Bibliografía

Next: Sobre este documento... Up: SEGURIDAD EN UNIX Y Previous: Conclusiones Índice General

Bibliografía

Age85: National Security Agency.
Magnetic Tape Degausser.
Technical Report L14-4-A, National Security Agency/Central Security Service, Octubre 1985.
AK96: Ross J. Anderson and Markus Kuhn.
Tamper resistance - a cautionary note.
In Proceedings of the 2nd USENIX Workshop on Electronic Commerce, pages 1-11. The USENIX Association, Noviembre 1996.
AKS96: Taimur Aslam, Ivan Krsul, and Eugene H. Spafford.
Use of a taxonomy of security faults.
Technical Report TR-96-051, Purdue University Department of Computer Science, 1996.
ALGJ98: Stefan Axelsson, Ulf Lindqvist, Ulf Gustafson, and Erland Jonsson.
An approach to Unix Security Logging.
In Proceedings of the 21st National Information Systems Security Conference, pages 62-75. National Institute of Standards and Technology/National Computer Security Center, Octubre 1998.
And94: Ross J. Anderson.
Why Cryptosystems Fail.
Communications of the ACM, 37:32-40, Noviembre 1994.
And97: Ross J. Anderson.
Tamperproofing of Chip Cards.
Enviado a la lista cypherpunks@cyberpass.net por William H. Geiger III en septiembre, 1997.
Ano97: Anonymous.
Maximum Security: a hacker´s guide to protecting your Internet site and network.
McMillan Computer Publishing, 1997.
ANS98: R. J. Anderson, R. M. Needham, and A. Shamir.
The Steganographic File System.
Lecture Notes in Computer Science, 1525:73-82, 1998.
Atk93: Derek A. Atkins.
Charon: Kerberos Extensions for Authentication over Secondary Networks.
PhD thesis, Department of Electrical Engineering and Computer Science, Massachusetts Institute of Technology, 1993.
B$^$85: Sheila L. Brand et al.
Department of Defense Trusted Computer System Evaluation Criteria.
Technical Report DOD 5200.28-STD, Department of Defense, Diciembre 1985.
B$^$88: Sue Berg et al.
Glossary of Computer Security Terms.
Technical Report NCSC-TG-004, National Computer Security Center, Octubre 1988.
Bac86: Maurice J. Bach.
The Design of the Unix Operating System.
Prentice Hall, 1986.
BAW96: F. Bouchier, J.S. Ahrens, and G. Wells.
Laboratory evaluation of the IriScan prototype biometric identifier.
Technical Report SAND96-1033, Sandia National Laboratories, Abril 1996.
BBD$^$96: Michael Beck, Harold Bohme, Mirko Dzladzka, Ulrich Kunitz, Robert Magnus, and Dirk Verworner.
Linux Kernel Internals.
Addison-Wesley, 1996.
BCOW94: John Barkley, Lisa Carnahan, Karen Olsen, and John Wack.
Improving security in a network environment.
In John Barkley, editor, Security in Open Systems, chapter 10. National Institute of Standards and Technology (NIST), Julio 1994.
Special Publication 800-7.
BD96: Matt Bishop and Michael Dilger.
Checking for race conditions in file accesses.
Computing System, 9(2):131-152, Primavera 1996.
Bel92: Steven M. Bellovin.
There be dragons.
In Proceedings of the Third USENIX Security Symposium, pages 1-16. The USENIX Association, Septiembre 1992.
Bel93a: Walter Belgers.
Unix password security, 1993.
Bel93b: Steven M. Bellovin.
Packets found on an internet.
Computer Communications Review, 23(3):26-31, Julio 1993.
BF99: Dirk Balfanz and Edward W. Felten.
Hand-held computers can be better smart cards.
In Proceedings of the 8th USENIX Security Symposium. The USENIX Association, Agosto 1999.
BGML96: W. Bender, D. Gruhl, N. Morimoto, and A. Lu.
Techniques for data hiding.
IBM Systems Journal, 35(3,4), 1996.
Bis86: Matt Bishop.
How to write a setuid program.
;login:, 12(1), Enero 1986.
Bis90: Matt Bishop.
A Security Analysis of the NTP Protocol, 1990.
Bis91: Matt Bishop.
A proactive password checker.
In D.T. Lindsay and W.L. Price, editors, Proceedings of the 7th International Conference on Information Security, pages 150-158, Mayo 1991.
Bis92: Matt Bishop.
Anatomy of a proactive password changer.
In Proceedings of USENIX Unix Security III. The USENIX Association, 1992.
Bis95: Matt Bishop.
Race conditions, files and security flaws; or the tortoise and the hare redux.
Technical Report CSE-95-8, University of California at Davis, 1995.
BK95: Matt Bishop and Daniel V. Klein.
Improving system security via proactive password checking.
Computers & Security, 14(3):233-249, 1995.
Bla93: Matt Blaze.
A Cryptographic File System for Unix.
In Proceedings of the 1st ACM Conference on Computer and Communications Security, pages 9-16. ACM, Noviembre 1993.
BM91: Steven M. Bellovin and Michael Merritt.
Limitations of the Kerberos Authentication System.
In Proceedings of the Winter 1991 USENIX Conference, pages 253-267. The USENIX Association, Enero 1991.
C$^$91: Dave Curry et al.
RFC1244: Site Security Handbook.
Internet Activities Board, Julio 1991.
C$^$98: Crispin Cowan et al.
StackGuard: automatic adaptative detection and prevention of buffer-overflow attacks.
In Proceedings of the 7th USENIX Security Symposium. The USENIX Association, Enero 1998.
CA97a: Bryan Costales and Eric Allman.
Sendmail.
O´Reilly & Associates, 2nd edition, Enero 1997.
CA97b: Bryan Costales and Eric Allman.
Sendmail Desktop Reference.
O´Reilly & Associates, Marzo 1997.
Cab96: Pino Caballero.
Introducción a la Criptografía.
Ra-Ma, 1996.
Caj82: Valentin Sanz Caja.
Vulnerabilidad y seguridad de los sistemas informáticos.
Fundación Citema, 1982.
CB94: William R. Cheswick and Steven M. Bellovin.
Firewalls and Internet Security: Repelling the wily hacker.
Addison Wesley, 1994.
CC86: D.B. Cornish and R. V. Clarke.
The Reasoning Criminal: Rational Choice Perspectives on Offending.
Springer-Verlag, 1986.
CDK94: G.F. Couloris, J. Dollimore, and T. Kindberg.
Distributed Systems. Concepts and design.
Addison Wesley, 2nd edition, 1994.
CDM97: Rémy Card, Eric Dumas, and Frack Mével.
Programación Linux 2.0: API de sistema y funcionamiento del núcleo.
Eyrolles, 1997.
Cen91: National Computer Security Center.
Data Remanence in Automated Information Systems.
Technical Report NCSC-TG-025, National Computer Security Center, Septiembre 1991.
CER99: CERT.
CERT Advisory CA-99-02. Trojan Horses.
Technical report, Computer Emergency Response Team, Marzo 1999.
CES91: CESID.
Glosario de términos de Criptología.
Centro Superior de Información de la Defensa, 1991.
CH99: Stephen Ciullo and Daniel Hinojosa.
HP-UX kernel tuning and performance guide.
http://www.hp.com/techpartners/tuning.html, 1999.
Cha92: D. Brent Chapman.
Network (In)Security through IP packet filtering.
In Proceedings of the third USENIX Security Symposium, pages 63-76. The USENIX Association, Septiembre 1992.
Che92: William R. Cheswick.
An evening with Berferd, in which a cracker is lured, endured, and studied.
In Proceedings of the Winter USENIX Conference. The USENIX Association, Enero 1992.
CHN$^$92: Andrew Cherry, Mark W. Henderson, William K. Nickless, Robert Olson, and Gene Rackow.
Pass or fail: A new test for password legitimacy, 1992.
CHS91: Bruce Corbridge, Robert Henig, and Charles Slater.
Packet filtering in an IP router.
In Proceedings of the Fifth LISA Conference, pages 227-232. The USENIX Association, Octubre 1991.
Coh84: Fred Cohen.
Computer viruses: theory and experiments.
In 7th DoD/NBS Computer Security Conference Proceedings, pages 240-263, Septiembre 1984.
CoIST99: National Research Council Committee on Information Systems Trustworthiness.
Trust in Cyberspace.
National Academy Press, 1999.
Com88: Apollo Computer.
Managing SysV System Software.
Technical Report 010851-A00, Apollo Computer, Inc. (Hewlett Packard), Junio 1988.
Cow92: Randle Cowcher.
Physical Security.
In Keith M. Jackson and Jan Hruska, editors, Computer Security Reference Book, chapter 24, pages 311-332. Butterworth-Heinemann, 1992.
CR94: Kaare Christian and Susan Richter.
The Unix Operating System.
John Wiley & Sons, 1994.
CWP$^$00: Crispin Cowan, Perry Wagle, Calton Pu, Steve Beattie, and Jonathan Walpole.
Buffer Overflows: Attacks and Defenses for the Vulnerability of the Decade.
In Proceedings of the SANS 2000 Conference. The SANS Institute, 2000.
CZ95: D. Brent Chapman and Elizabeth D. Zwicky.
Building Internet Firewalls.
O´Reilly & Associates, 1st edition, Noviembre 1995.
dA88: Ana Maria de Alvaré.
How crackers crack passwords, or what passwords to avoid.
Technical Report UCID-21515, Lawrence Livermore National Laboratory, Septiembre 1988.
Dau97: John Daugman.
Iris recognition for personal identification, 1997.
Dau98: John Daugman.
Recognizing persons by their iris patterns.
In Biometrics: Personal Identification in Networked Society, pages 103-121. Kluwer, 1998.
Den83: Dorothy Denning.
Cryptography and Data Security.
Addison-Wesley, 1983.
Den90: P. Denning.
Computers under attack.
ACM Press, 1990.
DFW96: Drew Dean, Edward W. Felten, and Dan S. Wallach.
Java Security: from HotJava to Netscape and beyond.
In Proceedings of the IEEE Symposium on Security and Privacy, 1996.
DH76: W. Diffie and M. E. Hellman.
New directions in cryptography.
IEEE Transactions on Information Theory, IT-22:644-654, Noviembre 1976.
DH77: W. Diffie and M.E. Hellman.
Exhaustive cryptanalysis of the NBS data encryption standad.
Computer, 10(6):74-84, Junio 1977.
Dik99: Casper Dik.
Solaris 2 FAQ, Octubre 1999.
ftp://ftp.wins.uva.nl/pub/solaris/.
DP84: D. W. Davies and W. L. Price.
Security for Computer Networks: An Introduction to Data Security in Teleprocessing and Electronic Funds Transfer.
John Wiley and Sons, New York, 1984.
Duf89: Tom Duff.
Experience with viruses on UNIX systems.
In USENIX Computing Systems, volume 2, 1989.
ER89: M.W. Eichin and J.A. Rochlis.
With microscope and tweezers: An analysis of the Internet Virus of November 1988.
In IEEE Security and Privacy, pages 326-343, 1989.
Eve92: David Everett.
Identity verification and biometrics.
In Keith M. Jackson and Jan Hruska, editors, Computer Security Reference Book, chapter 10, pages 37-73. Butterworth-Heinemann, 1992.
Fen99: Carole Fennelly.
The human side of computer security.
SunWorld, Julio 1999.
Fis95: John Fisher.
Securing X Windows.
Technical Report CIAC-2316 R.0, Department of Energy Computer Incident Advisory Capability - CIAC, Agosto 1995.
FK90: David C. Feldmeirer and Philip R. Karn.
UNIX password security - ten years later.
In G. Brassard, editor, CRYPTO89, pages 44-63. Springer-Verlag, 1990.
Lecture Notes in Computer Science No. 435.
FPA98: Dan Farmer, Brad Powell, and Matthew Archibald.
Titan.
In Proceedings of the 12th Systems Administration Conference - LISA´98. The USENIX Association, Diciembre 1998.
Fre98: Martin Freiss.
Protecting networks with SATAN.
O'Reilly & Associates, 1st edition, Mayo 1998.
Fri95: Æleen Frisch.
Essential System Administration.
O´Reilly & Associates, 1995.
G$^$93: Virgil D. Gligor et al.
A Guide to understanding Covert Channel Analysis of Trusted Systems.
Technical Report NCSC-TG-030, National Computer Security Center, Noviembre 1993.
Gal96a: Miguel Ángel Gallardo.
Informatoscopia y tecnología forense.
In Ámbito Jurídico de las Tecnologías de la Información. Consejo General del Poder Judicial, 1996.
Gal96b: Miguel Ángel Gallardo.
Seguridad (e inseguridad) en Java.
Seguridad en Informática y Comunicaciones, (20), Junio 1996.
Gal96c: Peter Galvin.
Controlling ACLs.
SunWolrd, Agosto 1996.
Gar95: Simson Garfinkel.
PGP: Pretty Good Privacy.
O'Reilly & Associates, Enero 1995.
GC94: Berny Goodheart and James Cox.
The Magic Garden Explained: The Internals of Unix System V Release 4, an Open Systems Design.
Prentice Hall, 1994.
GKK97: Eric Guerrino, Mike Kahn, and Ellen Kapito.
User authentication and encryption overview, 1997.
Gon97: Marcus Goncalves.
Firewalls Complete.
McGrawHill, 1997.
Gon99: Marcus Goncalves.
Check Point Firewall-1 Administration Guide.
McGrawHill, 1999.
GS96: Simson Garfinkel and Eugene H. Spafford.
Practical Unix & Internet Security.
O'Reilly & Associates, 2nd edition, Abril 1996.
GS97: Simson Garfinkel and Eugene H. Spafford.
Web Security & Commerce.
O'Reilly & Associates, 1st edition, Junio 1997.
GSTY96: H. Gobioff, S. Smith, J.D. Tygar, and B. Yee.
Smart cards in hostile environments.
In Proceedings of the 2nd USENIX Workshop on Electronic Commerce. The USENIX Association, Noviembre 1996.
Gun96: Shishir Gundavaram.
CGI Programming on the World Wide Web.
O'Reilly & Associates, 1st edition, Marzo 1996.
GUQ92: Louis Claude Guillou, Michel Ugon, and Jean-Jacques Quisquater.
The smart card - a standardized security device dedicated to public cryptology.
In Contemporary Cryptology - The Science of Information Integrity, pages 561-614. IEEE Press, 1992.
Gut96: Peter Gutmann.
Secure deletion of data from magnetic and solid-state memory.
In Sixth USENIX Security Symposium Proceedings. The USENIX Association, Julio 1996.
Hal94: Neil Haller.
The S/KEY one time password system.
In Proceedings of the ISOC Symposium on network and distributed systems security, Febrero 1994.
HC83: Richard C. Hollinger and John P. Clark.
Theft by Employees.
Lexington Books, 1983.
Hig88: H.J. Highland.
Electromagnetic Eavesdropping Machines for Christmas?
Computers and Security, 7(4), 1988.
HJAW88: Matthew S. Hecht, Abhai Johri, Radhakrishna Aditham, and T. John Wei.
Experience adding C2 Security Features to Unix.
In USENIX Conference Proceedings, pages 133-146. The USENIX Association, Verano 1988.
Hu91: W. M. Hu.
Reducing timing channels with fuzzy time.
In Proceedings of the 1991 Symposium on Research in Security and Privacy, pages 8-20. IEEE Computer Society, Mayo 1991.
Hun92: Craig Hunt.
TCP/IP Network Administration.
O´Reilly & Associates, 1992.
Huo98: Simo Huopio.
Biometric Identification.
In Seminar on Network Security: Authorization and Access Control in Open Network Environment, 1998.
Ins97: Shawn Instentes.
Stack Smashing: What to do?
;login:, 22(2), Abril 1997.
ISV95: David Icove, Karl Seger, and William VonStorch.
Computer Crime. A Crimefighter's handbook.
O'Reilly & Associates, 1995.
JTY97: Philippe Janson, Gene Tsudik, and Moti Yung.
Scalability and flexibility in authentication services: The KryptoKnight Approach.
In Proceedings of INFOCOM´97. IEEE Computer Society, 1997.
JZRT99: Karen Johnson, Jeffrey B. Zurschmeide, John Raithel, and Bill Tuthill.
IRIX admin: backup, security and accounting.
Technical Report 007-2862-004, Silicon Graphics, Inc., 1999.
Kah67: David Kahn.
The Codebreakers.
McMillan, 1967.
Kat88: J. Katz.
Seductions of Crime: Moral and Sensual Attractions in Doing Evil.
Basic Books, 1988.
KI99: Gershon Kedem and Yuriko Ishihara.
Brute force attack on Unix passwords with SIMD computer.
In Proceedings of the 8th USENIX Security Symposium. The USENIX Association, Agosto 1999.
Kir95: Olaf Kirch.
The Linux Network Administrators´ Guide.
O´Reilly & Associates, 1995.
KK92: David Koblas and Michelle Koblas.
Socks.
In Proceedings of the Third Unix Security Symposium, pages 77-83. The USENIX Association, Septiembre 1992.
Kle90: Daniel V. Klein.
Foiling the cracker: A survey of, and improvements to, password security.
In Unix Security Workshop, pages 5-14. The USENIX Association, Agosto 1990.
KMM95: R. Kohno, R. Meidan, and L.B. Milstein.
Spread Spectrum Access Methods for Wireless Communications.
IEEE Communications Magazine, 33:58-67, Enero 1995.
KP84: Brian W. Kernighan and Rob Pike.
The Unix Programming Environment.
Prentice Hall, 1984.
KS93: Gene H. Kim and Eugene H. Spafford.
The design and implementation of Tripwire: A file system integrity checker.
Technical Report CSD-TR-93-071, Purdue University, Noviembre 1993.
KS94a: Gene H. Kim and Eugene H. Spafford.
Experiences with Tripwire: using integrity checkers for intrusion detection.
In Systems Administration, Networking and Security Conference III. The USENIX Association, Abril 1994.
KS94b: Gene H. Kim and Eugene H. Spafford.
Writing, supporting and evaluating Tripwire: a publically available security tool.
In Proceedings of the USENIX Applications Development Symposium. The USENIX Association, 1994.
KT97: Micki Krause and Harold F. Tipton.
Handbook of Information Security Management.
CRC Press LLC, 1997.
Lam73: B. W. Lampson.
A note on the Confinement Problem.
Communications of the ACM, 16(10):613-615, Octubre 1973.
Lam81: Leslie Lamport.
Password authentication with insecure communication.
Communications of the ACM, 24(11):770-772, Noviembre 1981.
Lap91: J.C. Laprie.
Dependability: Basic concepts and terminology.
Springer-Verlag, 1991.
LBMC94: Carl E. Landwher, Alan R. Bull, John P. McDermott, and William S. Choi.
A taxonomy of computer program security flaws, with examples.
ACM Computing Surveys, 3(26), Septiembre 1994.
Lip75: Steven B. Lipner.
A note on the Confinement Problem.
Operating Systems Review, 9(5):192-196, Noviembre 1975.
MA94: Roger Merckling and Anne Anderson.
RFC 57.0: Smart Card Introduction, Marzo 1994.
Man91: Jason Manger.
Unix: The complete book.
Sigma Press, 1991.
Man96: U. Manber.
A simple scheme to make passwords based on One-Way functions much harder to crack.
Computers & Security, 15(2):171-176, 1996.
Mar88a: John Markhoff.
Author of computer `virus' is son of U.S. electronic security expert.
The New York Times, 5 Noviembre 1988.
Mar88b: John Markhoff.
A family´s passion for computers, gone sour.
The New York Times, 11 Noviembre 1988.
McH95: John McHugh.
Covert channel analysis.
In Handbook for the Computer Security Certification of Trusted Systems. Naval Research Laboratory, Enero 1995.
McI89: M. Douglas McIlroy.
Virology 101.
In USENIX Computing Systems, volume 2, 1989.
McM97: Dave McMordie.
Texture analysis of the human iris for high security authentication.
Technical Report Image Processing 304-529, Department of Electrical Engineering, McGill University, Diciembre 1997.
Mel97: Mark K. Mellis.
Surprises in the DMZ.
;login:, 22(1), Febrero 1997.
Men98: Phunda Menta.
Linux and random source bleaching.
Phrack Magazine, 8(54), 1998.
Mey89: Gordon R. Meyer.
The Social Organization of the Computer Underground.
PhD thesis, Northern Illinois University, 1989.
MF96: Gary McGraw and Edward Felten.
Java Security: Hostile Applets, Holes and Antidotes.
John Wiley and Sons, 1996.
MFS90: Barton P. Miller, Lars Fredriksen, and Bryan So.
An empirical study of the reliability of Unix utilities.
Communications of the ACM, 33(12):32-44, Diciembre 1990.
MK94: Ira S. Moskowitz and Myong H. Kang.
Covert Channels - Here to Stay?
In Proceedings of COMPASS´94, pages 235-243. IEEE Press, Junio 1994.
MK99: Andrew D. McDonald and Markus G. Kuhn.
StegFS: A Steganographic File System for Linux.
In Andreas Pfitzmann, editor, Information Hiding, pages 461-475. Springer-Verlag, 1999.
MKL$^$95: Barton P. Miller, David Koski, Cjin Pheow Lee, Vivekananda Maganty, Ravi Murthy, Ajitkumar Natarajan, and Jeff Steidl.
Fuzz revisited: A re-examination of the reliability of Unix utilities and services.
ftp://grilled.cs.wisc.edu/technical_papers/fuzz-revisited.ps, 1995.
MNSS87: S.P. Miller, B.C. Neuman, J.I. Schiller, and J.H. Saltzer.
Kerberos Authentication and Authorization System.
In Project Athena Technical Plan, chapter E.2.1. Massachusetts Institute of Technology, Diciembre 1987.
Mog89: Jeffrey C. Mogul.
Simple and flexible datagram access control for Unix-based gateways.
In Proceedings of the USENIX Summer Conference, pages 203-221. The USENIX Association, 1989.
Mou00: Gerhard Mourani.
Get acquainted with Linux Security and Optimization System.
Technical report, Open Network Architecture, Enero 2000.
MPS$^$93: Sead Muftic, Ahmed Patel, Peter Sanders, Rafael Colon, Jan Heijnsdijk, and Unto Pulkkinen.
Security in Open Systems.
John Wiley and Sons, 1993.
MS94: Gina Miscovitch and David Simons.
The SCO Performance Tuning Handbook.
Prentice Hall, 1994.
MS98: Nimisha V. Mehta and Karen R. Sollins.
Expanding and extending the security features of Java.
In Proceedings of the 7th USENIX Security Symposium. The USENIX Association, Enero 1998.
MT79: Robert Morris and Ken Thompson.
Password security: A case history.
Communications of the ACM, 22(11), Noviembre 1979.
MTHZ92: Refik Molva, Gene Tsudik, Els Van Herrenweghen, and Stefano Zatti.
KryptoKnight Authentication and Key Distribution Service.
In Proceedings of ESORICS 92, Octubre 1992.
MvOV96: Alfred J. Menezes, Paul C. van Oorschot, and Scott A. Vanstone.
Handbook of Applied Cryptography.
CRC Press, Octubre 1996.
NS78: R.M. Needham and M.D. Schroeder.
Using encryption for authentication in large networks of computers.
Communications of the ACM, 21(12):993-999, Diciembre 1978.
NSS89: Evi Nemeth, Garth Snyder, and Scott Seebass.
Unix System Administration Handbook.
Prentice Hall, 1989.
Olo92: Tomas Olovsson.
A structured approach to computer security.
Technical Report 122, Chalmers University of Technology, 1992.
One96: Aleph One.
Smashing the stack for fun and profit.
Phrack Magazine, 7(49), Noviembre 1996.
Org88: International Standards Organization.
Information Processing Systems - OSI RM.
Technical Report 97 7498-2, ISO/TC, 1988.
Part 2: Security Architecture.
oS80: National Bureau of Standars.
DES Modes of Operation.
Technical Report NBS FIPS PUB 81, U.S. Department of Commerce, Dicembre 1980.
oST84: National Institute of Standards and Technology.
Digital Signature Standard.
Technical Report NIST FIPS PUB 185, U.S. Department of Commerce, Mayo 1984.
OT88: Tim O´Reilly and Grace Todino.
Managing UUCP and UseNet.
O'Reilly & Associates, Marzo 1988.
otUAH90: Department of the US Army Headquarters.
Basic cryptanalysis.
Technical Report FM-34-40-2, United States Army, Septiembre 1990.
P$^$94: Susan Peppard et al.
Unix Unleashed.
Sams Publishing, 1st edition, 1994.
Par81: Donn B. Parker.
Computer Security Management.
Prentice Hall, 1981.
Par94: Donn B. Parker.
Demonstrating the elements of information security with threats.
In Proceedings of the 17th National Computer Security Conference, pages 421-430, 1994.
Par98: William Parkhurst.
Cisco Router OSPF Design and Implementation Guide.
McGrawHill, 1998.
PB93: W. Timothy Polk and Lawrence E. Bassham.
Security issues in the Database Language SQL, Julio 1993.
Pfl97: Charles P. Pfleeger.
Security in computing.
Prentice Hall, 1997.
Phi97: Ken Phillips.
Biometric identification comparison chart.
PC Week, Marzo 1997.
Pit00: Jesús Pita.
La tarjeta inteligente como medio de identificación electrónica y acceso a servicios de seguridad: la experiencia de la FNMT-RCM.
Seguridad en Informática y Comunicaciones, (39), Abril 2000.
PK91: P.A. Porras and R.A. Kemmerer.
Analyzing covert storage channels.
In Proceedings of the 1991 Symposium on Research in Security and Privacy, pages 36-51. IEEE Computer Society, Mayo 1991.
Pla83: José Plans.
La pratique de l´audit informatique.
Eyrolles, 1983.
Pla99: Plasmoid.
Attacking Solaris with loadable kernel modules.
http://www.infowar.co.uk/thc/, 1999.
PN92: Norman E. Proctor and Peter G. Neumann.
Architectural implications of Covert Channels.
In Proceedings of the 15th National Computer Security Conference, pages 28-43, Octubre 1992.
PPK93: Pinkas, Parker, and Kaijser.
SESAME: An Introduction, 1993.
Pra99a: Pragmatic.
Attacking FreeBSD with Kernel Modules.
http://www.infowar.co.uk/thc/, Junio 1999.
Pra99b: Pragmatic.
Complete Linux Loadable Kernel Modules.
http://www.infowar.co.uk/thc/, Marzo 1999.
RA94: Marcus J. Ranum and Frederick M. Avolio.
A toolkit and methods for internet firewalls.
In Proceedings of the Technical Summer Conference, pages 37-44. The USENIX Association, Junio 1994.
Rad92: Peter V. Radatti.
Computer virus awareness for UNIX.
NCSA News, 3:8, Mayo 1992.
Rad93: Peter V. Radatti.
The plausibility of UNIX virus attacks.
Technical report, Cybersoft, Inc., 1993.
Rad95: Peter V. Radatti.
Computer viruses in Unix networks.
Technical report, Cybersoft, Inc., 1995.
Rad97: Peter V. Radatti.
MrMean the hacker.
;login:, Octubre 1997.
Ran93: Marcus J. Ranum.
Thinking about Firewalls.
In Proceedings of the Second SANS Conference, Abril 1993.
Ran95: Marcus J. Ranum.
Firewalls Frequently Asked Questions, 1995.
RCG96: A. Ribagorda, A. Calvo, and M.A. Gallardo.
Seguridad en Unix: Sistemas Abiertos e Internet.
Paraninfo, 1996.
Rei89: N. Reichman.
Breaking confidences: Organizational influences on insider trading.
The Sociological Quarterly, 30:185-204, 1989.
Rit86: Dennis M. Ritchie.
On the security of UNIX.
In UNIX System Manager's Manual, 4.3 BSD, Virtual VAX-11 Version, pages 17:1-3. University of California, Berkeley, CA, Abril 1986.
Riv90: Ron Rivest.
The MD4 message digest algorithm.
In Crypto´90 Abstracts, pages 281-291, Agosto 1990.
Riv92: Ron Rivest.
The MD5 message digest algorithm, Abril 1992.
Internet Request for Comments 1321.
Rob94: Andrew T. Robinson.
Internet Firewalls: An Introduction.
Technical report, NetMAINE, P.O. BOX 8258, Portland, ME 04104-8258, USA, 1994.
Rou96: Route.
Project Loki: ICMP Tunnelling.
Phrack Magazine, 7(49), Noviembre 1996.
Row96: Craig H. Rowland.
Covert Channels in the TCP/IP Protocol Suite, 1996.
Roy88: Mike Royko.
Here´s how to stop computer vandals.
The Chicago Tribune, 7 Noviembre 1988.
Rus99: Paul Russell.
Linux ipchains HOWTO, v. 1.0.7.
http://www.rustcorp.com/linux/ipchains/, 1999.
RW84: James A. Reeds and Peter J. Weinberger.
File security and the UNIX system crypt command.
AT&T Bell Labs Technical Journal, 63(8):1673-1683, Octubre 1984.
Sal90: A. Salomaa.
Public Key Cryptography.
Springer-Verlag, 1990.
SBL90: Corey Sandler, Tom Badgett, and Larry Lefkowitz.
VAX Security: Protecting the System and the Data.
John Wiley and Sons, 1990.
Sch94: Bruce Schneier.
Applied Cryptography: Protocols, Algorithms and Source Code in C.
John Wiley & Sons, 1994.
Sch97: John Schimmel.
A historical look at firewall technologies.
;login:, 22(1), Febrero 1997.
See89: Donn Seeley.
A tour of the Worm.
In Proceedings of 1989 Winter USENIX Conference. USENIX Association, Febrero 1989.
Sei99: Kurt Seifried.
Linux Administrator´s Security Guide.
http://www.securityportal.com/lasg/, 1999.
Sem96: Chuck Semeria.
Internet Firewalls and Security.
Technical report, 3Com, 1996.
Ser91: Omri Serlin.
SVR4 may become the first truly secure Unix.
UNIXWORLD, VIII(11):39-40, Noviembre 1991.
SH82: John F. Shoch and Jon A. Hupp.
The worm programs - early experience with a distributed computation.
Communications of the ACM, 25(3):172-180, Marzo 1982.
SH95: Karanjit Siyan and Chris Hare.
Internet y seguridad en redes.
Prentice Hall, 1995.
Sha49: C. E. Shannon.
Communication theory of secrecy systems.
Bell Systems Technology Journal, 28:657-715, 1949.
Sho00: Adam Shostack.
Security code review guidelines, 2000.
Sim90: Steve Simmons.
Life without root.
In Proceedings of the 4th Systems Administration Conference - LISA´90. The USENIX Association, Octubre 1990.
SK98: Bruce Schneier and John Kelsey.
Cryptographic support for secure logs on untrusted machines.
In Proceedings of the 7th USENIX Security Symposium. The USENIX Association, Enero 1998.
SM70: Gresham Sykes and David Matza.
Techniques of Neutralization: A Theory of Delinquency.
In Marvin E. Wolfgang et al., editors, The Sociology of Crime and Delinquency, pages 292-299. John Wiley and Sons, 2nd edition, 1970.
Smi92: Martin Smith.
Personnel Security.
In Keith M. Jackson and Jan Hruska, editors, Computer Security Reference Book, chapter 33, pages 417-436. Butterworth-Heinemann, 1992.
Smi97: Nathan P. Smith.
Stack Smashing Vulnerabilities in the Unix Operating System, 1997.
http://millcomm.com/~nate/machines/security/stack-smashing/.
Smu90: Peter Smulders.
The Threat of Information Theft by Reception of Electromagnetic Radiation from RS-232 Cables.
Computers and Security, 9(1), 1990.
Spa88: Eugene H. Spafford.
The Internet Worm program: An analysis.
Technical Report CSD-TR-823, Purdue University Department of Computer Science, 1988.
Spa89: Eugene H. Spafford.
The Internet Worm: Crisis and aftermath.
Communications of the ACM, 32(6):678-687, 1989.
Spa91a: Eugene H. Spafford.
The Internet Worm incident.
Technical Report CSD-TR-933, Purdue University Department of Computer Science, 1991.
Spa91b: Eugene H. Spafford.
OPUS: Preventing weak password choices.
In Proceedings of the 14th National Computer Security Conference, pages 446-455, Octubre 1991.
Ste90: W. Richard Stevens.
Unix Network Programming.
Prentice Hall, 1990.
Ste94: W. Richard Stevens.
TCP/IP Illustrated Volume I: The Protocols.
Addison Wesley, 1994.
Ste98: Ingo Stengel.
Security architectures based on active firewall components, 1998.
FH-Darmstadt.
Sto89: Cliff Stoll.
The Cuckoo's Egg.
Doubleday, 1989.
Swi92: Peter Swinbank.
Electromagnetic Radiation.
In Keith M. Jackson and Jan Hruska, editors, Computer Security Reference Book, chapter 11, pages 75-90. Butterworth-Heinemann, 1992.
Tan91: Andrew Tanenbaum.
Operating Systems: Design and Implementation.
Prentice Hall, 1991.
Tan95: Andrew Tanenbaum.
Distributed Operating Systems.
Prentice Hall, 1995.
Tho84: Ken Thompson.
Refections on trusting trust.
Communications of the ACM, 27(8), Agosto 1984.
Tom94: Chris Tomlinson.
A Practical Guide to Solaris Security.
Technical report, Sun Microsystems (UK), Marzo 1994.
TW93: G. Winfield Treese and Alec Wolman.
X through the firewall, and other applications relays.
In Proceedings of the USENIX Summer Conference. The USENIX Association, Junio 1993.
TY82: Rebecca Thomas and Jean Yates.
A User Guide to the Unix System.
McGrawHill, 1982.
vE85: Wim van Eck.
Electromagnetic Radiation from Video Display Units: An Eavesdropping Risk?
Computers and Security, 4(4), 1985.
Ven92: Wietse Venema.
TCP Wrapper: Network monitoring, access control and booby traps.
In Proceedings of the 3rd USENIX Unix Security Symposium, pages 85-92. The USENIX Association, Septiembre 1992.
Vic94: Bob Vickers.
Guide to safe X, Febrero 1994.
vKPG97: Robert van Kralingen, Corien Prins, and Jan Grijpink.
Using your body as a key: legal aspects of biometrics, 1997.
vSS98: Carl van Schaik and Paul Smeddle.
A Steganographic File System Implementation for Linux.
Technical report, University of Cape Town (South Africa), Octubre 1998.
vSTO94: R. G. van Schyndel, A. Z. Tirkel, and C. F. Osborne.
A digital watermark.
In International Conference on Image Processing, volume 2, pages 86-90. IEEE, 1994.
WC94: John P. Wack and Lisa J. Carnahan.
Keeping your site comfortably secure: an introduction to Internet Firewalls.
Technical report, National Institute of Standards and Technology (NIST), Diciembre 1994.
Special Publication 800-10.
WD95: Ira S. Winkler and Brian Dealy.
Information security technology?...Don´t rely on it. A case study in social engineering.
In Proceedings of the 5th USENIX Unix Security Symposium. The USENIX Association, Junio 1995.
Wra91a: J.C. Wray.
An analysis of covert timing channels.
In Proceedings of the 1991 Symposium on Research in Security and Privacy, pages 2-7. IEEE Computer Society, Mayo 1991.
Wra91b: J.W. Wray.
Toward a mathematical foundation for information flow security.
In Proceedings of the 1991 Symposium on Research in Security and Privacy, pages 21-34. IEEE Computer Society, Mayo 1991.
Wre98: Dave Wreski.
Linux Security Administrator´s Guide.
http://nic.com/~dave/Security/, 1998.
Ylo96: Tatu Ylonen.
SSH - Secure login connetions over the Internet.
In Proceedings of the 6th USENIX Security Symposium, pages 37-42. The USENIX Association, Julio 1996.
Zim95a: Phil Zimmermann.
The Official PGP User´s Guide.
M.I.T. Press, 1995.
Zim95b: Phil Zimmermann.
PGP: Source Code and Internals.
M.I.T. Press, 1995.
Zur94: Jeffrey B. Zurschmeide.
IRIX Advanced Site and Server Administration Guide.
Technical Report 007-0603-100, Silicon Graphics, Inc., 1994.