%%% -*-BibTeX-*-
%%% ====================================================================
%%%  BibTeX-file{
%%%     author          = "Jeremy Epstein",
%%%     version         = "1.05",
%%%     date            = "26 October 2010",
%%%     time            = "14:54:47 MDT",
%%%     filename        = "epstein.bib",
%%%     address         = "TRW Systems Division
%%%                        1 Federal Systems Park Drive
%%%                        Fairfax, VA 22033
%%%                        USA",
%%%     telephone       = "+1 703 803 4947",
%%%     checksum        = "24168 343 1546 13512",
%%%     email           = "epstein at trwacs.fp.trw.com (Internet)",
%%%     codetable       = "ISO/ASCII",
%%%     keywords        = "bibliography, X Window System, security",
%%%     license         = "public domain",
%%%     supported       = "no",
%%%     docstring       = "This is a bibliography of Windowing Systems
%%%                        and Security, originally published in The X
%%%                        Resource, 4(1), 103--108, Fall 1992.
%%%
%%%                        The checksum field above contains a CRC-16
%%%                        checksum as the first value, followed by the
%%%                        equivalent of the standard UNIX wc (word
%%%                        count) utility output of lines, words, and
%%%                        characters.  This is produced by Robert
%%%                        Solovay's checksum utility.",
%%%  }
%%% ====================================================================

@Preamble{"\input path.sty"}

@TechReport{Bellcore:GRX92,
  author =       "Bellcore",
  title =        "Generic Requirements for {X} {Window} {System}
                 Security",
  institution =  "Framework Technical Advisory",
  number =       "FA-STS-991324",
  month =        jun # " 30",
  year =         "1992",
  note =         "Describes some of the problems associated with X in a
                 commercial environment, and specifies solutions
                 including Kerberos. Also talks about auditing in X.",
}

@TechReport{Boeing:XWE88,
  author =       "Boeing",
  title =        "{X} Windows Enhancements",
  institution =  "Boeing",
  number =       "Software Technology for Adaptable Reliable Systems
                 (STARS), Technical Report QTASK 13",
  month =        dec # " 23",
  year =         "1988",
  note =         "Probes issues in moving X from being written in C to
                 being written in Ada and some security enhancements
                 that could be made to the X server.",
}

@InProceedings{Carson:XMW90,
  author =       "Mark Carson and Janet Cugini",
  title =        "An {X11}-based {Multilevel} {Window} {System}
                 Architecture",
  booktitle =    "Proceedings of the Autumn 1990 EUUG Technical
                 Conference",
  address =      "Nice, France",
  year =         "1990",
  note =         "A preliminary architecture of the X portion of IBM's
                 CMW.",
}

@InProceedings{Carson:SWS89,
  author =       "Mark {Carson, et. al.}",
  title =        "Secure Window Systems for {UNIX}",
  booktitle =    "Proceedings of the USENIX Winter 1989 Conference",
  address =      "San Diego, CA, USA",
  month =        jan,
  year =         "1989",
  note =         "An architecture for a CMW based on Trusted XENIX and
                 a text-based windowing system. Also mentions some X
                 related issues.",
}

@InProceedings{Epstein:TXW90,
  author =       "Jeremy Epstein and Marvin Shugerman",
  title =        "A {Trusted} {X} {Window} {System} Server for
                 {Trusted} {Mach}",
  booktitle =    "Proceedings of the USENIX Mach Conference",
  address =      "Burlington, VT, USA",
  month =        oct,
  year =         "1990",
  note =         "This paper describes the initial architecture of the
                 Trusted X Window System prototype developed at TRW.
                 This paper was superseded by the paper at the Seventh
                 Annual Computer Security Applications Conference
                 \cite{Epstein:PBT91}.",
}

@InProceedings{Epstein:PTX90,
  author =       "Jeremy Epstein",
  title =        "A Prototype for {Trusted} {X} Labeling Policies",
  booktitle =    "Proceedings of the Sixth Annual Computer Security
                 Applications Conference",
  address =      "Tucson, AZ, USA",
  month =        dec,
  year =         "1990",
  note =         "A discussion of visible labeling issues, not specific
                 to X, but applicable to any windowing environment.",
}

@InProceedings{Epstein:TXI91,
  author =       "Jeremy Epstein and Jeffrey Picciotto",
  title =        "Trusting {X}: Issues in Building {Trusted} {X} Window
                 Systems -or- What's not Trusted About {X}?",
  booktitle =    "Proceedings of the 14th Annual National Computer
                 Security Conference",
  address =      "Washington, DC, USA",
  month =        oct,
  year =         "1991",
  note =         "A survey of the issues involved in building trusted X
                 systems, especially of the multi-level secure
                 variety.",
}

@Article{Epstein:IBT91,
  author =       "Jeremy Epstein and Jeffrey Picciotto",
  title =        "Issues in Building {Trusted} {X} {Window} {Systems}",
  journal =      "The X Resource",
  volume =       "1",
  number =       "1",
  month =        "Fall",
  year =         "1991",
  note =         "A revision of the previous paper
                 \cite{Epstein:TXI91}, aimed at an audience which is X
                 literate, but security ignorant.",
}

@InProceedings{Epstein:PBT91,
  author =       "Jeremy {Epstein, et. al.}",
  title =        "A Prototype {B3} {Trusted} {X} {Window} {System}",
  booktitle =    "Proceedings of the Seventh Annual Computer Security
                 Applications Conference",
  address =      "San Antonio, TX, USA",
  month =        dec,
  year =         "1991",
  note =         "The architecture for TRW's high assurance multi-level
                 secure X prototype.",
}

@InProceedings{Epstein:ETB92,
  author =       "Jeremy {Epstein, et. al.}",
  title =        "Evolution of a {Trusted} {B3} {Window} {System}
                 Prototype",
  booktitle =    "Proceedings of the 1992 IEEE Symposium on Research in
                 Security and Privacy",
  address =      "Oakland, CA, USA",
  month =        may,
  year =         "1992",
  note =         "The history of the design and tradeoffs taken in
                 TRW's prototype.",
}

@InProceedings{Faden:RCR91,
  author =       "Glenn Faden",
  title =        "Reconciling {CMW} Requirements with Those of {X11}
                 Applications",
  booktitle =    "Proceedings of the 14th Annual National Computer
                 Security Conference",
  address =      "Washington, DC, USA",
  month =        oct,
  year =         "1991",
  note =         "Architecture of the windowing portion of Sun's CMW.",
}

@TechReport{Graubart:CMW91,
  author =       "R. D. Graubart and J. L. Berger and J. P. L.
                 Woodward",
  title =        "Compartmented Mode, Workstation Evaluation Criteria,
                 Version 1",
  number =       "MTR 10953 (also published by the Defense Intelligence
                 Agency as document DDS-2600-6243-91)",
  institution =  "The MITRE Corporation",
  address =      "Bedford, MA, USA",
  month =        jun,
  year =         "1991",
  note =         "Revised requirements for the CMW, including a
                 description of what they expect for Trusted X.",
}

@TechReport{Khera:SXW90,
  author =       "Vivek Khera",
  title =        "The Secure {X} Window Server",
  institution =  "Microelectronics Center of North Carolina",
  number =       "TR90-54",
  year =         "1990",
  note =         "Description of Khera's Kerberized X Window Server
                 developed at MCNC. Also discusses security of X in
                 general. Available via anonymous ftp from
                 \path|cs.duke.edu:dist/papers/khera|.",
}

@InProceedings{Kurak:CNI92,
  author =       "Charles Kurak and John McHugh",
  title =        "A Cautionary Note on Image Downgrading",
  booktitle =    "Proceedings of the Eighth Annual Computer Security
                 Applications Conference",
  address =      "San Antonio, TX, USA",
  month =        dec,
  year =         "1992",
  note =         "A discussion of problems involved in viewing images,
                 particularly as it applies to multi-level windowing.",
}

@InProceedings{McIlroy:MWS88,
  author =       "D. McIlroy and J. Reeds",
  title =        "Multilevel Windows on a Single-level Terminal",
  booktitle =    "Proceedings of the (First) USENIX Security Workshop",
  address =      "Portland, OR, USA",
  month =        aug,
  year =         "1988",
  note =         "Describes a prototype of modifications to the
                 Teletype 5620 and driving software to allow
                 multi-level windows. Also explains some of the
                 limitations of the method.",
}

@InProceedings{Pascale:VWS92,
  author =       "Rita Pascale and Jeremy Epstein",
  title =        "Virtual Window Systems: {A} New Approach to
                 Supporting Concurrent Heterogeneous Windowing Systems",
  booktitle =    "Proceedings of the USENIX Summer 1992 Conference",
  address =      "San Antonio, TX, USA",
  month =        jul,
  year =         "1992",
  note =         "A generalization of TRW's prototype to non-security
                 applications.",
}

@InProceedings{Picciotto:TTC91,
  author =       "Jeffrey Picciotto",
  title =        "Towards Trusted Cut and Paste in the {X} {Window}
                 {System}",
  booktitle =    "Proceedings of the Seventh Annual Computer Security
                 Applications Conference",
  address =      "San Antonio, TX, USA",
  month =        dec,
  year =         "1991",
  note =         "A discussion of the security problems associated with
                 cut and paste in multi-level secure versions of X.",
}

@TechReport{Picciotto:TXW90,
  author =       "Jeffrey Picciotto",
  title =        "{Trusted} {X} {Window} {System}",
  number =       "MTP 288",
  institution =  "The MITRE Corporation",
  month =        feb,
  year =         "1990",
  note =         "A detailed explanation of MITRE's CMW prototype.",
}

@InProceedings{Picciotto:CTX92,
  author =       "Jeffrey Picciotto and Jeremy Epstein",
  title =        "A Comparison of {Trusted} {X} Security Policies,
                 Architectures, and Interoperability",
  booktitle =    "Proceedings of the Eighth Annual Computer Security
                 Applications Conference",
  address =      "San Antonio, TX, USA",
  month =        dec,
  year =         "1992",
  note =         "A survey of interoperability issues among CMWs and
                 the TRW prototype.",
}

@Unpublished{Rosenthal:LLI92,
  author =       "David S. H. Rosenthal",
  title =        "{LInX}---a {Less} {IN}secure {X} Server ({Sun}
                 {Microsystems} unpublished draft)",
  year =         "1992",
  note =         "An early architecture for Sun's CMW.",
}

@Unpublished{Rosenthal:XWS92,
  author =       "David S. H. Rosenthal",
  title =        "{X} Window Security System",
  year =         "1992",
  note =         "US patent 5,073,922, Describes implementation of
                 LInX.",
}

@InProceedings{Smith:TPF92,
  author =       "Mark Smith",
  title =        "Towards a Policy-Free Protocol Supporting a Secure
                 {X} {Window} {System}",
  booktitle =    "Proceedings of the 15th Annual National Computer
                 Security Conference",
  address =      "Baltimore, MD, USA",
  month =        oct,
  year =         "1992",
  note =         "A concept for improving interoperability among
                 Trusted X systems by separating the security policy
                 from the system implementation, thus allowing
                 pluggable security policies.",
}

@Article{Sheldrick:SXW92,
  author =       "Dennis Sheldrick",
  title =        "Security and the {X} {Window} {System}",
  journal =      "UNIX World",
  month =        jan,
  year =         "1992",
  note =         "A discussion of some of the security features in X,
                 and threats to X.",
}

@InProceedings{Smith-Thomas:SML89,
  author =       "Barbara Smith-Thomas",
  title =        "Secure Multi-Level Windowing in a {B1} Certifiable
                 Secure {UNIX} Operating System",
  booktitle =    "Proceedings of the USENIX Winter 1989 Conference",
  address =      "San Diego, CA, USA",
  month =        jan,
  year =         "1989",
  note =         "Describes the architecture of the multi-level version
                 of the AT\&T 630 graphics terminal. This terminal was
                 evaluated as part of AT\&T System V/MLS, which
                 received a B1 rating.",
}

@TechReport{Woodward:SRS87,
  author =       "J. P. L. Woodward",
  title =        "Security Requirements for System High and
                 Compartmented Mode Workstations",
  number =       "MTR 9992, Revision 1 (also published by the Defense
                 Intelligence Agency as document DDS-2600-5502-87)",
  institution =  "The MITRE Corporation",
  address =      "Bedford, MA, USA",
  month =        nov,
  year =         "1987",
  note =         "The original requirements for the CMW, including a
                 description of what they expect for Trusted X.",
}