This report summarizes the presentations of the 6th IEEE Enterprise Security Workshop. The workshop included twenty presentations, one invited talk and on discussion session. The presentations are divided into the following categories, representing a broad range of topics: Intrusion detection and system security; Access control, Anonymity, Environment and frameworks, Key recovery, Key management and protocols, Privacy and law. The invited talk was given by Distinguished Engineer of Sun Microsystems, Radia Perlman, on the topic of IPSec key exchange standards. A lively discussion session was organized by program co-chair Germano Carroni on the topic of future of firewall. In this report, we intend to highlight interesting and provocative topics that generated the most discussions in each session. We hope it serves as thought provoking questions that are seeking answers from the readers. In addition, we hope this summary report can be used to provide some additional information for the readers when reading the technical papers. The titles and authors of the presented papers are not repeated in the following summary. The reader is advised to refer to the presentation agenda which can be found at the WETICE 2001 website.
[1]
Jerome H. Saltzer,et al.
The protection of information in computer systems
,
1975,
Proc. IEEE.
[2]
M. E. N. Smith.
TITLES OF ARTICLES
,
1961
.
[3]
G. Lowe,et al.
Breaking and Fixing the Needham-Schroeder Public-Key Protocol using CSP and FDR
,
1996
.
[4]
R. C. Linger.
Panel: Issues in Requirements Definition for Survivable Systems
,
1998
.
[5]
Martín Abadi,et al.
A logic of authentication
,
1990,
TOCS.
[6]
Matt Bishop,et al.
Property-based testing: a new approach to testing for assurance
,
1997,
SOEN.