The following list of original papers have been presented or
are under review and are
of general interest to the security and web communities
A Power Point Presentation given to the Washington Chapter of ISACA on
XBRL audit challenges.
This paper takes a look at thermodynamic cipher attacks and
presents improvements in ciphers to negate this type of attack. I was
considering submitting it somewhere but I want to give people a chance
to review it first. Please send me any comments at firstname.lastname@example.org
- NSA A New Approach to Network
Security John Ryan
This paper tries to make a science out of defending
against hacking by putting it in the realm of Quality Assurance. We try
to put testing on a statistical basis so that incremental improvements
can be made to the network.
- How To Create a Hack
Database John Ryan
This paper presenets the necesary ideas to create a hack
index number and presents a scheme that allows this hack index number
to reference various types of works.
- Incident Response Outline
John Ryan and Ira Winkler
Outline of the "Incident Response" book to be publised
by O'Reilly and Associates as soon as we finish writing it.
This deals with how different organizations should deal with computer
- Security - Hacking Methodology
This paper tries to make a science out of hacking by
putting it on the same footing as any military operation and applying
the methods of operations research to it. Think of this paper as
- The Internet/WWW
Impact on Data Managment Roger Cooper and John Ryan
This paper was presented at Miter's 1995 Data Management
Symposium and attempts to explain the complexities of integrating the
Internet and World Wide Web into traditional Data Management
Procedures. Specifically it draws out the analogy of the Internet as an
ecosystem rather than an engineered system.