rolin (ENSTA, France)
Kioumars Yazdanian (ONERA-CERT, France)

GENERAL INFORMATION:

Symposium Location: Hotel Palladia
271 avenue de Grande Bretagne, 31300 Toulouse, France
telephone: +33 62 120 120, fax: +33 62 120 121
Hotel Palladia is located in the west district of Toulouse,
5 km from city centre.

Access to Toulouse:
- By plane: Toulouse-Blagnac International Airport
(telephone: +33 61 42 44 00). Hotel Palladia is 4 km from the
airport. Approximate taxi fare is 50 FF.
- By train: Toulouse-Matabiau railway station (telephone:
+33 61 62 50 50). Bus 14 from railway station to "Chardonnet"
stop (in front of Hotel Palladia). Approximate taxi fare is 70FF.
- By car: Toulouse is linked to the main European road networks.
On the Toulouse ring, direction Auch, exit 1 to Casselardit-
Purpan.

Tourist Information: Office du Tourisme, Donjon du Capitole,
31000 Toulouse, telephone: +33 61 11 02 22

Visa: For non European Community citizens, please check with the
French Consulate in your home country if you need a visa. Visa
applications take approximately 4 weeks to process.

Registration Procedure:
- Advance: Please complete the registration form and send it to
AFCET. About 15 days before the beginning of the symposium,
registered participants will receive their pass, which is to be
presented at the registration desk to receive symposium documents.
- On-Site: Registration desk and welcome service will be available
from 8:30 am to 8:00 pm on Monday 23, to 7:30 pm on Tuesday 24 and
to 4:00 pm on Wednesday 25.
- Fellowships: Applications for half-rate registrations can be sent
to AFCET with due justification. Students wishing to apply for
these fellowships should join a recommendation letter from their
professor.
- Fees: Registrations fees include admission to the technical ses-
sions, one copy of the proceedings, breaks, lunches, Monday buffet
and Tuesday banquet.

Payments: Payments are accepted in French Francs only:
- by credit cards (Visa International or MasterCard only): complete
the charge authorization on the registration form.
- by banker's draft (with indication of your name and ESORICS 92),
to the order of AFCET, bank account 502 650 009-02 at BIMP,
22 rue Pasquier, 75008 Paris, France. Please ask your bank to
arrange the transfer at no cost for the beneficiary. Bank charges,
if any, are at the participant's expense. To guarantee your regis-
tration, enclose a copy of your bank transfer.

Cancellations: Refunds of 50% will be made if a written request is
received before October 23, 1992. No refunds will be made for
cancellations received after this date. In case of symposium
cancellation for reasons beyond its control, AFCET limits its
liability to the registration fees already paid.

Proceedings: ESORICS 92 proceedings will be distributed on-site to
registered participants. Extra copies of ESORICS 92 and ESORICS 90
proceedings will be sold on-site.

Languages: English and French, with simultaneous translation.

Social Event: A dinner banquet will be offered to all registered
participants on Tuesday, November 24, 1992. For accompanying
persons, banquet price is 250 FF.

Post-Symposium Tour: A visit (by bus) of Toulouse, the medieval city
of Carcassonne and their region will be organized on Thursday,
November 26, 1992. If interested, please tick the corresponding
box on the registration form to receive tour information.

Travel Discounts: About 35% reduction for some Air Inter domestic
return flights can be obtained for the Symposium dates. Please
tick the appropriate box on the registration form to receive your
discount voucher.

Hotel Reservations: There are many hotels in Toulouse in every
category. A list of hotels, within walking distance from Hotel
Palladia and offering special prices to ESORICS 92 participants,
is given at the end of this message. For your reservation, please
contact DIRECTLY the hotel of your choice; do not forget to
mention ESORICS 92.

Local Organization: Marie-Therese Ippolito, LAAS-CNRS,
7 avenue du Colonel Roche, 31077 Toulouse (France),
telephone: +33 61 33 62 74, fax: +33 61 55 35 77,
E-mail: [email protected].

REGISTRATION FORM

To be sent to: AFCET - ESORICS 92
156, boulevard Pereire
75017 Paris (France)
Fax : +33 1 42 67 93 12
Telephone: +33 1 47 66 24 19

(Please print)
Name:
First Name:
Company:
Address:

Country:
Telephone : Fax :
Nb of invoices requested:
Invoice(s) to be sent to:

Air Inter Discount
[ ] Please send me an Air Inter discount voucher

Post-Symposium Tour
[ ] Please send me tour information

Poster Session
[ ] I wish to present a poster and I enclose its description.

FEE (18.6% VAT included):

Member: AFCET [ ] BCS [ ] GI [ ] IEE [ ] NGI [ ]
Before October 24, 1992 : 3000 FF [ ]
After October 23, 1992 : 3500 FF [ ]

Non member:
Before October 24, 1992 : 3300 FF [ ]
After October 23, 1992 : 3800 FF [ ]

Accompanying persons for banquet: x 250 FF

TOTAL : FF

PAYMENT (enclosed):

Banker's draft [ ]
Purchase order [ ]
Credit Card Authorization:
I duly authorize you to charge my Visa Intl [ ]
MasterCard [ ]
Expiration : Card Number:
Card holder name:
Signature: Date :

HOTEL LIST

For all reservations, contact DIRECTLY the hotel of your choice,
mentioning ESORICS 92, and confirm your reservation by fax or telex.

Palladia ****
271 avenue de Grande Bretagne, 31300 Toulouse
telephone : +33 62 120 120 fax : +33 62 120 121
single 490 FF, breakfast 70 FF
(Free shuttle available on request from the airport)

Dotel ***
Avenue des Arenes Romaines, 31300 Toulouse
telephone : +33 61 83 83 fax : +33 61 31 00 10
single 320 FF, breakfast included
(Free shuttle available on request from the airport)

Novotel Toulouse Purpan ***
23 Impasse Maubec, 31300 Toulouse
telephone : +33 61 49 34 10 fax : +33 61 49 63 37
single 430 FF, breakfast 47 FF
(Free shuttle available on request from the airport)

Le Grande Bretagne ***
300 avenue de Grande Bretagne, 31300 Toulouse
telephone : +33 61 31 84 85 fax : +33 61 31 87 12
single 390 FF, breakfast included

Campanile Purpan **
33 route de Bayonne, 31300 Toulouse
telephone : +33 61 31 09 09 fax : +33 61 31 09 10
single 240 FF, breakfast 29 FF

Gascogne **
25 allees Charles de Fitte, 31300 Toulouse
telephone : +33 61 59 27 44 telex : 521090F
single 230 FF, breakfast 35 FF
(3 km from Hotel Palladia, bus 14 "Saint-Cyprien" stop)

------------------------------

End of RISKS-FORUM Digest 13.85
************************