Table of contents for issues of ACM Transactions on Information and System Security

Last update: Sat Oct 14 18:00:08 MDT 2017                Valid HTML 3.2!

Volume 1, Number 1, November, 1998
Volume 2, Number 1, February, 1999
Volume 2, Number 2, May, 1999
Volume 2, Number 3, August, 1999
Volume 2, Number 4, November, 1999
Volume 3, Number 1, February, 2000
Volume 3, Number 2, May, 2000
Volume 3, Number 3, August, 2000
Volume 3, Number 4, November, 2000
Volume 4, Number 1, February, 2001
Volume 4, Number 2, May, 2001
Volume 4, Number 3, August, 2001
Volume 4, Number 4, November, 2001
Volume 5, Number 1, February, 2002
Volume 5, Number 2, May, 2002
Volume 5, Number 3, August, 2002
Volume 5, Number 4, November, 2002
Volume 6, Number 1, February, 2003
Volume 6, Number 2, May, 2003
Volume 6, Number 3, August, 2003
Volume 6, Number 4, November, 2003
Volume 7, Number 1, February, 2004
Volume 7, Number 2, May, 2004
Volume 7, Number 3, August, 2004
Volume 7, Number 4, November, 2004
Volume 8, Number 1, February, 2005
Volume 8, Number 2, May, 2005
Volume 8, Number 3, August, 2005
Volume 8, Number 4, November, 2005
Volume 9, Number 1, February, 2006
Volume 9, Number 2, May, 2006
Volume 9, Number 3, August, 2006
Volume 9, Number 4, November, 2006
Volume 10, Number 1, February, 2007
Volume 10, Number 2, May, 2007
Volume 10, Number 3, July, 2007
Volume 10, Number 4, January, 2008
Volume 11, Number 1, February, 2008
Volume 11, Number 2, March, 2008
Volume 11, Number 3, March, 2008
Volume 11, Number 4, July, 2008
Volume 12, Number 1, October, 2008
Volume 12, Number 2, December, 2008
Volume 12, Number 3, January, 2009
Volume 12, Number 4, April, 2009
Volume 13, Number 1, October, 2009
Volume 13, Number 2, February, 2010
Volume 13, Number 3, July, 2010
Volume 13, Number 4, December, 2010
Volume 14, Number 1, May, 2011
Volume 14, Number 2, September, 2011
Volume 14, Number 3, November, 2011
Volume 14, Number 4, December, 2011
Volume 15, Number 1, March, 2012
Volume 15, Number 2, July, 2012
Volume 15, Number 3, November, 2012
Volume 15, Number 4, April, 2013
Volume 16, Number 1, June, 2013
Volume 16, Number 2, September, 2013
Volume 16, Number 3, November, 2013
Volume 16, Number 4, April, 2014
Volume 17, Number 1, August, 2014
Volume 17, Number 2, November, 2014
Volume 17, Number 3, March, 2015
Volume 17, Number 4, April, 2015
Volume 18, Number 1, June, 2015
Volume 18, Number 2, December, 2015
Volume 18, Number 3, April, 2016
Volume 18, Number 4, May, 2016


ACM Transactions on Information and System Security
Volume 1, Number 1, November, 1998

                    Ravi Sandhu   Editorial  . . . . . . . . . . . . . . . 1--2
        Francesco Bergadano and   
               Bruno Crispo and   
                Giancarlo Ruffo   High dictionary compression for
                                  proactive password checking  . . . . . . 3--25
              Elisa Bertino and   
Sabrina De Capitani Di Vimercati and   
              Elena Ferrari and   
            Pierangela Samarati   Exception-based information flow control
                                  in object-oriented systems . . . . . . . 26--65
          Michael K. Reiter and   
                 Aviel D. Rubin   Crowds: anonymity for Web transactions   66--92
                Ravi Sandhu and   
                      Fang Chen   The multilevel relational (MLR) data
                                  model  . . . . . . . . . . . . . . . . . 93--132


ACM Transactions on Information and System Security
Volume 2, Number 1, February, 1999

                    Ravi Sandhu   Editorial  . . . . . . . . . . . . . . . 1--2
          Matunda Nyanchama and   
                  Sylvia Osborn   The role graph model and conflict of
                                  interest . . . . . . . . . . . . . . . . 3--33
         David F. Ferraiolo and   
            John F. Barkley and   
                D. Richard Kuhn   A role-based access control model and
                                  reference implementation within a
                                  corporate intranet . . . . . . . . . . . 34--64
              Elisa Bertino and   
              Elena Ferrari and   
                   Vijay Atluri   The specification and enforcement of
                                  authorization constraints in workflow
                                  management systems . . . . . . . . . . . 65--104
                Ravi Sandhu and   
        Venkata Bhamidipati and   
                  Qamar Munawer   The ARBAC97 model for role-based
                                  administration of roles  . . . . . . . . 105--135

ACM Transactions on Information and System Security
Volume 2, Number 2, May, 1999

          Michael K. Reiter and   
          Stuart G. Stubblebine   Authentication metric analysis and
                                  design . . . . . . . . . . . . . . . . . 138--158
             Bruce Schneier and   
                    John Kelsey   Secure Audit Logs to Support Computer
                                  Forensics  . . . . . . . . . . . . . . . 159--176
               Trent Jaeger and   
               Atul Prakash and   
             Jochen Liedtke and   
                   Nayeem Islam   Flexible Control of Downloaded
                                  Executable Content . . . . . . . . . . . 177--228

ACM Transactions on Information and System Security
Volume 2, Number 3, August, 1999

                Shai Halevi and   
                  Hugo Krawczyk   Public-Key Cryptography and Password
                                  Protocols  . . . . . . . . . . . . . . . 230--268
                     Jun Xu and   
                 Mukesh Singhal   Design of a High-Performance ATM
                                  Firewall . . . . . . . . . . . . . . . . 269--294
                Terran Lane and   
               Carla E. Brodley   Temporal sequence learning and data
                                  reduction for anomaly detection  . . . . 295--331
            Lawrence C. Paulson   Inductive analysis of the Internet
                                  protocol TLS . . . . . . . . . . . . . . 332--351

ACM Transactions on Information and System Security
Volume 2, Number 4, November, 1999

      Stuart G. Stubblebine and   
           Paul F. Syverson and   
            David M. Goldschlag   Unlinkable serial transactions:
                                  protocols and applications . . . . . . . 354--389
                Eran Gabber and   
         Phillip B. Gibbons and   
           David M. Kristol and   
               Yossi Matias and   
                    Alain Mayer   On secure and pseudonymous
                                  client-relationships with multiple
                                  servers  . . . . . . . . . . . . . . . . 390--415
            Alejandro Hevia and   
                    Marcos Kiwi   Strength of Two Data Encryption Standard
                                  Implementations under Timing Attack  . . 416--437


ACM Transactions on Information and System Security
Volume 3, Number 1, February, 2000

                Deborah Frincke   Balancing Cooperation and Risk in
                                  Intrusion Detection  . . . . . . . . . . 1--29
              Fred B. Schneider   Enforceable Security Policies  . . . . . 30--50
             Diomidis Spinellis   Reflection as a Mechanism for Software
                                  Integrity Verification . . . . . . . . . 51--62

ACM Transactions on Information and System Security
Volume 3, Number 2, May, 2000

               Shlomi Dolev and   
               Rafail Ostrovsky   Xor-Trees for Efficient Anonymous
                                  Multicast and Reception  . . . . . . . . 63--84
              Sylvia Osborn and   
                Ravi Sandhu and   
                  Qamar Munawer   Configuring Role-Based Access Control to
                                  Enforce Mandatory and Discretionary
                                  Access Control Policies  . . . . . . . . 85--106
                   Avishai Wool   Key Management for Encrypted Broadcast   107--134

ACM Transactions on Information and System Security
Volume 3, Number 3, August, 2000

                Refik Molva and   
                Alain Pannetrat   Scalable Multicast Security with Dynamic
                                  Recipient Groups . . . . . . . . . . . . 136--160
              Ronald Cramer and   
                   Victor Shoup   Signature Schemes Based on the Strong
                                  RSA Assumption . . . . . . . . . . . . . 161--185
                Stefan Axelsson   The Base-Rate Fallacy and the Difficulty
                                  of Intrusion Detection . . . . . . . . . 186--205

ACM Transactions on Information and System Security
Volume 3, Number 4, November, 2000

              Gail-Joon Ahn and   
                    Ravi Sandhu   Role-based Authorization Constraints
                                  Specification  . . . . . . . . . . . . . 207--226
                  Wenke Lee and   
            Salvatore J. Stolfo   A Framework for Constructing Features
                                  and Models for Intrusion Detection
                                  Systems  . . . . . . . . . . . . . . . . 227--261
                    John McHugh   Testing Intrusion detection systems: a
                                  critique of the 1998 and 1999 DARPA
                                  intrusion detection system evaluations
                                  as performed by Lincoln Laboratory . . . 262--294


ACM Transactions on Information and System Security
Volume 4, Number 1, February, 2001

               Ho-Yen Chang and   
                S. Felix Wu and   
                   Y. Frank Jou   Real-Time Protocol Analysis for
                                  Detecting Link-State Routing Protocol
                                  Attacks  . . . . . . . . . . . . . . . . 1--36
               Joon S. Park and   
                Ravi Sandhu and   
                  Gail-Joon Ahn   Role-based access control on the Web . . 37--71
               Richard E. Smith   Cost Profile of a Highly Assured, Secure
                                  Operating System . . . . . . . . . . . . 72--101

ACM Transactions on Information and System Security
Volume 4, Number 2, May, 2001

             Deborah Shands and   
                 Jay Jacobs and   
                Richard Yee and   
                  E. John Sebes   Secure Virtual Enclaves: Supporting
                                  Coalition Use of Distributed Application
                                  Technologies . . . . . . . . . . . . . . 103--133
            Michael Steiner and   
               Peter Buhler and   
              Thomas Eirich and   
                Michael Waidner   Secure Password-Based Cipher Suite for
                                  TLS  . . . . . . . . . . . . . . . . . . 134--157
               Trent Jaeger and   
           Jonathon E. Tidswell   Practical Safety in Flexible Access
                                  Control Models . . . . . . . . . . . . . 158--190

ACM Transactions on Information and System Security
Volume 4, Number 3, August, 2001

              Elisa Bertino and   
       Piero Andrea Bonatti and   
                  Elena Ferrari   TRBAC: a Temporal Role-based Access
                                  Control Model  . . . . . . . . . . . . . 191--223
         David F. Ferraiolo and   
                Ravi Sandhu and   
             Serban Gavrila and   
            D. Richard Kuhn and   
         Ramaswamy Chandramouli   Proposed NIST standard for role-based
                                  access control . . . . . . . . . . . . . 224--274
              Burton S. Kaliski   An unknown key-share attack on the MQV
                                  key agreement protocol . . . . . . . . . 275--288
                 Ohad Rodeh and   
          Kenneth P. Birman and   
                    Danny Dolev   The Architecture and Performance of
                                  Security Protocols in the Ensemble Group
                                  Communication System: Using Diamonds to
                                  Guard the Castle . . . . . . . . . . . . 289--319

ACM Transactions on Information and System Security
Volume 4, Number 4, November, 2001

              Elisa Bertino and   
            Barbara Catania and   
                  Elena Ferrari   A Nested Transaction Model for
                                  Multilevel Secure Database Management
                                  Systems  . . . . . . . . . . . . . . . . 321--370
       Kim Potter Kihlstrom and   
                L. E. Moser and   
            P. M. Melliar-Smith   The SecureRing group communication
                                  system . . . . . . . . . . . . . . . . . 371--406
                  Peng Ning and   
             Sushil Jajodia and   
             Xiaoyang Sean Wang   Abstraction-based intrusion detection in
                                  distributed environments . . . . . . . . 407--452
        Pierangela Samarati and   
          Michael K. Reiter and   
                 Sushil Jajodia   An authorization model for a public key
                                  management service . . . . . . . . . . . 453--482


ACM Transactions on Information and System Security
Volume 5, Number 1, February, 2002

              Piero Bonatti and   
Sabrina De Capitani di Vimercati and   
            Pierangela Samarati   An Algebra for Composing Access Control
                                  Policies . . . . . . . . . . . . . . . . 1--35
          Massimo Bernaschi and   
         Emanuele Gabrielli and   
               Luigi V. Mancini   REMUS: a Security-Enhanced Operating
                                  System . . . . . . . . . . . . . . . . . 36--61
       Vijayalakshmi Atluri and   
                    Avigdor Gal   An authorization model for temporal and
                                  derived data: securing information
                                  portals  . . . . . . . . . . . . . . . . 62--94

ACM Transactions on Information and System Security
Volume 5, Number 2, May, 2002

                 Matt Blaze and   
             John Ioannidis and   
           Angelos D. Keromytis   Trust Management for IPsec . . . . . . . 95--118
                  Drew Dean and   
              Matt Franklin and   
              Adam Stubblefield   An Algebraic Approach to IP Traceback    119--137
                Algis Rudys and   
                 Dan S. Wallach   Termination in language-based systems    138--168
            Ernesto Damiani and   
Sabrina De Capitani di Vimercati and   
         Stefano Paraboschi and   
            Pierangela Samarati   A Fine-Grained Access Control System for
                                  XML Documents  . . . . . . . . . . . . . 169--202

ACM Transactions on Information and System Security
Volume 5, Number 3, August, 2002

              C. C. Michael and   
                     Anup Ghosh   Simple, state-based approaches to
                                  program-based anomaly detection  . . . . 203--237
                 John Viega and   
                J. T. Bloch and   
            Tadayoshi Kohno and   
                    Gary McGraw   Token-based scanning of source code for
                                  security problems  . . . . . . . . . . . 238--261
                Joe Loughry and   
              David A. Umphress   Information leakage from optical
                                  emanations . . . . . . . . . . . . . . . 262--289
              Elisa Bertino and   
                  Elena Ferrari   Secure and Selective Dissemination of
                                  XML Documents  . . . . . . . . . . . . . 290--331
                Manuel Koch and   
           Luigi V. Mancini and   
      Francesco Parisi-Presicce   A graph-based formalism for RBAC . . . . 332--365

ACM Transactions on Information and System Security
Volume 5, Number 4, November, 2002

        Francesco Bergadano and   
            Daniele Gunetti and   
                Claudia Picardi   User authentication through keystroke
                                  dynamics . . . . . . . . . . . . . . . . 367--397
           Michael M. Swift and   
               Anne Hopkins and   
            Peter Brundrett and   
             Cliff Van Dyke and   
               Praerit Garg and   
               Shannon Chan and   
             Mario Goertzel and   
            Gregory Jensenworth   Improving the granularity of access
                                  control for Windows 2000 . . . . . . . . 398--437
         Lawrence A. Gordon and   
                 Martin P. Loeb   The economics of information security
                                  investment . . . . . . . . . . . . . . . 438--457
             Alan Harbitter and   
       Daniel A. Menascé   A methodology for analyzing the
                                  performance of authentication protocols  458--491
                 Jean Bacon and   
                  Ken Moody and   
                       Walt Yao   A model of OASIS role-based access
                                  control and its support for active
                                  security . . . . . . . . . . . . . . . . 492--540


ACM Transactions on Information and System Security
Volume 6, Number 1, February, 2003

                    Ting Yu and   
          Marianne Winslett and   
                Kent E. Seamons   Supporting structured credentials and
                                  sensitive policies through interoperable
                                  strategies for automated trust
                                  negotiation  . . . . . . . . . . . . . . 1--42
          Joseph Y. Halpern and   
               Riccardo Pucella   On the relationship between strand
                                  spaces and multi-agent systems . . . . . 43--70
              Elisa Bertino and   
            Barbara Catania and   
              Elena Ferrari and   
                 Paolo Perlasca   A Logical Framework for Reasoning about
                                  Access Control Models  . . . . . . . . . 71--127
                 Ninghui Li and   
         Benjamin N. Grosof and   
                Joan Feigenbaum   Delegation logic: a logic-based approach
                                  to distributed authorization . . . . . . 128--171

ACM Transactions on Information and System Security
Volume 6, Number 2, May, 2003

            Suresh N. Chari and   
                 Pau-Chen Cheng   BlueBoX: a policy-driven, host-based
                                  intrusion detection system . . . . . . . 173--200
             Jason Crampton and   
                  George Loizou   Administrative scope: a foundation for
                                  role-based administrative models . . . . 201--231
            Günter Karjoth   Access control with IBM Tivoli access
                                  manager  . . . . . . . . . . . . . . . . 232--257
              Jung Min Park and   
          Edwin K. P. Chong and   
              Howard Jay Siegel   Efficient multicast stream
                                  authentication using erasure codes . . . 258--285
         Duminda Wijesekera and   
                 Sushil Jajodia   A propositional policy algebra for
                                  access control . . . . . . . . . . . . . 286--325

ACM Transactions on Information and System Security
Volume 6, Number 3, August, 2003

               Trent Jaeger and   
              Xiaolan Zhang and   
                  Fidel Cacheda   Policy management using access control
                                  spaces . . . . . . . . . . . . . . . . . 327--364
            Phillip Rogaway and   
              Mihir Bellare and   
                     John Black   OCB: a block-cipher mode of operation
                                  for efficient authenticated encryption   365--403
              Longhua Zhang and   
              Gail-Joon Ahn and   
                  Bei-Tseng Chu   A rule-based framework for role-based
                                  delegation and revocation  . . . . . . . 404--441

ACM Transactions on Information and System Security
Volume 6, Number 4, November, 2003

                  Klaus Julisch   Clustering intrusion detection alarms to
                                  support root cause analysis  . . . . . . 443--471
              Pino Persiano and   
                  Ivan Visconti   A secure and private system for
                                  subscription-based remote services . . . 472--500
               Steve Barker and   
               Peter J. Stuckey   Flexible access control policy
                                  specification with constraint logic
                                  programming  . . . . . . . . . . . . . . 501--546
               Carl Ellison and   
                 Steve Dohrmann   Public-key support for group
                                  collaboration  . . . . . . . . . . . . . 547--565
           Mary R. Thompson and   
          Abdelilah Essiari and   
              Srilekha Mudumbai   Certificate-based authorization policy
                                  in a PKI environment . . . . . . . . . . 566--588


ACM Transactions on Information and System Security
Volume 7, Number 1, February, 2004

              Giuseppe Ateniese   Verifiable encryption of digital
                                  signatures and applications  . . . . . . 1--20
                Albert Levi and   
           M. Ufuk Caglayan and   
                   Cetin K. Koc   Use of nested certificates for
                                  efficient, dynamic, and trust preserving
                                  public key infrastructure  . . . . . . . 21--59
                Yongdae Kim and   
              Adrian Perrig and   
                    Gene Tsudik   Tree-based group key agreement . . . . . 60--96
         Gabriel Montenegro and   
            Claude Castelluccia   Crypto-based identifiers (CBIDs):
                                  Concepts and applications  . . . . . . . 97--127
               Jaehong Park and   
                    Ravi Sandhu   The UCON$_{ABC}$ usage control model . . 128--174

ACM Transactions on Information and System Security
Volume 7, Number 2, May, 2004

               Trent Jaeger and   
             Antony Edwards and   
                  Xiaolan Zhang   Consistency analysis of authorization
                                  hook placement in the Linux security
                                  modules framework  . . . . . . . . . . . 175--205
              Mihir Bellare and   
            Tadayoshi Kohno and   
           Chanathip Namprempre   Breaking and provably repairing the SSH
                                  authenticated encryption scheme: a case
                                  study of the Encode-then-Encrypt-and-MAC
                                  paradigm . . . . . . . . . . . . . . . . 206--241
             William Aiello and   
         Steven M. Bellovin and   
                 Matt Blaze and   
                Ran Canetti and   
             John Ioannidis and   
       Angelos D. Keromytis and   
                  Omer Reingold   Just fast keying: Key agreement in a
                                  hostile Internet . . . . . . . . . . . . 242--273
                  Peng Ning and   
                    Yun Cui and   
          Douglas S. Reeves and   
                    Dingbang Xu   Techniques and tools for analyzing
                                  intrusion alerts . . . . . . . . . . . . 274--318
          Adam Stubblefield and   
             John Ioannidis and   
                 Aviel D. Rubin   A key recovery attack on the 802.11b
                                  wired equivalent privacy protocol (WEP)  319--332

ACM Transactions on Information and System Security
Volume 7, Number 3, August, 2004

              Brian Carrier and   
                   Clay Shields   The session token protocol for forensics
                                  and traceback  . . . . . . . . . . . . . 333--362
             Horst F. Wedde and   
                  Mario Lischka   Modular authorization and administration 363--391
             Mark Strembeck and   
                 Gustaf Neumann   An integrated approach to engineer and
                                  enforce context constraints in RBAC
                                  environments . . . . . . . . . . . . . . 392--427
                  Adam Hess and   
                 Jason Holt and   
             Jared Jacobson and   
                Kent E. Seamons   Content-triggered trust negotiation  . . 428--456
                  Yair Amir and   
                Yongdae Kim and   
       Cristina Nita-Rotaru and   
                    Gene Tsudik   On the performance of group key
                                  agreement protocols  . . . . . . . . . . 457--488

ACM Transactions on Information and System Security
Volume 7, Number 4, November, 2004

          Matthew K. Wright and   
                Micah Adler and   
          Brian Neil Levine and   
                   Clay Shields   The predecessor attack: an analysis of a
                                  threat to anonymous communications
                                  systems  . . . . . . . . . . . . . . . . 489--522
              Dijiang Huang and   
                     Deep Medhi   A key-chain-based keying scheme for
                                  many-to-many secure group communication  523--552
              Hovav Shacham and   
                  Dan Boneh and   
                  Eric Rescorla   Client-side caching for TLS  . . . . . . 553--575
                Tom Walcott and   
                    Matt Bishop   Traducement: a model for record security 576--590
                  Peng Ning and   
                    Dingbang Xu   Hypothesizing and reasoning about
                                  attacks missed by intrusion detection
                                  systems  . . . . . . . . . . . . . . . . 591--627


ACM Transactions on Information and System Security
Volume 8, Number 1, February, 2005

                    Ravi Sandhu   Editorial  . . . . . . . . . . . . . . . 1--1
                   Vijay Atluri   Preface  . . . . . . . . . . . . . . . . 2--2
   Elena Gabriela Barrantes and   
            David H. Ackley and   
          Stephanie Forrest and   
             Darko Stefanovi\'c   Randomized instruction set emulation . . 3--40
               Donggang Liu and   
                  Peng Ning and   
                    Rongfang Li   Establishing pairwise keys in
                                  distributed sensor networks  . . . . . . 41--77
                   Peng Liu and   
                 Wanyu Zang and   
                        Meng Yu   Incentive-based modeling and inference
                                  of attacker intent, objectives, and
                                  strategies . . . . . . . . . . . . . . . 78--118
            Alberto Ceselli and   
            Ernesto Damiani and   
Sabrina De Capitani Di Vimercati and   
             Sushil Jajodia and   
         Stefano Paraboschi and   
            Pierangela Samarati   Modeling and assessing inference
                                  exposure in encrypted databases  . . . . 119--152

ACM Transactions on Information and System Security
Volume 8, Number 2, May, 2005

       Zishuang (Eileen) Ye and   
                 Sean Smith and   
                 Denise Anthony   Trusted paths for browsers . . . . . . . 153--186
               Rafae Bhatti and   
               Arif Ghafoor and   
              Elisa Bertino and   
              James B. D. Joshi   X-GTRBAC: an XML-based policy
                                  specification framework and architecture
                                  for enterprise-wide access control . . . 187--227
                Wenliang Du and   
                  Jing Deng and   
          Yunghsiang S. Han and   
         Pramod K. Varshney and   
              Jonathan Katz and   
                   Aram Khalili   A pairwise key predistribution scheme
                                  for wireless sensor networks . . . . . . 228--258

ACM Transactions on Information and System Security
Volume 8, Number 3, August, 2005

                Lidong Zhou and   
          Fred B. Schneider and   
            Robbert Van Renesse   APSS: proactive secret sharing in
                                  asynchronous systems . . . . . . . . . . 259--286
               Reiner Dojen and   
                     Tom Coffey   The concept of layered proving trees and
                                  its application to the automation of
                                  security protocol verification . . . . . 287--311
            Daniele Gunetti and   
                Claudia Picardi   Keystroke analysis of free text  . . . . 312--347

ACM Transactions on Information and System Security
Volume 8, Number 4, November, 2005

                  Elena Ferrari   Guest editorial: Special issue on access
                                  control models and technologies  . . . . 349--350
               Xinwen Zhang and   
  Francesco Parisi-Presicce and   
                Ravi Sandhu and   
                   Jaehong Park   Formal model and policy specification of
                                  usage control  . . . . . . . . . . . . . 351--387
               Rafae Bhatti and   
               Basit Shafiq and   
              Elisa Bertino and   
               Arif Ghafoor and   
              James B. D. Joshi   X-gtrbac admin: a decentralized
                                  administration model for enterprise-wide
                                  access control . . . . . . . . . . . . . 388--423
             Urs Hengartner and   
               Peter Steenkiste   Access control to people location
                                  information  . . . . . . . . . . . . . . 424--456


ACM Transactions on Information and System Security
Volume 9, Number 1, February, 2006

          Giuseppe Ateniese and   
                   Kevin Fu and   
              Matthew Green and   
              Susan Hohenberger   Improved proxy re-encryption schemes
                                  with applications to secure distributed
                                  storage  . . . . . . . . . . . . . . . . 1--30
    Francesco M. Malvestuto and   
              Mauro Mezzini and   
               Marina Moscarini   Auditing sum-queries to make a
                                  statistical database secure  . . . . . . 31--60
                Darren Mutz and   
             Fredrik Valeur and   
             Giovanni Vigna and   
            Christopher Kruegel   Anomalous system call detection  . . . . 61--93
           Ariel Futoransky and   
         Emiliano Kargieman and   
            Carlos Sarraute and   
                Ariel Waissbein   Foundations and applications for secure
                                  triggers . . . . . . . . . . . . . . . . 94--112

ACM Transactions on Information and System Security
Volume 9, Number 2, May, 2006

                  Sejong Oh and   
                Ravi Sandhu and   
                   Xinwen Zhang   An effective role administration model
                                  using organization structure . . . . . . 113--137
            Giampaolo Bella and   
            Lawrence C. Paulson   Accountability protocols: Formalized and
                                  verified . . . . . . . . . . . . . . . . 138--161
            R. Chandramouli and   
                 S. Bapatla and   
         K. P. Subbalakshmi and   
                      R. N. Uma   Battery power-aware encryption . . . . . 162--180
            Rosario Gennaro and   
                 Yehuda Lindell   A framework for password-based
                                  authenticated key exchange . . . . . . . 181--234

ACM Transactions on Information and System Security
Volume 9, Number 3, August, 2006

       Paul C. Van Oorschot and   
             Stuart Stubblebine   On countering online dictionary attacks
                                  with login histories and
                                  humans-in-the-loop . . . . . . . . . . . 235--258
           Patrick McDaniel and   
                   Atul Prakash   Methods and limitations of security
                                  policy reconciliation  . . . . . . . . . 259--291
              Makoto Murata and   
             Akihiko Tozawa and   
             Michiharu Kudo and   
                   Satoshi Hada   XML access control using static analysis 292--324
                 Noam Kogan and   
              Yuval Shavitt and   
                   Avishai Wool   A practical revocation scheme for
                                  broadcast encryption using smartcards    325--351
     William H. Winsborough and   
                     Ninghui Li   Safety in automated trust negotiation    352--390

ACM Transactions on Information and System Security
Volume 9, Number 4, November, 2006

                 Ninghui Li and   
          Mahesh V. Tripunitara   Security analysis in role-based access
                                  control  . . . . . . . . . . . . . . . . 391--420
             Giovanni Mella and   
              Elena Ferrari and   
              Elisa Bertino and   
                  Yunhua Koglin   Controlled and cooperative updates of
                                  XML documents in Byzantine and
                                  failure-prone distributed systems  . . . 421--460
                 Noam Kogan and   
                    Tamir Tassa   Improved efficiency for revocation
                                  schemes via Newton interpolation . . . . 461--486


ACM Transactions on Information and System Security
Volume 10, Number 1, February, 2007

                  Gail-Joon Ahn   Guest editorial: Special issue on access
                                  control models and technologies  . . . . 1:1--1:??
        Maria Luisa Damiani and   
              Elisa Bertino and   
            Barbara Catania and   
                 Paolo Perlasca   GEO-RBAC: a spatially aware RBAC . . . . 2:1--2:??
            Mizuho Iwaihara and   
            Ryotaro Hayashi and   
    Somchai Chatvichienchai and   
        Chutiporn Anutariya and   
                 Vilas Wuwongse   Relevancy-based access control and its
                                  evaluation on versioned XML documents    3:1--3:??
               Jingmin Zhou and   
               Mark Heckman and   
           Brennen Reynolds and   
               Adam Carlson and   
                    Matt Bishop   Modeling network intrusion detection
                                  alerts for correlation . . . . . . . . . 4:1--4:??

ACM Transactions on Information and System Security
Volume 10, Number 2, May, 2007

                 Ninghui Li and   
      Mahesh V. Tripunitara and   
                     Ziad Bizri   On mutually exclusive roles and
                                  separation-of-duty . . . . . . . . . . . 5:1--5:??
                   Kun Peng and   
                 Colin Boyd and   
                      Ed Dawson   Batch zero-knowledge proof and
                                  verification and its applications  . . . 6:1--6:??
               Tanvir Ahmed and   
              Anand R. Tripathi   Specification and verification of
                                  security requirements in a programming
                                  model for decentralized CSCW systems . . 7:1--7:??
      Karthikeyan Bhargavan and   
              Ricardo Corin and   
      Cédric Fournet and   
               Andrew D. Gordon   Secure sessions for Web services . . . . 8:1--8:??

ACM Transactions on Information and System Security
Volume 10, Number 3, July, 2007

        Martín Abadi and   
             Bruno Blanchet and   
          Cédric Fournet   Just fast keying in the pi calculus  . . 9:1--9:??
           Emmanuel Bresson and   
          Olivier Chevassut and   
              David Pointcheval   Provably secure authenticated group
                                  Diffie--Hellman key exchange . . . . . . 10:1--10:??
         P. C. van Oorschot and   
                    Tao Wan and   
             Evangelos Kranakis   On interdomain routing security and
                                  pretty secure BGP (psBGP)  . . . . . . . 11:1--11:??
            A. Squicciarini and   
                 E. Bertino and   
              Elena Ferrari and   
                    F. Paci and   
               B. Thuraisingham   PP-trust-X: a system for privacy
                                  preserving trust negotiations  . . . . . 12:1--12:??

ACM Transactions on Information and System Security
Volume 10, Number 4, January, 2008

       Deepayan Chakrabarti and   
                  Yang Wang and   
                Chenxi Wang and   
             Jurij Leskovec and   
             Christos Faloutsos   Epidemic thresholds in real networks . . 1:1--1:??
          James B. D. Joshi and   
              Elisa Bertino and   
               Arif Ghafoor and   
                      Yue Zhang   Formal foundations for hybrid
                                  hierarchies in GTRBAC  . . . . . . . . . 2:1--2:??
             Blaise Gassend and   
            Marten Van Dijk and   
              Dwaine Clarke and   
               Emina Torlak and   
           Srinivas Devadas and   
                      Pim Tuyls   Controlled physical random functions and
                                  applications . . . . . . . . . . . . . . 3:1--3:??
               Luc Bouganim and   
  François Dang Ngoc and   
              Philippe Pucheral   Dynamic access-control policies on XML
                                  encrypted data . . . . . . . . . . . . . 4:1--4:??
         P. C. van Oorschot and   
                   Julie Thorpe   On predictive models and user-drawn
                                  graphical passwords  . . . . . . . . . . 5:1--5:??
            Baruch Awerbuch and   
              Reza Curtmola and   
               David Holmer and   
       Cristina Nita-Rotaru and   
                 Herbert Rubens   ODSBR: an on-demand secure Byzantine
                                  resilient routing protocol for wireless
                                  ad hoc networks  . . . . . . . . . . . . 6:1--6:??


ACM Transactions on Information and System Security
Volume 11, Number 1, February, 2008

                  Indrakshi Ray   Editorial  . . . . . . . . . . . . . . . 1:1--1:??
                Adam J. Lee and   
          Marianne Winslett and   
                 Jim Basney and   
                      Von Welch   The Traust Authorization Service . . . . 2:1--2:??
               Xinwen Zhang and   
             Masayuki Nakae and   
       Michael J. Covington and   
                    Ravi Sandhu   Toward a Usage-Based Security Framework
                                  for Collaborative Computing Systems  . . 3:1--3:??
           Pietro Mazzoleni and   
               Bruno Crispo and   
Swaminathan Sivasubramanian and   
                  Elisa Bertino   XACML Policy Integration Algorithms  . . 4:1--4:??

ACM Transactions on Information and System Security
Volume 11, Number 2, March, 2008

               Jooyoung Lee and   
             Douglas R. Stinson   On the Construction of Practical Key
                                  Predistribution Schemes for Distributed
                                  Sensor Networks Using Combinatorial
                                  Designs  . . . . . . . . . . . . . . . . 1:1--1:??
               Chad D. Mano and   
              Andrew Blaich and   
                    Qi Liao and   
              Yingxin Jiang and   
           David A. Cieslak and   
           David C. Salyers and   
                 Aaron Striegel   RIPPS: Rogue Identifying Packet Payload
                                  Slicer Detecting Unauthorized Wireless
                                  Hosts Through Network Traffic
                                  Conditioning . . . . . . . . . . . . . . 2:1--2:??
          Matthew K. Wright and   
                Micah Adler and   
          Brian Neil Levine and   
                   Clay Shields   Passive-Logging Attacks Against
                                  Anonymous Communications Systems . . . . 3:1--3:??
             Jung Hee Cheon and   
            Nicholas Hopper and   
                Yongdae Kim and   
                   Ivan Osipkov   Provably Secure Timed-Release Public Key
                                  Encryption . . . . . . . . . . . . . . . 4:1--4:??
               Hweehwa Pang and   
                   Kian-Lee Tan   Verifying Completeness of Relational
                                  Query Answers from Online Servers  . . . 5:1--5:??
               Felix Brandt and   
                Tuomas Sandholm   On the Existence of Unconditionally
                                  Privacy-Preserving Auction Protocols . . 6:1--6:??

ACM Transactions on Information and System Security
Volume 11, Number 3, March, 2008

                    Gene Tsudik   Editorial  . . . . . . . . . . . . . . . 11:1--11:??
                 Qing Zhang and   
                    Ting Yu and   
                      Peng Ning   A Framework for Identifying Compromised
                                  Nodes in Wireless Sensor Networks  . . . 12:1--12:??
          Roberto Di Pietro and   
           Luigi V. Mancini and   
             Alessandro Mei and   
       Alessandro Panconesi and   
         Jaikumar Radhakrishnan   Redoubtable Sensor Networks  . . . . . . 13:1--13:??
            Katharine Chang and   
                   Kang G. Shin   Distributed Authentication of Program
                                  Integrity Verification in Wireless
                                  Sensor Networks  . . . . . . . . . . . . 14:1--14:??
                  Liang Xie and   
                     Sencun Zhu   Message Dropping Attacks in Overlay
                                  Networks: Attack Detection and Attacker
                                  Identification . . . . . . . . . . . . . 15:1--15:??
            Patrick Traynor and   
              Michael Chien and   
               Scott Weaver and   
             Boniface Hicks and   
               Patrick McDaniel   Noninvasive Methods for Host
                                  Certification  . . . . . . . . . . . . . 16:1--16:??

ACM Transactions on Information and System Security
Volume 11, Number 4, July, 2008

              Gildas Avoine and   
               Pascal Junod and   
              Philippe Oechslin   Characterization and Improvement of
                                  Time-Memory Trade-Off Based on Perfect
                                  Tables . . . . . . . . . . . . . . . . . 17:1--17:??
                    Yi Yang and   
                Xinran Wang and   
                 Sencun Zhu and   
                    Guohong Cao   SDAP: a Secure Hop-by-Hop Data
                                  Aggregation Protocol for Sensor Networks 18:1--18:??
         Svetlana Radosavac and   
         George Moustakides and   
              John S. Baras and   
          Iordanis Koutsopoulos   An Analytic Framework for Modeling and
                                  Detecting Access Layer Misbehavior in
                                  Wireless Networks  . . . . . . . . . . . 19:1--19:??
               Young U. Ryu and   
                 Hyeun-Suk Rhee   Evaluation of Intrusion Detection
                                  Systems Under a Resource Constraint  . . 20:1--20:??
          Joseph Y. Halpern and   
                 Vicky Weissman   Using First-Order Logic to Reason about
                                  Policies . . . . . . . . . . . . . . . . 21:1--21:??
               Donggang Liu and   
                  Peng Ning and   
                     An Liu and   
                 Cliff Wang and   
              Wenliang Kevin Du   Attack-Resistant Location Estimation in
                                  Wireless Sensor Networks . . . . . . . . 22:1--22:??
          Saurabh Ganeriwal and   
      Christina Pöpper and   
            Srdjan \vCapkun and   
             Mani B. Srivastava   Secure Time Synchronization in Sensor
                                  Networks . . . . . . . . . . . . . . . . 23:1--23:??


ACM Transactions on Information and System Security
Volume 12, Number 1, October, 2008

               Steve Barker and   
            Marek J. Sergot and   
             Duminda Wijesekera   Status-Based Access Control  . . . . . . 1:1--1:??
                Shouhuai Xu and   
                Srdjan \vCapkun   Distributed and Secure Bootstrapping of
                                  Mobile Ad Hoc Networks: Framework and
                                  Constructions  . . . . . . . . . . . . . 2:1--2:??
        Alexandra Boldyreva and   
               Craig Gentry and   
               Adam O'Neill and   
                   Dae Hyun Yum   New Multiparty Signature Schemes for
                                  Network Routing Applications . . . . . . 3:1--3:??
                   Wei Wang and   
              Thomas E. Daniels   A Graph Based Approach Toward Network
                                  Forensics Analysis . . . . . . . . . . . 4:1--4:??
          Joseph Y. Halpern and   
               Kevin R. O'Neill   Secrecy in Multiagent Systems  . . . . . 5:1--5:??
                Danfeng Yao and   
           Keith B. Frikken and   
         Mikhail J. Atallah and   
               Roberto Tamassia   Private Information: To Reveal or not to
                                  Reveal . . . . . . . . . . . . . . . . . 6:1--6:??

ACM Transactions on Information and System Security
Volume 12, Number 2, December, 2008

          Rebecca N. Wright and   
Sabrina De Capitanidi Vimercati   Guest Editorial: Special Issue on
                                  Computer and Communications Security . . 7:1--7:??
                Adam J. Lee and   
              Marianne Winslett   Enforcing Safety and Consistency
                                  Constraints in Policy-Based
                                  Authorization Systems  . . . . . . . . . 8:1--8:??
             Philippe Golle and   
             Frank McSherry and   
                   Ilya Mironov   Data Collection with Self-Enforcing
                                  Privacy  . . . . . . . . . . . . . . . . 9:1--9:??
             Cristian Cadar and   
               Vijay Ganesh and   
         Peter M. Pawlowski and   
              David L. Dill and   
               Dawson R. Engler   EXE: Automatically Generating Inputs of
                                  Death  . . . . . . . . . . . . . . . . . 10:1--10:??
              Xiaofeng Wang and   
                 Zhuowei Li and   
             Jong Youl Choi and   
                     Jun Xu and   
          Michael K. Reiter and   
                 Chongkyung Kil   Fast and Black-box Exploit Detection and
                                  Signature Generation for Commodity
                                  Software . . . . . . . . . . . . . . . . 11:1--11:??
           Spiros Antonatos and   
         Periklis Akritidis and   
               Vinh The Lam and   
         Kostas G. Anagnostakis   Puppetnets: Misusing Web Browsers as a
                                  Distributed Attack Infrastructure  . . . 12:1--12:??
                Mengjun Xie and   
                   Heng Yin and   
                   Haining Wang   Thwarting E-mail Spam Laundering . . . . 13:1--13:??

ACM Transactions on Information and System Security
Volume 12, Number 3, January, 2009

              Zhenkai Liang and   
                Weiqing Sun and   
      V. N. Venkatakrishnan and   
                       R. Sekar   Alcatraz: An Isolated Environment for
                                  Experimenting with Untrusted Software    14:1--14:37
                Danfeng Yao and   
               Roberto Tamassia   Compact and Anonymous Role-Based
                                  Authorization Chain  . . . . . . . . . . 15:1--15:??
           John Bethencourt and   
                  Dawn Song and   
                   Brent Waters   New Techniques for Private Stream
                                  Searching  . . . . . . . . . . . . . . . 16:1--16:??
            Scott A. Crosby and   
             Dan S. Wallach and   
                Rudolf H. Riedi   Opportunities and Limits of Remote
                                  Timing Attacks . . . . . . . . . . . . . 17:1--17:??
         Mikhail J. Atallah and   
             Marina Blanton and   
                Nelly Fazio and   
               Keith B. Frikken   Dynamic and Efficient Key Management for
                                  Access Hierarchies . . . . . . . . . . . 18:1--18:??
                Jay Ligatti and   
                 Lujo Bauer and   
                   David Walker   Run-Time Enforcement of Nonsafety
                                  Policies . . . . . . . . . . . . . . . . 19:1--19:??

ACM Transactions on Information and System Security
Volume 12, Number 4, April, 2009

                 Ninghui Li and   
                 Qihua Wang and   
             Mahesh Tripunitara   Resiliency Policies in Access Control    20:1--20:??
             Mike Burmester and   
                 Tri Van Le and   
          Breno De Medeiros and   
                    Gene Tsudik   Universally Composable RFID
                                  Identification and Authentication
                                  Protocols  . . . . . . . . . . . . . . . 21:1--21:??
               Serdar Cabuk and   
           Carla E. Brodley and   
                   Clay Shields   IP Covert Channel Detection  . . . . . . 22:1--22:29


ACM Transactions on Information and System Security
Volume 13, Number 1, October, 2009

              Catherine Meadows   Introduction to ACM TISSEC special issue
                                  on CCS 2005  . . . . . . . . . . . . . . 1:1--1:??
                Jiangtao Li and   
                 Ninghui Li and   
         William H. Winsborough   Automated trust negotiation using
                                  cryptographic credentials  . . . . . . . 2:1--2:??
                  Li Zhuang and   
                  Feng Zhou and   
                    J. D. Tygar   Keyboard acoustic emanations revisited   3:1--3:??
        Martín Abadi and   
                Mihai Budiu and   
    Úlfar Erlingsson and   
                    Jay Ligatti   Control-flow integrity principles,
                                  implementations, and applications  . . . 4:1--4:??
              Sandro Etalle and   
         William H. Winsborough   Maintaining control while delegating
                                  trust: Integrity constraints in trust
                                  management . . . . . . . . . . . . . . . 5:1--5:??
          Barbara Carminati and   
              Elena Ferrari and   
                  Andrea Perego   Enforcing access control in Web-based
                                  social networks  . . . . . . . . . . . . 6:1--6:??
                  Ari Juels and   
                Stephen A. Weis   Defining strong privacy for RFID . . . . 7:1--7:??
                     Ye Zhu and   
               Riccardo Bettati   Compromising anonymous communication
                                  systems using blind source separation    8:1--8:??
              Yingpeng Sang and   
                      Hong Shen   Efficient and secure protocols for
                                  privacy-preserving set operations  . . . 9:1--9:??
             Leo Dorrendorf and   
              Zvi Gutterman and   
                   Benny Pinkas   Cryptanalysis of the random number
                                  generator of the Windows operating
                                  system . . . . . . . . . . . . . . . . . 10:1--10:32

ACM Transactions on Information and System Security
Volume 13, Number 2, February, 2010

Sabrina de Capitani di Vimercati and   
                  Paul Syverson   Guest editorial: Special issue on
                                  computer and communications security . . 11:1--11:??
               Xuxian Jiang and   
               Xinyuan Wang and   
                     Dongyan Xu   Stealthy malware detection and
                                  monitoring through VMM-based
                                  ``out-of-the-box'' semantic view
                                  reconstruction . . . . . . . . . . . . . 12:1--12:??
            Nicholas Hopper and   
        Eugene Y. Vasserman and   
                  Eric Chan-TIN   How much anonymity does network latency
                                  leak?  . . . . . . . . . . . . . . . . . 13:1--13:??
              Prithvi Bisht and   
              P. Madhusudan and   
          V. N. Venkatakrishnan   CANDID: Dynamic candidate evaluations
                                  for automatic prevention of SQL
                                  injection attacks  . . . . . . . . . . . 14:1--14:??
             Miroslav Ponec and   
                 Paul Giura and   
                  Joel Wein and   
   Hervé Brönnimann   New payload attribution methods for
                                  network forensic investigations  . . . . 15:1--15:??
                  Tal Moran and   
                      Moni Naor   Split-ballot voting: Everlasting privacy
                                  with distributed trust . . . . . . . . . 16:1--16:??
           Anna Lysyanskaya and   
           Roberto Tamassia and   
            Nikos Triandopoulos   Authenticated error-correcting codes
                                  with applications to multicast
                                  authentication . . . . . . . . . . . . . 17:1--17:??
              Xiaofeng Wang and   
             Philippe Golle and   
           Markus Jakobsson and   
                      Alex Tsow   Deterring voluntary trace disclosure in
                                  re-encryption mix-networks . . . . . . . 18:1--18:??

ACM Transactions on Information and System Security
Volume 13, Number 3, July, 2010

             Joachim Biskup and   
                   Javier Lopez   Editorial: ESORICS 2007  . . . . . . . . 19:1--19:??
           Moritz Y. Becker and   
                 Sebastian Nanz   A logic for state-modifying
                                  authorization policies . . . . . . . . . 20:1--20:??
              Gilles Barthe and   
                Tamara Rezk and   
            Alejandro Russo and   
               Andrei Sabelfeld   Security of multithreaded programs by
                                  compilation  . . . . . . . . . . . . . . 21:1--21:??
          Valentina Ciriani and   
Sabrina De Capitani Di Vimercati and   
               Sara Foresti and   
             Sushil Jajodia and   
         Stefano Paraboschi and   
            Pierangela Samarati   Combining fragmentation and encryption
                                  to protect privacy in data storage . . . 22:1--22:??
          Bhavani Thuraisingham   Editorial: SACMAT 2007 . . . . . . . . . 23:1--23:??
                     Qun Ni and   
              Elisa Bertino and   
                 Jorge Lobo and   
             Carolyn Brodie and   
          Clare-Marie Karat and   
                 John Karat and   
               Alberto Trombeta   Privacy-aware role-based access control  24:1--24:??
                Adam J. Lee and   
            Kazuhiro Minami and   
              Marianne Winslett   On the consistency of distributed proofs
                                  with hidden subtrees . . . . . . . . . . 25:1--25:??
             Boniface Hicks and   
               Sandra Rueda and   
             Luke St. Clair and   
               Trent Jaeger and   
               Patrick McDaniel   A logical specification and analysis for
                                  SELinux MLS policy . . . . . . . . . . . 26:1--26:??
             Jaideep Vaidya and   
       Vijayalakshmi Atluri and   
                         Qi Guo   The role mining problem: a formal
                                  perspective  . . . . . . . . . . . . . . 27:1--27:??
          Barbara Carminati and   
              Elena Ferrari and   
               Jianneng Cao and   
                   Kian Lee Tan   A framework to enforce access control
                                  over data streams  . . . . . . . . . . . 28:1--28:??

ACM Transactions on Information and System Security
Volume 13, Number 4, December, 2010

                Aniket Kate and   
          Greg M. Zaverucha and   
                   Ian Goldberg   Pairing-Based Onion Routing with
                                  Improved Forward Secrecy . . . . . . . . 29:1--29:??
         Adam G. Pennington and   
       John Linwood Griffin and   
               John S. Bucy and   
             John D. Strunk and   
              Gregory R. Ganger   Storage-Based Intrusion Detection  . . . 30:1--30:??
               Rakesh Bobba and   
              Omid Fatemieh and   
                Fariba Khan and   
               Arindam Khan and   
             Carl A. Gunter and   
           Himanshu Khurana and   
              Manoj Prabhakaran   Attribute-Based Messaging: Access
                                  Control and Confidentiality  . . . . . . 31:1--31:??
                  Feifei Li and   
    Marios Hadjieleftheriou and   
             George Kollios and   
                  Leonid Reyzin   Authenticated Index Structures for
                                  Aggregation Queries  . . . . . . . . . . 32:1--32:??
                  Palash Sarkar   A Simple and Generic Construction of
                                  Authenticated Encryption with Associated
                                  Data . . . . . . . . . . . . . . . . . . 33:1--33:??
              David Schultz and   
             Barbara Liskov and   
                   Moses Liskov   MPSS: Mobile Proactive Secret Sharing    34:1--34:??
          Charles V. Wright and   
              Lucas Ballard and   
             Scott E. Coull and   
             Fabian Monrose and   
               Gerald M. Masson   Uncovering Spoken Phrases in Encrypted
                                  Voice over IP Conversations  . . . . . . 35:1--35:??
                 Ian Molloy and   
                  Hong Chen and   
               Tiancheng Li and   
                 Qihua Wang and   
                 Ninghui Li and   
              Elisa Bertino and   
              Seraphin Calo and   
                     Jorge Lobo   Mining Roles with Multiple Objectives    36:1--36:??
           Beno\^\it Libert and   
    Jean-Jacques Quisquater and   
                      Moti Yung   Key Evolution Systems in Untrusted
                                  Update Environments  . . . . . . . . . . 37:1--37:??
                 David Zage and   
           Cristina Nita-Rotaru   Robust Decentralized Virtual Coordinate
                                  Systems in Adversarial Environments  . . 38:1--38:??
           Patrick P. Tsang and   
                  Man Ho Au and   
                Apu Kapadia and   
                  Sean W. Smith   BLAC: Revoking Repeatedly Misbehaving
                                  Anonymous Users without Relying on TTPs  39:1--39:??
                 Qihua Wang and   
                     Ninghui Li   Satisfiability and Resiliency in
                                  Workflow Authorization Systems . . . . . 40:1--40:??
           Aybek Mukhamedov and   
                   Mark D. Ryan   Identity Escrow Protocol and Anonymity
                                  Analysis in the Applied Pi-Calculus  . . 41:1--41:??


ACM Transactions on Information and System Security
Volume 14, Number 1, May, 2011

                     Ninghui Li   Introduction to special section
                                  SACMAT'08  . . . . . . . . . . . . . . . 1:1--1:??
                 Lujo Bauer and   
              Scott Garriss and   
              Michael K. Reiter   Detecting and resolving policy
                                  misconfigurations in access-control
                                  systems  . . . . . . . . . . . . . . . . 2:1--2:??
                  Qiang Wei and   
             Jason Crampton and   
        Konstantin Beznosov and   
                  Matei Ripeanu   Authorization recycling in hierarchical
                                  RBAC systems . . . . . . . . . . . . . . 3:1--3:??
        Jens-Matthias Bohli and   
             Andreas Pashalidis   Relations among privacy notions  . . . . 4:1--4:??
           Gabriele Oligeri and   
             Stefano Chessa and   
          Roberto Di Pietro and   
                 Gaetano Giunta   Robust and efficient authentication of
                                  video stream broadcasting  . . . . . . . 5:1--5:??
                   Brian Demsky   Cross-application data provenance and
                                  policy enforcement . . . . . . . . . . . 6:1--6:??
                  Jing Dong and   
              Reza Curtmola and   
           Cristina Nita-Rotaru   Practical defenses against pollution
                                  attacks in wireless network coding . . . 7:1--7:??
          Fred B. Schneider and   
                Kevin Walsh and   
            Emin Gün Sirer   Nexus Authorization Logic (NAL): Design
                                  rationale and applications . . . . . . . 8:1--8:??
                Glenn Bruns and   
                   Michael Huth   Access control via Belnap logic:
                                  Intuitive, expressive, and analyzable
                                  policy composition . . . . . . . . . . . 9:1--9:??
             Scott E. Coull and   
              Matthew Green and   
              Susan Hohenberger   Access controls for oblivious and
                                  anonymous systems  . . . . . . . . . . . 10:1--10:??
             Mike Burmester and   
                  Jorge Munilla   Lightweight RFID authentication with
                                  forward and backward security  . . . . . 11:1--11:??
          Giuseppe Ateniese and   
               Randal Burns and   
              Reza Curtmola and   
             Joseph Herring and   
                 Osama Khan and   
                Lea Kissner and   
           Zachary Peterson and   
                      Dawn Song   Remote data checking using provable data
                                  possession . . . . . . . . . . . . . . . 12:1--12:??
                    Yao Liu and   
                  Peng Ning and   
              Michael K. Reiter   False data injection attacks against
                                  state estimation in electric power grids 13:1--13:??
                 Jason Crampton   Practical and efficient cryptographic
                                  enforcement of interval-based access
                                  control policies . . . . . . . . . . . . 14:1--14:??

ACM Transactions on Information and System Security
Volume 14, Number 2, September, 2011

                Tielei Wang and   
                    Tao Wei and   
                  Guofei Gu and   
                        Wei Zou   Checksum-Aware Fuzzing Combined with
                                  Dynamic Taint Analysis and Symbolic
                                  Execution  . . . . . . . . . . . . . . . 15:1--15:??
                David Basin and   
              Srdjan Capkun and   
           Patrick Schaller and   
               Benedikt Schmidt   Formal Reasoning about Physical
                                  Properties of Security Protocols . . . . 16:1--16:??
            Scott A. Crosby and   
                 Dan S. Wallach   Authenticated Dictionaries: Real-World
                                  Costs and Trade-Offs . . . . . . . . . . 17:1--17:??
                Andrew W. Appel   Security Seals on Voting Machines: a
                                  Case Study . . . . . . . . . . . . . . . 18:1--18:??
       Z. Cliffe Schreuders and   
               Tanya McGill and   
                Christian Payne   Empowering End Users to Confine Their
                                  Own Applications: The Results of a
                                  Usability Study Comparing SELinux,
                                  AppArmor, and FBAC-LSM . . . . . . . . . 19:1--19:??
             Peter Williams and   
                  Radu Sion and   
             Miroslava Sotakova   Practical Oblivious Outsourced Storage   20:1--20:??
                Guang Xiang and   
                 Jason Hong and   
            Carolyn P. Rose and   
                  Lorrie Cranor   CANTINA+: a Feature-Rich Machine
                                  Learning Framework for Detecting
                                  Phishing Web Sites . . . . . . . . . . . 21:1--21:??

ACM Transactions on Information and System Security
Volume 14, Number 3, November, 2011

                James Joshi and   
              Barbara Carminati   Guest Editorial: SACMAT 2009 and 2010    22:1--22:??
               Ram Krishnan and   
                Jianwei Niu and   
                Ravi Sandhu and   
         William H. Winsborough   Group-Centric Secure Information-Sharing
                                  Models for Isolated Groups . . . . . . . 23:1--23:??
                 Ziqing Mao and   
                 Ninghui Li and   
                  Hong Chen and   
                   Xuxian Jiang   Combining Discretionary Policy with
                                  Mandatory Information Flow in Operating
                                  Systems  . . . . . . . . . . . . . . . . 24:1--24:??
           Gregory Leighton and   
               Denilson Barbosa   Access Control Policy Translation,
                                  Verification, and Minimization within
                                  Heterogeneous Data Federations . . . . . 25:1--25:??
          T.-H. Hubert Chan and   
                 Elaine Shi and   
                      Dawn Song   Private and Continual Release of
                                  Statistics . . . . . . . . . . . . . . . 26:1--26:??
              Eric Chan-Tin and   
           Victor Heorhiadi and   
            Nicholas Hopper and   
                    Yongdae Kim   The Frog-Boiling Attack: Limitations of
                                  Secure Network Coordinate Systems  . . . 27:1--27:??

ACM Transactions on Information and System Security
Volume 14, Number 4, December, 2011

             M. C. Gorantla and   
                 Colin Boyd and   
Juan Manuel González Nieto and   
                   Mark Manulis   Modeling key compromise impersonation
                                  attacks on group key exchange protocols  28:1--28:??
                   M. Ho Au and   
                P. P. Tsang and   
                     A. Kapadia   PEREA: Practical TTP-free revocation of
                                  repeatedly misbehaving anonymous users   29:1--29:??
                 Yingjiu Li and   
             Robert H. Deng and   
                 Junzuo Lai and   
                    Changshe Ma   On two RFID privacy notions and their
                                  relations  . . . . . . . . . . . . . . . 30:1--30:??
            Martin Burkhart and   
       Xenofontas Dimitropoulos   Privacy-preserving distributed network
                                  troubleshooting---bridging the gap
                                  between theory and practice  . . . . . . 31:1--31:??
             Darrell Bethea and   
          Robert A. Cochran and   
              Michael K. Reiter   Server-side verification of client
                                  behavior in online games . . . . . . . . 32:1--32:??


ACM Transactions on Information and System Security
Volume 15, Number 1, March, 2012

              Paul Syverson and   
                     Somesh Jha   Guest Editorial: Special Issue on
                                  Computer and Communications Security . . 1:1--1:??
                Ryan Roemer and   
              Erik Buchanan and   
              Hovav Shacham and   
                  Stefan Savage   Return-Oriented Programming: Systems,
                                  Languages, and Applications  . . . . . . 2:1--2:??
      Karthikeyan Bhargavan and   
      Cédric Fournet and   
              Ricardo Corin and   
                Eugen Zalinescu   Verified Cryptographic Implementations
                                  for TLS  . . . . . . . . . . . . . . . . 3:1--3:??
              Jan Camenisch and   
              Thomas Groß   Efficient Attributes for Anonymous
                                  Credentials  . . . . . . . . . . . . . . 4:1--4:??
             Prateek Mittal and   
                 Nikita Borisov   Information Leaks in Structured
                                  Peer-to-Peer Anonymous Communication
                                  Systems  . . . . . . . . . . . . . . . . 5:1--5:??

ACM Transactions on Information and System Security
Volume 15, Number 2, July, 2012

                Yossi Gilad and   
                  Amir Herzberg   LOT: a Defense Against IP Spoofing and
                                  Flooding Attacks . . . . . . . . . . . . 6:1--6:??
                Boris Danev and   
              Srdjan Capkun and   
        Ramya Jayaram Masti and   
             Thomas S. Benjamin   Towards Practical Identification of HF
                                  RFID Devices . . . . . . . . . . . . . . 7:1--7:??
        Martín Abadi and   
              Gordon D. Plotkin   On Protection by Layout Randomization    8:1--8:??
            Attila A. Yavuz and   
                  Peng Ning and   
              Michael K. Reiter   BAF and FI-BAF: Efficient and Publicly
                                  Verifiable Cryptographic Schemes for
                                  Secure Logging in Resource-Constrained
                                  Systems  . . . . . . . . . . . . . . . . 9:1--9:??
        Raphaël Khoury and   
                    Nadia Tawbi   Corrective Enforcement: a New Paradigm
                                  of Security Policy Enforcement by
                                  Monitors . . . . . . . . . . . . . . . . 10:1--10:??

ACM Transactions on Information and System Security
Volume 15, Number 3, November, 2012

              Norman Danner and   
          Sam Defabbia-Kane and   
              Danny Krizanc and   
                Marc Liberatore   Effectiveness and detection of
                                  denial-of-service attacks in Tor . . . . 11:1--11:??
            Michael Brennan and   
                Sadia Afroz and   
              Rachel Greenstadt   Adversarial stylometry: Circumventing
                                  authorship recognition to preserve
                                  privacy and anonymity  . . . . . . . . . 12:1--12:??
                David Basin and   
            Samuel J. Burri and   
            Günter Karjoth   Dynamic enforcement of abstract
                                  separation of duty constraints . . . . . 13:1--13:??
            Joan Feigenbaum and   
              Aaron Johnson and   
                  Paul Syverson   Probabilistic analysis of onion routing
                                  in a black-box model . . . . . . . . . . 14:1--14:??

ACM Transactions on Information and System Security
Volume 15, Number 4, April, 2013

                Mario Frank and   
          Joachim M. Buhman and   
                    David Basin   Role Mining with Probabilistic Models    15:1--15:??
                Yossi Gilad and   
                  Amir Herzberg   Fragmentation Considered Vulnerable  . . 16:1--16:??
         Muhammad Qasim Ali and   
              Ehab Al-Shaer and   
                Hassan Khan and   
                Syed Ali Khayam   Automated Anomaly Detector Adaptation
                                  using Adaptive Threshold Tuning  . . . . 17:1--17:??
         Karthick Jayaraman and   
         Mahesh Tripunitara and   
               Vijay Ganesh and   
              Martin Rinard and   
                   Steve Chapin   Mohawk: Abstraction-Refinement and
                                  Bound-Estimation for Verifying Access
                                  Control Policies . . . . . . . . . . . . 18:1--18:??


ACM Transactions on Information and System Security
Volume 16, Number 1, June, 2013

        Pieter Philippaerts and   
                Yves Younan and   
               Stijn Muylle and   
             Frank Piessens and   
              Sven Lachmund and   
                  Thomas Walter   CPM: Masking Code Pointers to Prevent
                                  Code Injection Attacks . . . . . . . . . 1:1--1:??
            William E. Cobb and   
           Rusty O. Baldwin and   
                  Eric D. Laspe   Leakage Mapping: a Systematic
                                  Methodology for Assessing the
                                  Side-Channel Information Leakage of
                                  Cryptographic Implementations  . . . . . 2:1--2:??
                David Basin and   
        Vincent Jugé and   
             Felix Klaedtke and   
                Eugen Zalinescu   Enforceable Security Policies Revisited  3:1--3:??
             Jason Crampton and   
              Gregory Gutin and   
                     Anders Yeo   On the Parameterized Complexity and
                                  Kernelization of the Workflow
                                  Satisfiability Problem . . . . . . . . . 4:1--4:??

ACM Transactions on Information and System Security
Volume 16, Number 2, September, 2013

             Thomas Leonard and   
            Martin Hall-May and   
                  Mike Surridge   Modelling Access Propagation in Dynamic
                                  Systems  . . . . . . . . . . . . . . . . 5:1--5:??
             Yueqiang Cheng and   
                 Xuhua Ding and   
                 Robert H. Deng   DriverGuard: Virtualization-Based
                                  Fine-Grained Protection on I/O Flows . . 6:1--6:??
                Yangchun Fu and   
                   Zhiqiang Lin   Bridging the Semantic Gap in Virtual
                                  Machine Introspection via Online Kernel
                                  Data Redirection . . . . . . . . . . . . 7:1--7:??
             Abdul Serwadda and   
                   Vir V. Phoha   Examining a Large Keystroke Biometrics
                                  Dataset for Statistical-Attack Openings  8:1--8:??

ACM Transactions on Information and System Security
Volume 16, Number 3, November, 2013

                Mengtao Sun and   
                   Gang Tan and   
             Joseph Siefers and   
                   Bin Zeng and   
                 Greg Morrisett   Bringing Java's wild native world under
                                  control  . . . . . . . . . . . . . . . . 9:1--9:??
          Benedikt Driessen and   
                  Ralf Hund and   
            Carsten Willems and   
              Christof Paar and   
                  Thorsten Holz   An experimental security analysis of two
                                  satphone standards . . . . . . . . . . . 10:1--10:??
             Marina Blanton and   
                Yihua Zhang and   
               Keith B. Frikken   Secure and verifiable outsourcing of
                                  large-scale biometric computations . . . 11:1--11:??
             Peter Williams and   
                      Radu Sion   Access privacy and correctness on
                                  untrusted storage  . . . . . . . . . . . 12:1--12:??

ACM Transactions on Information and System Security
Volume 16, Number 4, April, 2014

                Yossi Gilad and   
                  Amir Herzberg   Off-Path TCP Injection Attacks . . . . . 13:1--13:??
                Leyla Bilge and   
                  Sevil Sen and   
          Davide Balzarotti and   
                Engin Kirda and   
            Christopher Kruegel   EXPOSURE: a Passive DNS Analysis Service
                                  to Detect and Report Malicious Domains   14:1--14:??
                 Liqun Chen and   
               Hoon Wei Lim and   
                    Guomin Yang   Cross-Domain Password-Based
                                  Authenticated Key Exchange Revisited . . 15:1--15:??
             Teh-Chung Chen and   
               Torin Stepan and   
                 Scott Dick and   
                   James Miller   An Anti-Phishing System Employing
                                  Diffused Information . . . . . . . . . . 16:1--16:??
       Konstantine Arkoudas and   
                Ritu Chadha and   
                   Jason Chiang   Sophisticated Access Control via SMT and
                                  Logical Frameworks . . . . . . . . . . . 17:1--17:??


ACM Transactions on Information and System Security
Volume 17, Number 1, August, 2014

                Luca Allodi and   
                 Fabio Massacci   Comparing Vulnerability Severity and
                                  Exploits Using Case-Control Studies  . . 1:1--1:??
           Srdjan Marinovic and   
             Naranker Dulay and   
                  Morris Sloman   Rumpole: an Introspective Break-Glass
                                  Access Control Language  . . . . . . . . 2:1--2:??
            Mohammad Jafari and   
      Reihaneh Safavi-Naini and   
          Philip W. L. Fong and   
                     Ken Barker   A Framework for Expressing and Enforcing
                                  Purpose-Based Privacy Policies . . . . . 3:1--3:??
                   Ewa Syta and   
       Henry Corrigan-Gibbs and   
              Shu-Chun Weng and   
             David Wolinsky and   
                 Bryan Ford and   
                  Aaron Johnson   Security Analysis of Accountable
                                  Anonymity in Dissent . . . . . . . . . . 4:1--4:??

ACM Transactions on Information and System Security
Volume 17, Number 2, November, 2014

               Peter Chapin and   
               Christian Skalka   SpartanRPC: Remote Procedure Call
                                  Authorization in Wireless Sensor
                                  Networks . . . . . . . . . . . . . . . . 5:1--5:??
    Johannes Götzfried and   
               Tilo Müller   Mutual Authentication and Trust
                                  Bootstrapping towards Secure Disk
                                  Encryption . . . . . . . . . . . . . . . 6:1--6:??
                David Basin and   
                    Cas Cremers   Know Your Enemy: Compromising
                                  Adversaries in Protocol Analysis . . . . 7:1--7:??
                    Peng Li and   
                  Debin Gao and   
              Michael K. Reiter   StopWatch: a Cloud Architecture for
                                  Timing Channel Mitigation  . . . . . . . 8:1--8:??

ACM Transactions on Information and System Security
Volume 17, Number 3, March, 2015

          Roberto Di Pietro and   
               Gabriele Oligeri   Silence is Golden: Exploiting Jamming
                                  and Radio Silence to Communicate . . . . 9:1--9:??
                  Andy Rupp and   
          Foteini Baldimtsi and   
   Gesine Hinterwälder and   
                  Christof Paar   Cryptographic Theory Meets Practice:
                                  Efficient and Privacy-Preserving
                                  Payments for Public Transport  . . . . . 10:1--10:??
              Edoardo Serra and   
             Sushil Jajodia and   
            Andrea Pugliese and   
             Antonino Rullo and   
             V. S. Subrahmanian   Pareto-Optimal Adversarial Defense of
                                  Enterprise Systems . . . . . . . . . . . 11:1--11:??
          Steven H. H. Ding and   
        Benjamin C. M. Fung and   
                 Mourad Debbabi   A Visualizable Evidence-Driven Approach
                                  for Authorship Attribution . . . . . . . 12:1--12:??

ACM Transactions on Information and System Security
Volume 17, Number 4, April, 2015

               Hyojeong Lee and   
               Jeff Seibert and   
            Dylan Fistrovic and   
            Charles Killian and   
           Cristina Nita-Rotaru   Gatling: Automatic Performance Attack
                                  Discovery in Large-Scale Distributed
                                  Systems  . . . . . . . . . . . . . . . . 13:1--13:??
                Ziming Zhao and   
              Gail-Joon Ahn and   
                     Hongxin Hu   Picture Gesture Authentication:
                                  Empirical Analysis, Automated Attacks,
                                  and Scheme Evaluation  . . . . . . . . . 14:1--14:??
             C. Chris Erway and   
Alptekin Küpçü and   
    Charalampos Papamanthou and   
               Roberto Tamassia   Dynamic Provable Data Possession . . . . 15:1--15:??
                Yossef Oren and   
           Angelos D. Keromytis   Attacking the Internet Using Broadcast
                                  Digital Television . . . . . . . . . . . 16:1--16:??


ACM Transactions on Information and System Security
Volume 18, Number 1, June, 2015

Xavier De Carné De Carnavalet and   
                Mohammad Mannan   A Large-Scale Evaluation of High-Impact
                                  Password Strength Meters . . . . . . . . 1:1--1:??
          Ghassan O. Karame and   
            Elli Androulaki and   
             Marc Roeschlin and   
             Arthur Gervais and   
                  Srdjan Capkun   Misbehavior in Bitcoin: a Study of
                                  Double-Spending and Accountability . . . 2:1--2:??
              Chris Culnane and   
           Peter Y. A. Ryan and   
            Steve Schneider and   
                 Vanessa Teague   vVote: a Verifiable Voting System  . . . 3:1--3:??
              Goran Doychev and   
            Boris Köpf and   
          Laurent Mauborgne and   
                    Jan Reineke   CacheAudit: a Tool for the Static
                                  Analysis of Cache Side Channels  . . . . 4:1--4:??

ACM Transactions on Information and System Security
Volume 18, Number 2, December, 2015

                    Rui Tan and   
    Varun Badrinath Krishna and   
            David K. Y. Yau and   
            Zbigniew Kalbarczyk   Integrity Attacks on Real-Time Pricing
                                  in Electric Power Grids  . . . . . . . . 5:1--5:??
            Perry Alexander and   
                   Lee Pike and   
             Peter Loscocco and   
                   George Coker   Model Checking Distributed Mandatory
                                  Access Control Policies  . . . . . . . . 6:1--6:??
         Muhammad Qasim Ali and   
                  Ehab Al-Shaer   Randomization-Based Intrusion Detection
                                  System for Advanced Metering
                                  Infrastructure*  . . . . . . . . . . . . 7:1--7:??
              Stephen Chong and   
             Ron Van Der Meyden   Using Architecture to Reason about
                                  Information Security . . . . . . . . . . 8:1--8:??

ACM Transactions on Information and System Security
Volume 18, Number 3, April, 2016

               Asaf Shabtai and   
            Maya Bercovitch and   
                Lior Rokach and   
         Ya'akov (Kobi) Gal and   
              Yuval Elovici and   
                   Erez Shmueli   Behavioral Study of Users When
                                  Interacting with Active Honeytokens  . . 9:1--9:??
         Fabrice Benhamouda and   
                  Marc Joye and   
               Beno\^\iT Libert   A New Framework for Privacy-Preserving
                                  Aggregation of Time-Series Data  . . . . 10:1--10:??
                  Nan Zheng and   
              Aaron Paloski and   
                   Haining Wang   An Efficient User Verification System
                                  Using Angle-Based Mouse Movement
                                  Biometrics . . . . . . . . . . . . . . . 11:1--11:??

ACM Transactions on Information and System Security
Volume 18, Number 4, May, 2016

                Shouling Ji and   
                 Weiqing Li and   
          Mudhakar Srivatsa and   
             Jing Selena He and   
                   Raheem Beyah   General Graph Data De-Anonymization:
                                  From Mobility Traces to Social Networks  12:1--12:??
               Richard Shay and   
          Saranga Komanduri and   
             Adam L. Durity and   
      Phillip (Seyoung) Huh and   
        Michelle L. Mazurek and   
            Sean M. Segreti and   
                   Blase Ur and   
                 Lujo Bauer and   
           Nicolas Christin and   
            Lorrie Faith Cranor   Designing Password Policies for Strength
                                  and Usability  . . . . . . . . . . . . . 13:1--13:??
             Abdul Serwadda and   
               Vir V. Phoha and   
                  Zibo Wang and   
               Rajesh Kumar and   
                  Diksha Shukla   Toward Robotic Robbery on the Touch
                                  Screen . . . . . . . . . . . . . . . . . 14:1--14:??