%%% -*-BibTeX-*-
%%% ====================================================================
%%% BibTeX-file{
%%% author = "Jeremy Epstein",
%%% version = "1.05",
%%% date = "26 October 2010",
%%% time = "14:54:47 MDT",
%%% filename = "epstein.bib",
%%% address = "TRW Systems Division
%%% 1 Federal Systems Park Drive
%%% Fairfax, VA 22033
%%% USA",
%%% telephone = "+1 703 803 4947",
%%% checksum = "24168 343 1546 13512",
%%% email = "epstein at trwacs.fp.trw.com (Internet)",
%%% codetable = "ISO/ASCII",
%%% keywords = "bibliography, X Window System, security",
%%% license = "public domain",
%%% supported = "no",
%%% docstring = "This is a bibliography of Windowing Systems
%%% and Security, originally published in The X
%%% Resource, 4(1), 103--108, Fall 1992.
%%%
%%% The checksum field above contains a CRC-16
%%% checksum as the first value, followed by the
%%% equivalent of the standard UNIX wc (word
%%% count) utility output of lines, words, and
%%% characters. This is produced by Robert
%%% Solovay's checksum utility.",
%%% }
%%% ====================================================================
@Preamble{"\input path.sty"}
@TechReport{Bellcore:GRX92,
author = "Bellcore",
title = "Generic Requirements for {X} {Window} {System}
Security",
institution = "Framework Technical Advisory",
number = "FA-STS-991324",
month = jun # " 30",
year = "1992",
note = "Describes some of the problems associated with X in a
commercial environment, and specifies solutions
including Kerberos. Also talks about auditing in X.",
}
@TechReport{Boeing:XWE88,
author = "Boeing",
title = "{X} Windows Enhancements",
institution = "Boeing",
number = "Software Technology for Adaptable Reliable Systems
(STARS), Technical Report QTASK 13",
month = dec # " 23",
year = "1988",
note = "Probes issues in moving X from being written in C to
being written in Ada and some security enhancements
that could be made to the X server.",
}
@InProceedings{Carson:XMW90,
author = "Mark Carson and Janet Cugini",
title = "An {X11}-based {Multilevel} {Window} {System}
Architecture",
booktitle = "Proceedings of the Autumn 1990 EUUG Technical
Conference",
address = "Nice, France",
year = "1990",
note = "A preliminary architecture of the X portion of IBM's
CMW.",
}
@InProceedings{Carson:SWS89,
author = "Mark {Carson, et. al.}",
title = "Secure Window Systems for {UNIX}",
booktitle = "Proceedings of the USENIX Winter 1989 Conference",
address = "San Diego, CA, USA",
month = jan,
year = "1989",
note = "An architecture for a CMW based on Trusted XENIX and
a text-based windowing system. Also mentions some X
related issues.",
}
@InProceedings{Epstein:TXW90,
author = "Jeremy Epstein and Marvin Shugerman",
title = "A {Trusted} {X} {Window} {System} Server for
{Trusted} {Mach}",
booktitle = "Proceedings of the USENIX Mach Conference",
address = "Burlington, VT, USA",
month = oct,
year = "1990",
note = "This paper describes the initial architecture of the
Trusted X Window System prototype developed at TRW.
This paper was superseded by the paper at the Seventh
Annual Computer Security Applications Conference
\cite{Epstein:PBT91}.",
}
@InProceedings{Epstein:PTX90,
author = "Jeremy Epstein",
title = "A Prototype for {Trusted} {X} Labeling Policies",
booktitle = "Proceedings of the Sixth Annual Computer Security
Applications Conference",
address = "Tucson, AZ, USA",
month = dec,
year = "1990",
note = "A discussion of visible labeling issues, not specific
to X, but applicable to any windowing environment.",
}
@InProceedings{Epstein:TXI91,
author = "Jeremy Epstein and Jeffrey Picciotto",
title = "Trusting {X}: Issues in Building {Trusted} {X} Window
Systems -or- What's not Trusted About {X}?",
booktitle = "Proceedings of the 14th Annual National Computer
Security Conference",
address = "Washington, DC, USA",
month = oct,
year = "1991",
note = "A survey of the issues involved in building trusted X
systems, especially of the multi-level secure
variety.",
}
@Article{Epstein:IBT91,
author = "Jeremy Epstein and Jeffrey Picciotto",
title = "Issues in Building {Trusted} {X} {Window} {Systems}",
journal = "The X Resource",
volume = "1",
number = "1",
month = "Fall",
year = "1991",
note = "A revision of the previous paper
\cite{Epstein:TXI91}, aimed at an audience which is X
literate, but security ignorant.",
}
@InProceedings{Epstein:PBT91,
author = "Jeremy {Epstein, et. al.}",
title = "A Prototype {B3} {Trusted} {X} {Window} {System}",
booktitle = "Proceedings of the Seventh Annual Computer Security
Applications Conference",
address = "San Antonio, TX, USA",
month = dec,
year = "1991",
note = "The architecture for TRW's high assurance multi-level
secure X prototype.",
}
@InProceedings{Epstein:ETB92,
author = "Jeremy {Epstein, et. al.}",
title = "Evolution of a {Trusted} {B3} {Window} {System}
Prototype",
booktitle = "Proceedings of the 1992 IEEE Symposium on Research in
Security and Privacy",
address = "Oakland, CA, USA",
month = may,
year = "1992",
note = "The history of the design and tradeoffs taken in
TRW's prototype.",
}
@InProceedings{Faden:RCR91,
author = "Glenn Faden",
title = "Reconciling {CMW} Requirements with Those of {X11}
Applications",
booktitle = "Proceedings of the 14th Annual National Computer
Security Conference",
address = "Washington, DC, USA",
month = oct,
year = "1991",
note = "Architecture of the windowing portion of Sun's CMW.",
}
@TechReport{Graubart:CMW91,
author = "R. D. Graubart and J. L. Berger and J. P. L.
Woodward",
title = "Compartmented Mode, Workstation Evaluation Criteria,
Version 1",
number = "MTR 10953 (also published by the Defense Intelligence
Agency as document DDS-2600-6243-91)",
institution = "The MITRE Corporation",
address = "Bedford, MA, USA",
month = jun,
year = "1991",
note = "Revised requirements for the CMW, including a
description of what they expect for Trusted X.",
}
@TechReport{Khera:SXW90,
author = "Vivek Khera",
title = "The Secure {X} Window Server",
institution = "Microelectronics Center of North Carolina",
number = "TR90-54",
year = "1990",
note = "Description of Khera's Kerberized X Window Server
developed at MCNC. Also discusses security of X in
general. Available via anonymous ftp from
\path|cs.duke.edu:dist/papers/khera|.",
}
@InProceedings{Kurak:CNI92,
author = "Charles Kurak and John McHugh",
title = "A Cautionary Note on Image Downgrading",
booktitle = "Proceedings of the Eighth Annual Computer Security
Applications Conference",
address = "San Antonio, TX, USA",
month = dec,
year = "1992",
note = "A discussion of problems involved in viewing images,
particularly as it applies to multi-level windowing.",
}
@InProceedings{McIlroy:MWS88,
author = "D. McIlroy and J. Reeds",
title = "Multilevel Windows on a Single-level Terminal",
booktitle = "Proceedings of the (First) USENIX Security Workshop",
address = "Portland, OR, USA",
month = aug,
year = "1988",
note = "Describes a prototype of modifications to the
Teletype 5620 and driving software to allow
multi-level windows. Also explains some of the
limitations of the method.",
}
@InProceedings{Pascale:VWS92,
author = "Rita Pascale and Jeremy Epstein",
title = "Virtual Window Systems: {A} New Approach to
Supporting Concurrent Heterogeneous Windowing Systems",
booktitle = "Proceedings of the USENIX Summer 1992 Conference",
address = "San Antonio, TX, USA",
month = jul,
year = "1992",
note = "A generalization of TRW's prototype to non-security
applications.",
}
@InProceedings{Picciotto:TTC91,
author = "Jeffrey Picciotto",
title = "Towards Trusted Cut and Paste in the {X} {Window}
{System}",
booktitle = "Proceedings of the Seventh Annual Computer Security
Applications Conference",
address = "San Antonio, TX, USA",
month = dec,
year = "1991",
note = "A discussion of the security problems associated with
cut and paste in multi-level secure versions of X.",
}
@TechReport{Picciotto:TXW90,
author = "Jeffrey Picciotto",
title = "{Trusted} {X} {Window} {System}",
number = "MTP 288",
institution = "The MITRE Corporation",
month = feb,
year = "1990",
note = "A detailed explanation of MITRE's CMW prototype.",
}
@InProceedings{Picciotto:CTX92,
author = "Jeffrey Picciotto and Jeremy Epstein",
title = "A Comparison of {Trusted} {X} Security Policies,
Architectures, and Interoperability",
booktitle = "Proceedings of the Eighth Annual Computer Security
Applications Conference",
address = "San Antonio, TX, USA",
month = dec,
year = "1992",
note = "A survey of interoperability issues among CMWs and
the TRW prototype.",
}
@Unpublished{Rosenthal:LLI92,
author = "David S. H. Rosenthal",
title = "{LInX}---a {Less} {IN}secure {X} Server ({Sun}
{Microsystems} unpublished draft)",
year = "1992",
note = "An early architecture for Sun's CMW.",
}
@Unpublished{Rosenthal:XWS92,
author = "David S. H. Rosenthal",
title = "{X} Window Security System",
year = "1992",
note = "US patent 5,073,922, Describes implementation of
LInX.",
}
@InProceedings{Smith:TPF92,
author = "Mark Smith",
title = "Towards a Policy-Free Protocol Supporting a Secure
{X} {Window} {System}",
booktitle = "Proceedings of the 15th Annual National Computer
Security Conference",
address = "Baltimore, MD, USA",
month = oct,
year = "1992",
note = "A concept for improving interoperability among
Trusted X systems by separating the security policy
from the system implementation, thus allowing
pluggable security policies.",
}
@Article{Sheldrick:SXW92,
author = "Dennis Sheldrick",
title = "Security and the {X} {Window} {System}",
journal = "UNIX World",
month = jan,
year = "1992",
note = "A discussion of some of the security features in X,
and threats to X.",
}
@InProceedings{Smith-Thomas:SML89,
author = "Barbara Smith-Thomas",
title = "Secure Multi-Level Windowing in a {B1} Certifiable
Secure {UNIX} Operating System",
booktitle = "Proceedings of the USENIX Winter 1989 Conference",
address = "San Diego, CA, USA",
month = jan,
year = "1989",
note = "Describes the architecture of the multi-level version
of the AT\&T 630 graphics terminal. This terminal was
evaluated as part of AT\&T System V/MLS, which
received a B1 rating.",
}
@TechReport{Woodward:SRS87,
author = "J. P. L. Woodward",
title = "Security Requirements for System High and
Compartmented Mode Workstations",
number = "MTR 9992, Revision 1 (also published by the Defense
Intelligence Agency as document DDS-2600-5502-87)",
institution = "The MITRE Corporation",
address = "Bedford, MA, USA",
month = nov,
year = "1987",
note = "The original requirements for the CMW, including a
description of what they expect for Trusted X.",
}