Friday, September 13, 2002

[Enhyper Financial Crypto Library] News for 13-Sep-200

Web Services Links & Resources(added: 6-Sep-2002)

Researched directory of internet resources for .NET and XML Web Services

The Information Hiding Homepage(added: 9-Sep-2002)

fabien a. p. petitcolas's Digital Watermarking & Steganography Homepage.

Thirty Years Later: Lessons from the Multics Security Evaluation (added: 10-Sep-2002)$File/RC22534.pdf

The bottom-line conclusion was that “restructuring is
essential” around a verifiable “security kernel” before
using Multics (or any other system) in an open environment
(as in today’s Internet) with the existence of well-
motivated professional attackers employing subversion. The
lessons learned from the vulnerability assessment are highly
applicable today as governments and industry strive
(unsuccessfully) to “secure” today’s weaker operating
systems through add-ons, “hardening”, and intrusion
detection schemes.

Strange Attractors and TCP/IP Sequence Number Analysis (added: 12-Sep-2002)

We consider the problem of inserting a malicious packet into
a TCP connection, as well as establishing a TCP connection
using an address that is legitimately used by another
machine. We introduce the notion of a Spoofing Set as a way
of describing a generalized attack methodology. We also
discuss a method of constructing Spoofing Sets that is based
on Phase Space Analysis and the presence of function