Check out the new USENIX Web site. next up previous
Up: A Resilient Access Control Previous: Acknowledgements

References

ALN97
M. Abadi, T. M. A. Lomas, and R. M. Needham. Strengthening passwords. SRC Technical Note 1997-033, Digital Systems Research Center, Palo Alto, CA, September 1997.

And92
R. J. Anderson. UEPS - a second generation electronic wallet. In ESORICS '92, volume 648 of LNCS, pages 411-418. Springer-Verlag, 1992.

And94
R. J. Anderson. Why cryptosystems fail. Communications of the ACM, 37(11):32-40, 1994.

BM92
S. M. Bellovin and M. Merritt. Encrypted key exchange: password-based protocols secure against dictionary attacks. In the 1992 IEEE Symposium on Security and Privacy, pages 72-84, Oakland, CA, 1992.

BM93
S. M. Bellovin and M. Merritt. Augmented encrypted key exchange: a password-based protocols secure against dictionary attacks and password file compromise. In the First ACM Conference on Computer and Communications Security, pages 244-250. ACM SIGSAC, November 1993.

DA97
T. Dierks and C. Allen. The TLS protocol version 1.0. Internet-Draft, IETF, November 1997. ftp://ftp.ietf.org/internet-drafts/draft-ietf-tls-protocol-05.txt

GLNS93
L. Gong, T. M. A. Lomas, R. M. Needham, and J. H. Saltzer. Protecting poorly chosen secrets from guessing attacks. IEEE Journal on Selected Areas in Communications, 11(5):648-656, June 1993.

Hal94
N. M. Haller. The S/Key one-time password system. In ISOC Symosium on Network and Distributed System Security, pages 151-157, San Diego, CA, February 1994. see also IETF RFC 1704, 1760, and 1938.

MTvHZ92
R. Molva, G. Tsudik, E. van Herreweghen, and S. Zatti. Kryptoknight authenication and key distribution system. In ESORICS '92, volume 648 of LNCS, pages 155-174. Springer-Verlag, 1992.

Nee97
R. M. Needham. The changing environment for security protocols. IEEE Network, pages 12-15, May/June 1997.

NS78
R. M. Needham and M. Schroeder. Using encryption for authentication in large networks of computers. Communications of the ACM, 21(12):993-999, 1978.

NT94
B. C. Neuman and T. Ts'o. An authentication service for computer networks. IEEE Communications Magazine, 32(9):33-38, September 1994.

Rub96
A. D. Rubin. Independent one-time passwords. USENIX Computing Systems, 9(1):15-27, 1996.

VM97
VISA and MasterCard. SET Secure Electronic Transaction Specification Formal Protocol Definition 1.0, May 1997.

Ylö96
T. Ylönen. SSH - secure login connection over thr internet. In the 6th USENIX UNIX Security Symposium, pages 37-42, San Jose, CA, June 1996.


next up previous
Up: A Resilient Access Control Previous: Acknowledgements

Jong-Hyeon Lee, Computer Laboratory, University of Cambridge, 1998.