Skip to main content

Reading List

Center for Information Security Research and Education

General Reading Lists for Students

Government Jobs Reading List



Trusted Internet Connections (TIC)


Continuous Diagnostics and Mitigation (Not to be confused with Continuous Monitoring as CDM is a subset)

Academic Papers (from UC Davis, Purdue and SMU repositories)

Historical Papers

  1. Ware, W., Security Controls for Computer Systems: Report of Defense Science Board Task Force on Computer Security, Rand Report R609-1 (Feb. 1970) [PDF]
    • The paper that started it all, first raising computer security as a problem
  2. Anderson, J. P., Computer Security Technology Planning Study, ESD-TR-73-51, ESD/AFSC, Hanscom AFB, Bedford, MA (Oct. 1972) [NTIS AD-758 206]; Volumes I [PDF] and II [PDF]
    • Seminal paper on computer security mechanisms. Volume II report of the work of the Computer Security Technology Planning Study Panel. Presents details supporting the recommended development plan.
  3. Anderson, J. P., Computer Security Threat Monitoring and Surveillance, James P. Anderson Co., Fort Washington, PA (1980) [PDF]
    • Seminal paper on the use of auditing and logging for security. This is a final report of a study, the purpose of which was to improve the computer security auditing and surveillance capability of the customer’s system
  4. Bell, D. E., and La Padula, L., Secure Computer System: Unified Exposition and Multics Interpretation, ESD-TR-75-306, ESD/AFSC, Hanscom AFB, Bedford, MA (1975) [DTIC AD-A023588] [PDF]
    • Presents a unified narrative exposition of the ESD/MITRE computer security model.
  5. Biba, K., Integrity Considerations for Secure Computer Systems, ESD-TR-76-372, ESD/AFSC, Hanscom AFB, Bedford, MA (Apr. 1977) [NTIS ADA039324] [PDF]
    • Seminal paper on integrity.
  6. Bisbey II, R., and Hollingworth, D., Protection Analysis: Final Report; USC/ISI, Marina Del Rey, CA 90291 (May 1978) [PDF]
    • One of two seminal studies of computer system vulnerabilities. The primary goal of the project was to make protection evaluation both more effective and more economical by decomposing it into more manageable and methodical subtask.
  7. Department of Defense Computer Security Evaluation Center; Trusted Computer System Evaluation Criteria (Orange Book); (1983, 1985) [PDF]
    • Full version of the TCSEC that influenced study and development of systems. The trusted computer system evaluation criteria defined in this document classify systems into four broad hierarchical divisions of enhanced security protection
  8. Ford Aerospace, Secure Minicomputer Operating System (KSOS) (1978) [PDF]
    • Describes an implementation of a provably secure operating system compatible with the UNIX operating system. Provides a summary of the progress obtained in Phase I of the KSOS development
  9. Karger, P. A., and Schell, R. R., Multics Security Evaluation: Vulnerability Analysis, ESD-TR-74-193 Vol. II, ESD/AFSC, Hanscom AFB, Bedford, MA (June 1974) [PDF]
    • Described a number of attacks, including the trap-door compiler that Ken Thompson used so effectively in his Turing Award lecture. A security evaluation of Multics for potential use as a two-level (Secret/Top Secret) system in the Air Force Data Services Center (AFDSC).
  10. Linden, T., Operating System Structures to Support Security and Reliable Software (1976) [PDF]
    • Described capability-based architectures. To implement security in the design of computer systems, this survey focuses on two system structuring concepts that support security; small protection domains and extended-type objects.
  11. Myers, P., Subversion: The Neglected Aspect of Computer Security(1980) [PDF]
    • Demonstrated how a Trojan horse could spread to secure system without the attacker having direct access to that system. Distinguishes three methods of attacking internal protection mechanisms of computers: inadvertent disclosure, penetration, and subversion
  12. Neumann, P.,et al., A Provably Secure Operating System (1976) [PDF]
    • First formal design of a system, emphasizing proofs of design before implementation. Summarizes work to date on the development of a design for a general-purpose computing system intended for secure operations
  13. Nibaldi, G., Proposed Technical Evaluation Criteria for Trusted Computer Systems(1979) [PDF]
    • First evaluation criteria with levels (5 of them). This report documents a proposed set of technical evaluation criteria. These criteria and any evaluation process that they might imply represent on approach to how trusted systems might be evaluated.
  14. Saltzer, J. and Schroeder, M., The Protection of Information in Computer Systems, April 1975.
    • Seminal work on the elements of security. This is a must read.
  15. Schacht, J. M., Jobstream Separator System Design, MTR-3022 Vol. 1, The MITRE Corporation, Bedford, MA 01730 (May 1975) [PDF]
    • Presents a technical and economic assessment of the Jobstream Separator (JSS)
  16. Schell, R. R., Downey, P. J., and Popek, G. J., Preliminary Notes on the Design of Secure Military Computer Systems, MCI-73-1, ESD/AFSC, Hanscom AFB, Bedford, MA (Jan. 1973) [PDF]
  17. Schiller, W. L., The Design and Specification of a Security Kernel for the PDP-11/45(1975) [PDF]
    • First formal specification of a kernel satisfying the Bell-LaPadula model
  18. Whitmore, J., Bensoussan, A., Green, P., Hunt, D., Robziar, A., and Stern, J., Design for Multics Security Enhancements, ESD-TR-74-176, ESD/AFSC, Hanscom AFB, Bedford, MA (1074). [PDF]
  19. Van Vleck, Tom, et. al., B2 Security Evaluation, [PDF]
    • A site with good early computer security history and connected references, glossary.

Basic Papers

  1. Diffie and M.E. Hellman. New directions in cryptography. IEEE Transactions on Information Theory, Volume 22, Number 6, November 1976, pp. 644 – 654.
  2. S. Goldwasser and S. Micali. Probabilistic encryption. Journal of Computer & System Sciences,Volume 28, Number 2, April 1984, pp. 270-299.
  3. K. Thompson. Reflections on Trusting Trust. Communication of the ACM, Vol. 27, No. 8, August 1984, pp. 761-763.
  4. J.H. Saltzer and M.D. Schroeder. Part I-A of The Protection of Information in Computer Systems. Proceedings of the IEEE, 63(9):1278-1308, 1975.
    • The eight principles in Part I-A are as relevant today as they were back then.
  5. L. Lamport, R. Shostak, and M. Pease. The Byzantine Generals Problem ACM Transactions on Programming Languages and Systems 4(3):382-401, July 1982.
    • Technically, this is not a security paper. However, it is a fundamental paper of distributed computing, which is closely related to security.
  6. D.D. Clark and D.R. Wilson. “A Comparison of Commercial and Military Computer Security Policies” In Proceedings of the 1987 IEEE Symposium on Security and Privacy.
  7. R.S. Sandhu, E.J. Coyne, H.L. Feinstein, and C.E. Youman. Role-Based Access Control Models. IEEE Computer, 29(2):38–47, February 1996.
  8. E. Spafford. “The Internet Worm Program: An Analysis“. Purdue Technical Report CSD-TR-823.
  9. S.M. Bellovin. “Security Problems in the TCP/IP Protocol SuiteACM Computer Communication Review, Volume 19 , Issue 2 (April 1989).
  10. D. Denning. “An Intrusion-Detection Model“. IEEE Transactions on Software Engineering, Volume. SE-13, Number 2, February1987, pp. 222-232.
  11. V. Paxson. “Bro: A System for Detecting Network Intruders in Real-Time, Computer Networks, 31(23-24), pp. 2435-2463, 14 Dec. 1999.
  12. M. Abadi and R. Needham. Prudent Engineering Practice for Cryptographic Protocols“. IEEE Transactions on Software Engineering. January 1996 (Vol. 22, No. 1)
  13. R. Anderson. “Why Cryptosystems Fail“. Communications of the ACM, 37(11):32-40, November 1994.
  14. N. Borisov, I. Goldberg, D. Wagner. Intercepting Mobile Communications: The Insecurity of 802.11, MOBICOM 2001.
  15. J.G. Steiner, B. C. Neuman, J. I. Schiller. Kerberos: An Authentication Service for Open Network Systems, In Usenix Conference Proceedings, pp. 191-202, March 1988
  16. Aleph One. Smashing the stack for fun and profit, Phrack, 7(49), November 1996.
  17. S. Goldwasser and S. Micali. Probabilistic encryption, Journal of Computer System Sciences, Volume 28, Number 2, April 1984, pp. 270-299.
  18. M. Bellare and P. Rogaway. Optimal Asymmetric Encryption-How to Encrypt with RSA, Advances in Cryptology-Eurocrypt, 1994, LNCS 950.

Advanced Papers

  1. Cryptography
    1. M. Blum and S. Micali. “How to generate cryptographically strong sequences of pseudo-random bits”. SIAM Journal on Computing, Volume 13, Issue 4 (November 1984), pages 850–864. Conference version in FOCS 1982.
      • Copy available in REC 217.
    2. S. Goldwasser, S. Micali, and C. Rackoff. “Knowledge complexity of Interactive Proof Systems”. SIAM Journal on Computing, Volume 18, Issue 1 (February 1989), pages 186–208. Conference version in STOC 1985.
    3. M. Bellare and P. Rogaway. Random oracles are practical: a paradigm for designing efficient protocols. In Proceedings of First ACM Conference on Computer and Communications Security (CCS), 1993.
    4. M. Bellare, A. Desai, D. Pointcheval and P. Rogaway. Relations among notions of security for public-key encryption schemes. Extended abstract in Advances in Cryptology – Crypto 98.
    5. Matt Franklin and Moti Yung. “Varieties of secure distributed computing“.
    6. P. Paillier. Public-Key Cryptosystems Based on Composite Degree Residuosity Classes, EUROCRYPT 1999.
    7. A. Herzberg, S. Jarecki, H. Krawczyk, and M. Yung. Proactive secret sharing or: How to cope with perpetual leakage. In Crypto’95.
    8. D. Boneh and M. Franklin. “Identity-based encryption from the Weil pairingSIAM J. of Computing, Vol. 32, No. 3, pp. 586-615, 2003.
      • Extended abstract in proceedings of Crypto ‘2001, Lecture Notes in Computer Science, Vol. 2139, Springer-Verlag, pp. 213-229, 2001.
    9. M. Bellare and O. Goldreich. “On defining proofs of knowledge“. In CRYPTO 1992.

    Access Control

    1. Michael A. Harrison and Walter L. Ruzzo and Jeffrey D. Ullman. “Protection in Operating Systems“. CACM, August 1976.
    2. M.Abadi, M. Burrows, B. Lampson, and G. Plotkin. “A calculus for access control in distributed systems“. ACM Transactions on Programming Languages and Systems (TOPLAS). Volume 15, Issue 4 (September 1993), Pages: 706 – 734.
    3. M.Blaze, J. Feigenbaum, and J. Lacy. Decentralized Trust Management. In Proc. of IEEE Symposium on Security and Privacy, 1996.
    4. R.L. Rivest and B. Lampson. SDSI — A Simple Distributed Security Infrastructure. Version 1.1.
    5. F.B. Schneider. Enforceable security policies. ACM Transactions on Information and System Security (TISSEC). Volume 3, Issue 1 (February 2000). Pages: 30 – 50

Other candidates

  • E Bertino, E Ferrari, V Atluri. “The specification and enforcement of authorization constraints in workflow management systems”.
  • S. Sandhu. “Lattice-based access control models”.
  • Sutherland. “A Model of Information”
  • Goguen and Meseguer. “Unwinding and Inference Control”
  • Goguen and Meseguer. “Security Policies and Security Models”

Database Security

  1. P.P. Griffiths and B.W. Wade. “An authorization mechanism for a relational database systemACM Transactions on Database Systems (TODS), Volume 1 , Issue 3 (September 1976), Pages: 242 – 255.
  2. Nabil R. Adam, John C. Wortmann. “Security-control methods for statistical databases: a comparative study”
  3. F Rabitti, E Bertino, W Kim, D Woelk. “A model of authorization for next-generation database systems”.

Network Security and Intrusion Detection

  1. J.G. Steiner, B.C. Neuman, J.I. Schiller. “Kerberos: An Authentication Service for Open Network Systems” In Usenix Conference Proceedings, pp. 191–202, Mar. 1988.
  2. S.M. Bellovin, M Merritt. “Limitations of the Kerberos Authentication System, ACM Computer Communications Review, 1991.
  3. B. Lampson, M. Abadi, M. Burrows, and E. Wobber. Authentication in Distributed Systems: Theory and Practice ACM Transactions on Computer Systems (TOCS). Volume 10, Issue 4 (November 1992). Pages: 265 – 310.
  4. Stefan Savage, David Wetherall, Anna Karlin and Tom Anderson. Practical Network Support for IP Traceback SIGCOMM 2000.
  5. Kihong Park, Heejo Lee. On the Effectiveness of Route-Based Packet Filtering for Distributed DoS Attack Prevention in Power-Law Internets SIGCOMM 2001
  6. S. Forrest, A.S. Perelson, L. Allen, and R. Cherukuri Self-nonself discrimination in a computerIn 1994 IEEE Symposium on Security and Privacy.
  7. S. Forrest, S.A. Hofmeyr, A. Somayaji, T.A. Longstaff A sense of self for Unix processes
  8. T. Ptacek and T. Newsham Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection

Systems Security

  1. M. Castro and B. Liskov. Practical Byzantine Fault Tolerance. In Proceedings of the Third Symposium on Operating Systems Design and Implementation (OSDI ’99), New Orleans, USA, February 1999.
  2. R. Wahbe, S. Lucco, T.E. Anderson, and S.L. Graham. Efficient software-based fault isolation Proceedings of the fourteenth ACM symposium on Operating systems principles, Pages: 203 – 216, 1994.

Analysis of Cryptographic Protocols

  1. D. Dolev and A. Yao. “On the security of public key protocols”
  2. M Burrows, M Abadi, R Needham. “A logic of authentication”
  3. Gavin Lowe. “Breaking and fixing the Needham-Schroeder public-key protocol using FDR”
  4. FJT Fabrega, JC Herzog, JD Guttman. “Strand spaces: Proving security protocols correct”

Privacy and Anonymity

  1. Anonymous Connections and Onion Routing
  2. Freenet: A distributed anonymous information storage and retrieval system
  3. Crowds: Anonymity for web transactions