Steven M. Bellovin

According to our database1, Steven M. Bellovin authored at least 146 papers between 1986 and 2019.

Collaborative distances:

Timeline

Legend:

Book 
In proceedings 
Article 
PhD thesis 
Other 

Links

Homepages:

On csauthors.net:

Bibliography

2019
Making It Easier to Encrypt Your Emails.
;login:, 2019

Layered Insecurity.
IEEE Security & Privacy, 2019

Why Joanie Can Encrypt: Easy Email Encryption with Easy Key Management.
Proceedings of the Fourteenth EuroSys Conference 2019, Dresden, Germany, March 25-28, 2019, 2019

2018
Toward a National Cybersecurity Policy.
IEEE Security & Privacy, 2018

The big picture.
Commun. ACM, 2018

2017
Who Are You?
IEEE Security & Privacy, 2017

Jurisdiction and the Internet.
IEEE Security & Privacy, 2017

Limiting the undesired impact of cyber weapons: technical requirements and policy implications.
J. Cybersecurity, 2017

A Privacy Analysis of Cross-device Tracking.
Proceedings of the 26th USENIX Security Symposium, 2017

Automated Analysis of Privacy Requirements for Mobile Apps.
Proceedings of the 24th Annual Network and Distributed System Security Symposium, 2017

2016
Easy Email Encryption.
IEEE Security & Privacy, 2016

Attack Surfaces.
IEEE Security & Privacy, 2016

An IBE-based Signcryption Scheme for Group Key Management.
CoRR, 2016

Insecure Surveillance: Technical Issues with Remote Computer Searches.
IEEE Computer, 2016

Vernam, Mauborgne, and Friedman: The One-Time Pad and the Index of Coincidence.
Proceedings of the New Codebreakers, 2016

Automated Analysis of Privacy Requirements for Mobile Apps.
Proceedings of the 2016 AAAI Fall Symposia, Arlington, Virginia, USA, November 17-19, 2016, 2016

2015
The Key to the Key.
IEEE Security & Privacy, 2015

What a Real Cybersecurity Bill Should Address.
IEEE Security & Privacy, 2015

Keys under doormats: mandating insecurity by requiring government access to all data and communications.
J. Cybersecurity, 2015

Keys under doormats.
Commun. ACM, 2015

Malicious-Client Security in Blind Seer: A Scalable Private DBMS.
Proceedings of the 2015 IEEE Symposium on Security and Privacy, 2015

"I Don't Have a Photograph, But You Can Have My Footprints" - Revealing the Demographics of Location Data.
Proceedings of the Ninth International Conference on Web and Social Media, 2015

2014
Security Requirements for BGP Path Validation.
RFC, August, 2014

What Should Crypto Look Like?
IEEE Security & Privacy, 2014

By Any Means Possible: How Intelligence Agencies Have Gotten Their Data.
IEEE Security & Privacy, 2014

Dr. Strangecode.
IEEE Security & Privacy, 2014

Malicious-Client Security in Blind Seer: A Scalable Private DBMS.
IACR Cryptology ePrint Archive, 2014

Privee: An Architecture for Automatically Analyzing Web Privacy Policies.
Proceedings of the 23rd USENIX Security Symposium, San Diego, CA, USA, August 20-22, 2014., 2014

Blind Seer: A Scalable Private DBMS.
Proceedings of the 2014 IEEE Symposium on Security and Privacy, 2014

Anonymous Publish-Subscribe Systems.
Proceedings of the International Conference on Security and Privacy in Communication Networks, 2014

2013
Going Bright: Wiretapping without Weakening Communications Infrastructure.
IEEE Security & Privacy, 2013

Walls and Gates.
IEEE Security & Privacy, 2013

Military Cybersomethings.
IEEE Security & Privacy, 2013

2012
Defending against Sequence Number Attacks.
RFC, February, 2012

Privacy and Cybersecurity: The Next 100 Years.
Proceedings of the IEEE, 2012

The Major Cyberincident Investigations Board.
IEEE Security & Privacy, 2012

Fighting the Last War.
IEEE Security & Privacy, 2012

Usable, Secure, Private Search.
IEEE Security & Privacy, 2012

Facebook and privacy: it's complicated.
Proceedings of the Symposium On Usable Privacy and Security, 2012

A study of privacy settings errors in an online social network.
Proceedings of the Tenth Annual IEEE International Conference on Pervasive Computing and Communications, 2012

Privacy Enhanced Access Control for Outsourced Data Sharing.
Proceedings of the Financial Cryptography and Data Security, 2012

2011
IP Traceback.
Proceedings of the Encyclopedia of Cryptography and Security, 2nd Ed., 2011

Measuring Security.
IEEE Security & Privacy, 2011

Security Think.
IEEE Security & Privacy, 2011

Clouds from Both Sides.
IEEE Security & Privacy, 2011

Frank Miller: Inventor of the One-Time Pad.
Cryptologia, 2011

As simple as possible - but not more so.
Commun. ACM, 2011

Policy refinement of network services for MANETs.
Proceedings of the 12th IFIP/IEEE International Symposium on Integrated Network Management, 2011

Computer Security Research with Human Subjects: Risks, Benefits and Informed Consent.
Proceedings of the Financial Cryptography and Data Security, 2011

Private search in the real world.
Proceedings of the Twenty-Seventh Annual Computer Security Applications Conference, 2011

2010
Perceptions and Reality.
IEEE Security & Privacy, 2010

Identity and Security.
IEEE Security & Privacy, 2010

Policy Management for E-Health Records.
Proceedings of the 1st USENIX Workshop on Health Security and Privacy, 2010

High Performance Firewalls in MANETs.
Proceedings of the Sixth International Conference on Mobile Ad-hoc and Sensor Networks, 2010

A Secure and Privacy-Preserving Targeted Ad-System.
Proceedings of the Financial Cryptography and Data Security, 2010

Privacy-Preserving, Taxable Bank Accounts.
Proceedings of the Computer Security, 2010

2009
Guidelines for Specifying the Use of IPsec Version 2.
RFC, February, 2009

Configuration management and security.
IEEE Journal on Selected Areas in Communications, 2009

Security as a Systems Property.
IEEE Security & Privacy, 2009

The Government and Cybersecurity.
IEEE Security & Privacy, 2009

The dynamic community of interest and its realization in ZODIAC.
IEEE Communications Magazine, 2009

An Anonymous Credit Card System.
Proceedings of the Trust, 2009

The Zodiac Policy Subsystem: A Policy-Based Management System for a High-Security MANET.
Proceedings of the POLICY 2009, 2009

APOD: Anonymous Physical Object Delivery.
Proceedings of the Privacy Enhancing Technologies, 9th International Symposium, 2009

Laissez-faire file sharing: access control designed for individuals at the endpoints.
Proceedings of the 2009 Workshop on New Security Paradigms, 2009

Two-Person Control Administation: Preventing Administation Faults through Duplication.
Proceedings of the 23rd Large Installation System Administration Conference, 2009

Secure anonymous database search.
Proceedings of the first ACM Cloud Computing Security Workshop, 2009

2008
The Insider Attack Problem Nature and Scope.
Proceedings of the Insider Attack and Cyber Security - Beyond the Hacker, 2008

Risking Communications Security: Potential Hazards of the Protect America Act.
IEEE Security & Privacy, 2008

Information Assurance Technology Forecast 2008.
IEEE Security & Privacy, 2008

The Puzzle of Privacy.
IEEE Security & Privacy, 2008

Security by Checklist.
IEEE Security & Privacy, 2008

IMRG workshop on application classification and identification report.
Computer Communication Review, 2008

The physical world and the real world.
Commun. ACM, 2008

An Algebra for Integration and Analysis of Ponder2 Policies.
Proceedings of the 9th IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY 2008), 2008

PAR: Payment for Anonymous Routing.
Proceedings of the Privacy Enhancing Technologies, 2008

Reputation Systems for Anonymous Networks.
Proceedings of the Privacy Enhancing Technologies, 2008

ROFL: routing as the firewall layer.
Proceedings of the 2008 Workshop on New Security Paradigms, 2008

RUST: A Retargetable Usability Testbed for Web Site Authentication Technologies.
Proceedings of the Usability, Psychology, and Security, 2008

2007
Key Change Strategies for TCP-MD5.
RFC, March, 2007

Virtual Private Services: Coordinated Policy Enforcement for Distributed Applications.
I. J. Network Security, 2007

Seers and Craftspeople.
IEEE Security & Privacy, 2007

DRM, Complexity, and Correctness.
IEEE Security & Privacy, 2007

Internal surveillance, external risks.
Commun. ACM, 2007

2006
Standards Maturity Variance Regarding the TCP MD5 Signature Option (RFC 2385) and the BGP-4 Specification.
RFC, January, 2006

Worm Propagation Strategies in an IPv6 Internet.
;login:, 2006

On the Brittleness of Software and the Infeasibility of Security Metrics.
IEEE Security & Privacy, 2006

Unconventional Wisdom.
IEEE Security & Privacy, 2006

Virtual machines, virtual security?
Commun. ACM, 2006

Prerendered User Interfaces for Higher-Assurance Electronic Voting.
Proceedings of the 2006 USENIX/ACCURATE Electronic Voting Technology Workshop, 2006

Privacy & Cryptography.
Proceedings of the 2006 USENIX Annual Technical Conference, Boston, MA, USA, May 30, 2006

Permissive Action Links, Nuclear Weapons, and the History of Public Key Cryptography.
Proceedings of the 2006 USENIX Annual Technical Conference, Boston, MA, USA, May 30, 2006

Deploying a New Hash Algorithm.
Proceedings of the Network and Distributed System Security Symposium, 2006

2005
Guidelines for Cryptographic Key Management.
RFC, June, 2005

Security and Privacy: Enemies or Allies?
IEEE Security & Privacy, 2005

The real national-security needs for VoIP.
Commun. ACM, 2005

2004
Just fast keying: Key agreement in a hostile internet.
ACM Trans. Inf. Syst. Secur., 2004

Privacy-Enhanced Searches Using Encrypted Bloom Filters.
IACR Cryptology ePrint Archive, 2004

Spamming, phishing, authentication, and privacy.
Commun. ACM, 2004

Nuclear Weapons, Permissive Action Links, and the History of Public Key Cryptography.
Proceedings of the 13th USENIX Security Symposium, August 9-13, 2004, San Diego, CA, USA, 2004

A Look Back at "Security Problems in the TCP/IP Protocol Suite".
Proceedings of the 20th Annual Computer Security Applications Conference (ACSAC 2004), 2004

2003
Security Mechanisms for the Internet.
RFC, December, 2003

On the Use of Stream Control Transmission Protocol (SCTP) with IPsec.
RFC, July, 2003

The Security Flag in the IPv4 Header.
RFC, April, 2003

Design and Implementation of Virtual Private Services.
Proceedings of the 12th IEEE International Workshops on Enabling Technologies (WETICE 2003), 2003

2002
Controlling high bandwidth aggregates in the network.
Computer Communication Review, 2002

Aggregate congestion control.
Computer Communication Review, 2002

Sub-operating systems: a new approach to application security.
Proceedings of the 10th ACM SIGOPS European Workshop, Saint-Emilion, France, July 1, 2002, 2002

Implementing Pushback: Router-Based Defense Against DDoS Attacks.
Proceedings of the Network and Distributed System Security Symposium, 2002

A technique for counting natted hosts.
Proceedings of the 2nd ACM SIGCOMM Internet Measurement Workshop, 2002

Intrusion Tolerant Systems Workshop.
Proceedings of the 2002 International Conference on Dependable Systems and Networks (DSN 2002), 2002

2001
Computer security - an end state?
Commun. ACM, 2001

Transient Addressing for Related Processes: Improved Firewalling by Using IPV6 and Multiple Addresses per Host.
Proceedings of the 10th USENIX Security Symposium, 2001

Building a Secure Web Browser.
Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference, 2001

Efficient, DoS-Resistant, Secure Key Exchange for Internet Protocols.
Proceedings of the Security Protocols, 2001

Security Risks Of Peer-To-Peer Networking.
Proceedings of the Network and Distributed System Security Symposium, 2001

2000
Tapping on my network door.
Commun. ACM, 2000

Implementing a distributed firewall.
Proceedings of the CCS 2000, 2000

1999
Building Trustworthy Systems: Lessons from the PTN and Internet.
IEEE Internet Computing, 1999

Evolving Telephone Networks.
Commun. ACM, 1999

Transport-Friendly ESP.
Proceedings of the Network and Distributed System Security Symposium, 1999

Why Do We Need More Research?
Proceedings of the Network and Distributed System Security Symposium, 1999

Moat: a Virtual Private Network Appliance and Services Platform.
Proceedings of the 13th Conference on Systems Administration (LISA-99), 1999

1998
Toward the PSTN/Internet Inter-Networking-Pre-PINT Implementations.
RFC, November, 1998

Report of the IAB Security Architecture Workshop.
RFC, April, 1998

Cryptography and the Internet.
Proceedings of the Advances in Cryptology, 1998

1997
The risks of key recovery, key escrow, and trusted third-party encryption.
World Wide Web Journal, 1997

Network and Internet Security.
Information Systems Security, 1997

Probable Plaintext Cryptanalysis of the IP Security Protocols.
Proceedings of the Network and Distributed System Security Symposium, 1997

Network and Internet Security.
Proceedings of the Computer Science and Engineering Handbook, 1997

1996
Defending Against Sequence Number Attacks.
RFC, May, 1996

Problem Areas for the IP Security Protocols.
Proceedings of the 6th USENIX Security Symposium, San Jose, CA, USA, July 22-25, 1996, 1996

A "bump in the stack" encryptor for MS-DOS systems.
Proceedings of the 1996 Symposium on Network and Distributed System Security, 1996

1995
Session-Layer Encryption.
Proceedings of the 5th USENIX Security Symposium, 1995

Using the Domain Name System for System Break-ins.
Proceedings of the 5th USENIX Security Symposium, 1995

Firewalls and internet security - repelling the wily hacker.
Addison-Wesley professional computing series, Addison-Wesley, ISBN: 978-0-201-63357-3, 1995

1994
On Many Addresses per Host.
RFC, August, 1994

Security Concerns for IPng.
RFC, August, 1994

Firewall-Friendly FTP.
RFC, February, 1994

An attack on the Interlock Protocol when used for authentication.
IEEE Trans. Information Theory, 1994

1993
Packets found on an internet.
Computer Communication Review, 1993

Augmented Encrypted Key Exchange: A Password-Based Protocol Secure against Dictionary Attacks and Password File Compromise.
Proceedings of the CCS '93, 1993

1992
There Be Dragons.
Proceedings of the USENIX Summer 1992 Technical Conference, 1992

Encrypted key exchange: password-based protocols secure against dictionary attacks.
Proceedings of the 1992 IEEE Computer Society Symposium on Research in Security and Privacy, 1992

1991
Limitations of the Kerberos Authentication System.
Proceedings of the Usenix Winter 1991 Conference, Dallas, TX, USA, January 1991, 1991

1986
PATHALIAS or The Care and Feeding of Relative Addresses.
Proceedings of the USENIX Summer Conference, Altanta, GA, USA, June 1986, 1986


  Loading...