Steven M. Bellovin

  • Columbia University, New York City, USA

According to our database1, Steven M. Bellovin authored at least 156 papers between 1986 and 2023.

Collaborative distances:



In proceedings 
PhD thesis 


Online presence:



Reflections on Ten Years Past the Snowden Revelations.
RFC, July, 2023

Is Cybersecurity Liability a Liability?
IEEE Secur. Priv., 2023

What Do We Owe?
IEEE Secur. Priv., 2022

Open Source and Trust.
IEEE Secur. Priv., 2022

Differential Privacy and Swapping: Examining De-Identification's Impact on Minority Representation and Privacy Preservation in the U.S. Census.
Proceedings of the 43rd IEEE Symposium on Security and Privacy, 2022

The Law and Lawful Hacking.
IEEE Secur. Priv., 2021

Bugs in our Pockets: The Risks of Client-Side Scanning.
CoRR, 2021

Encrypted cloud photo storage using Google photos.
Proceedings of the MobiSys '21: The 19th Annual International Conference on Mobile Systems, Applications, and Services, Virtual Event, Wisconsin, USA, 24 June, 2021

Security, Privacy, and Scale.
IEEE Secur. Priv., 2020

Policies on Privacy.
IEEE Secur. Priv., 2020

Making It Easier to Encrypt Your Emails.
login Usenix Mag., 2019

Layered Insecurity.
IEEE Secur. Priv., 2019

Why Joanie Can Encrypt: Easy Email Encryption with Easy Key Management.
Proceedings of the Fourteenth EuroSys Conference 2019, Dresden, Germany, March 25-28, 2019, 2019

Toward a National Cybersecurity Policy.
IEEE Secur. Priv., 2018

The big picture.
Commun. ACM, 2018

Who Are You?
IEEE Secur. Priv., 2017

Jurisdiction and the Internet.
IEEE Secur. Priv., 2017

Limiting the undesired impact of cyber weapons: technical requirements and policy implications.
J. Cybersecur., 2017

A Privacy Analysis of Cross-device Tracking.
Proceedings of the 26th USENIX Security Symposium, 2017

Automated Analysis of Privacy Requirements for Mobile Apps.
Proceedings of the 24th Annual Network and Distributed System Security Symposium, 2017

Easy Email Encryption.
IEEE Secur. Priv., 2016

Attack Surfaces.
IEEE Secur. Priv., 2016

An IBE-based Signcryption Scheme for Group Key Management.
CoRR, 2016

Insecure Surveillance: Technical Issues with Remote Computer Searches.
Computer, 2016

Vernam, Mauborgne, and Friedman: The One-Time Pad and the Index of Coincidence.
Proceedings of the New Codebreakers, 2016

The Key to the Key.
IEEE Secur. Priv., 2015

What a Real Cybersecurity Bill Should Address.
IEEE Secur. Priv., 2015

Keys under doormats: mandating insecurity by requiring government access to all data and communications.
J. Cybersecur., 2015

Keys under doormats.
Commun. ACM, 2015

"I don't have a photograph, but you can have my footprints.": Revealing the Demographics of Location Data.
Proceedings of the 2015 ACM on Conference on Online Social Networks, 2015

Security Requirements for BGP Path Validation.
RFC, August, 2014

What Should Crypto Look Like?
IEEE Secur. Priv., 2014

By Any Means Possible: How Intelligence Agencies Have Gotten Their Data.
IEEE Secur. Priv., 2014

Dr. Strangecode.
IEEE Secur. Priv., 2014

Malicious-Client Security in Blind Seer: A Scalable Private DBMS.
IACR Cryptol. ePrint Arch., 2014

Privee: An Architecture for Automatically Analyzing Web Privacy Policies.
Proceedings of the 23rd USENIX Security Symposium, San Diego, CA, USA, August 20-22, 2014., 2014

Blind Seer: A Scalable Private DBMS.
Proceedings of the 2014 IEEE Symposium on Security and Privacy, 2014

Anonymous Publish-Subscribe Systems.
Proceedings of the International Conference on Security and Privacy in Communication Networks, 2014

Going Bright: Wiretapping without Weakening Communications Infrastructure.
IEEE Secur. Priv., 2013

Walls and Gates.
IEEE Secur. Priv., 2013

Military Cybersomethings.
IEEE Secur. Priv., 2013

Defending against Sequence Number Attacks.
RFC, February, 2012

Privacy and Cybersecurity: The Next 100 Years.
Proc. IEEE, 2012

The Major Cyberincident Investigations Board.
IEEE Secur. Priv., 2012

Fighting the Last War.
IEEE Secur. Priv., 2012

Usable, Secure, Private Search.
IEEE Secur. Priv., 2012

Facebook and privacy: it's complicated.
Proceedings of the Symposium On Usable Privacy and Security, 2012

A study of privacy settings errors in an online social network.
Proceedings of the Tenth Annual IEEE International Conference on Pervasive Computing and Communications, 2012

Privacy Enhanced Access Control for Outsourced Data Sharing.
Proceedings of the Financial Cryptography and Data Security, 2012

IP Traceback.
Proceedings of the Encyclopedia of Cryptography and Security, 2nd Ed., 2011

Measuring Security.
IEEE Secur. Priv., 2011

Security Think.
IEEE Secur. Priv., 2011

Clouds from Both Sides.
IEEE Secur. Priv., 2011

Frank Miller: Inventor of the One-Time Pad.
Cryptologia, 2011

As simple as possible - but not more so.
Commun. ACM, 2011

Policy refinement of network services for MANETs.
Proceedings of the 12th IFIP/IEEE International Symposium on Integrated Network Management, 2011

Computer Security Research with Human Subjects: Risks, Benefits and Informed Consent.
Proceedings of the Financial Cryptography and Data Security, 2011

Private search in the real world.
Proceedings of the Twenty-Seventh Annual Computer Security Applications Conference, 2011

Perceptions and Reality.
IEEE Secur. Priv., 2010

Identity and Security.
IEEE Secur. Priv., 2010

Policy Management for E-Health Records.
Proceedings of the 1st USENIX Workshop on Health Security and Privacy, 2010

High Performance Firewalls in MANETs.
Proceedings of the Sixth International Conference on Mobile Ad-hoc and Sensor Networks, 2010

A Secure and Privacy-Preserving Targeted Ad-System.
Proceedings of the Financial Cryptography and Data Security, 2010

Privacy-Preserving, Taxable Bank Accounts.
Proceedings of the Computer Security, 2010

Guidelines for Specifying the Use of IPsec Version 2.
RFC, February, 2009

Configuration management and security.
IEEE J. Sel. Areas Commun., 2009

Security as a Systems Property.
IEEE Secur. Priv., 2009

The Government and Cybersecurity.
IEEE Secur. Priv., 2009

The dynamic community of interest and its realization in ZODIAC.
IEEE Commun. Mag., 2009

An Anonymous Credit Card System.
Proceedings of the Trust, 2009

The Zodiac Policy Subsystem: A Policy-Based Management System for a High-Security MANET.
Proceedings of the POLICY 2009, 2009

APOD: Anonymous Physical Object Delivery.
Proceedings of the Privacy Enhancing Technologies, 9th International Symposium, 2009

Laissez-faire file sharing: access control designed for individuals at the endpoints.
Proceedings of the 2009 Workshop on New Security Paradigms, 2009

Two-Person Control Administation: Preventing Administation Faults through Duplication.
Proceedings of the 23rd Large Installation System Administration Conference, 2009

Secure anonymous database search.
Proceedings of the first ACM Cloud Computing Security Workshop, 2009

The Insider Attack Problem Nature and Scope.
Proceedings of the Insider Attack and Cyber Security - Beyond the Hacker, 2008

Risking Communications Security: Potential Hazards of the Protect America Act.
IEEE Secur. Priv., 2008

Information Assurance Technology Forecast 2008.
IEEE Secur. Priv., 2008

The Puzzle of Privacy.
IEEE Secur. Priv., 2008

Security by Checklist.
IEEE Secur. Priv., 2008

IMRG workshop on application classification and identification report.
Comput. Commun. Rev., 2008

The physical world and the real world.
Commun. ACM, 2008

An Algebra for Integration and Analysis of Ponder2 Policies.
Proceedings of the 9th IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY 2008), 2008

PAR: Payment for Anonymous Routing.
Proceedings of the Privacy Enhancing Technologies, 2008

Reputation Systems for Anonymous Networks.
Proceedings of the Privacy Enhancing Technologies, 2008

ROFL: routing as the firewall layer.
Proceedings of the 2008 Workshop on New Security Paradigms, 2008

RUST: A Retargetable Usability Testbed for Web Site Authentication Technologies.
Proceedings of the Usability, Psychology, and Security, 2008

Key Change Strategies for TCP-MD5.
RFC, March, 2007

Virtual Private Services: Coordinated Policy Enforcement for Distributed Applications.
Int. J. Netw. Secur., 2007

Seers and Craftspeople.
IEEE Secur. Priv., 2007

DRM, Complexity, and Correctness.
IEEE Secur. Priv., 2007

Internal surveillance, external risks.
Commun. ACM, 2007

Standards Maturity Variance Regarding the TCP MD5 Signature Option (RFC 2385) and the BGP-4 Specification.
RFC, January, 2006

Worm Propagation Strategies in an IPv6 Internet.
login Usenix Mag., 2006

On the Brittleness of Software and the Infeasibility of Security Metrics.
IEEE Secur. Priv., 2006

Unconventional Wisdom.
IEEE Secur. Priv., 2006

Virtual machines, virtual security?
Commun. ACM, 2006

Prerendered User Interfaces for Higher-Assurance Electronic Voting.
Proceedings of the 2006 USENIX/ACCURATE Electronic Voting Technology Workshop, 2006

Privacy & Cryptography.
Proceedings of the 2006 USENIX Annual Technical Conference, Boston, MA, USA, May 30, 2006

Permissive Action Links, Nuclear Weapons, and the History of Public Key Cryptography.
Proceedings of the 2006 USENIX Annual Technical Conference, Boston, MA, USA, May 30, 2006

Deploying a New Hash Algorithm.
Proceedings of the Network and Distributed System Security Symposium, 2006

Guidelines for Cryptographic Key Management.
RFC, June, 2005

Security and Privacy: Enemies or Allies?
IEEE Secur. Priv., 2005

The real national-security needs for VoIP.
Commun. ACM, 2005

Just fast keying: Key agreement in a hostile internet.
ACM Trans. Inf. Syst. Secur., 2004

Privacy-Enhanced Searches Using Encrypted Bloom Filters.
IACR Cryptol. ePrint Arch., 2004

Spamming, phishing, authentication, and privacy.
Commun. ACM, 2004

Nuclear Weapons, Permissive Action Links, and the History of Public Key Cryptography.
Proceedings of the 13th USENIX Security Symposium, August 9-13, 2004, San Diego, CA, USA, 2004

A Look Back at "Security Problems in the TCP/IP Protocol Suite".
Proceedings of the 20th Annual Computer Security Applications Conference (ACSAC 2004), 2004

Security Mechanisms for the Internet.
RFC, December, 2003

On the Use of Stream Control Transmission Protocol (SCTP) with IPsec.
RFC, July, 2003

The Security Flag in the IPv4 Header.
RFC, April, 2003

Design and Implementation of Virtual Private Services.
Proceedings of the 12th IEEE International Workshops on Enabling Technologies (WETICE 2003), 2003

Controlling high bandwidth aggregates in the network.
Comput. Commun. Rev., 2002

Aggregate congestion control.
Comput. Commun. Rev., 2002

Sub-operating systems: a new approach to application security.
Proceedings of the 10th ACM SIGOPS European Workshop, Saint-Emilion, France, July 1, 2002, 2002

Implementing Pushback: Router-Based Defense Against DDoS Attacks.
Proceedings of the Network and Distributed System Security Symposium, 2002

A technique for counting natted hosts.
Proceedings of the 2nd ACM SIGCOMM Internet Measurement Workshop, 2002

Intrusion Tolerant Systems Workshop.
Proceedings of the 2002 International Conference on Dependable Systems and Networks (DSN 2002), 2002

Efficient, DoS-resistant, secure key exchange for internet protocols.
Proceedings of the 9th ACM Conference on Computer and Communications Security, 2002

Computer security - an end state?
Commun. ACM, 2001

Transient Addressing for Related Processes: Improved Firewalling by Using IPV6 and Multiple Addresses per Host.
Proceedings of the 10th USENIX Security Symposium, 2001

Building a Secure Web Browser.
Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference, 2001

Security Risks Of Peer-To-Peer Networking.
Proceedings of the Network and Distributed System Security Symposium, 2001

Tapping on my network door.
Commun. ACM, 2000

Implementing a distributed firewall.
Proceedings of the CCS 2000, 2000

Building Trustworthy Systems: Lessons from the PTN and Internet.
IEEE Internet Comput., 1999

Evolving Telephone Networks.
Commun. ACM, 1999

Transport-Friendly ESP.
Proceedings of the Network and Distributed System Security Symposium, 1999

Why Do We Need More Research?
Proceedings of the Network and Distributed System Security Symposium, 1999

Moat: a Virtual Private Network Appliance and Services Platform.
Proceedings of the 13th Conference on Systems Administration (LISA-99), 1999

Toward the PSTN/Internet Inter-Networking-Pre-PINT Implementations.
RFC, November, 1998

Report of the IAB Security Architecture Workshop.
RFC, April, 1998

Cryptography and the Internet.
Proceedings of the Advances in Cryptology, 1998

The risks of key recovery, key escrow, and trusted third-party encryption.
World Wide Web J., 1997

Network and Internet Security.
Inf. Secur. J. A Glob. Perspect., 1997

Probable Plaintext Cryptanalysis of the IP Security Protocols.
Proceedings of the Network and Distributed System Security Symposium, 1997

Network and Internet Security.
Proceedings of the Computer Science and Engineering Handbook, 1997

Defending Against Sequence Number Attacks.
RFC, May, 1996

Problem Areas for the IP Security Protocols.
Proceedings of the 6th USENIX Security Symposium, San Jose, CA, USA, July 22-25, 1996, 1996

A "bump in the stack" encryptor for MS-DOS systems.
Proceedings of the 1996 Symposium on Network and Distributed System Security, 1996

Session-Layer Encryption.
Proceedings of the 5th USENIX Security Symposium, 1995

Using the Domain Name System for System Break-ins.
Proceedings of the 5th USENIX Security Symposium, 1995

Firewalls and internet security - repelling the wily hacker.
Addison-Wesley professional computing series, Addison-Wesley, ISBN: 978-0-201-63357-3, 1995

On Many Addresses per Host.
RFC, August, 1994

Security Concerns for IPng.
RFC, August, 1994

Firewall-Friendly FTP.
RFC, February, 1994

An attack on the Interlock Protocol when used for authentication.
IEEE Trans. Inf. Theory, 1994

Network firewalls.
IEEE Commun. Mag., 1994

Packets found on an internet.
Comput. Commun. Rev., 1993

Augmented Encrypted Key Exchange: A Password-Based Protocol Secure against Dictionary Attacks and Password File Compromise.
Proceedings of the CCS '93, 1993

There Be Dragons.
Proceedings of the USENIX Summer 1992 Technical Conference, 1992

Encrypted key exchange: password-based protocols secure against dictionary attacks.
Proceedings of the 1992 IEEE Computer Society Symposium on Research in Security and Privacy, 1992

Limitations of the Kerberos authentication system.
Comput. Commun. Rev., 1990

Security problems in the TCP/IP protocol suite.
Comput. Commun. Rev., 1989

PATHALIAS or The Care and Feeding of Relative Addresses.
Proceedings of the USENIX Summer Conference, Altanta, GA, USA, June 1986, 1986