Announcements

Center for Information Protection
UC Davis is planning to join the NSF I/UCRC Center for Information Protection. We are looking for companies to join our Industrial Advisory Board.
Find out more here!

Conferences and Workshops

• ISGIG 2009
• ACSAC 25
• PETRA 2010 (due 11/15)
• Oakland 2010 (due 11/18)

My Links

• My Home Page
• Books
• Classes
• Papers
• Reports and Notes
• Research
• Security in Programming
• Service
• Students
• Talks
• Miscellaneous
• My Family
• About Me (CV and such)

Other Links

• MyUCDavis
• Computer Security Lab
• Dept. of Computer Science
• College of Engineering
• University of California, Davis
• City of Davis
• County of Yolo
• State of California
• United States of America

This Quarter’s Classes

Office Hours for This Quarter

Contacting Me

Reports and Notes

These are technical reports and other reports that I either wrote or worked with other people on.

2007

• L. Osterweil, L. Millett, and J. Winston (editors), “Social Security Administration Electronic Service Provision: A Strategic Assessment”, National Academies Press, Washington DC 20055 (Aug. 2007).
• R. Gardner, A. Yasinsac, M. Bishop, T. Kohno, Z. Hartley, J. Kerski, D. Gainey, R. Walega, E. Hollander, and M. Gerke, “Software Review and Security Analysis of the Diebold Voting Machine Software”, Security and Assurance in Information Technology Laboratory, Florida State University, Tallahassee, FL 32306-4530 (July 2007).
• M. Bishop, “Overview of Red Team Reports”, Office of the Secretary of State of California, 1500 11th St, Sacramento, CA 95814 (July 2007).
• A. Yasinsac, D. Wagner, M. Bishop, T. Baker, B. de Medeiros, G. Tyson, M. Shamos, and M. Burmester, “Software Review and Security Analysis of the ES&S iVotronic 8.0.1.2 Voting Machine Firmware”, Security and Assurance in Information Technology Laboratory, Florida State University, Tallahassee, FL 32306-4530 (Feb. 2007).

2006

• Voting Technology Assessment Project, “The Machinery of Democracy: Voting System Security, Accessibility, Usability, and Cost”, Brennan Center for Justice, New York University School of Law, New York, NY (Oct. 2006).
• S. Engle, S. Whalen, D. Howard, A. Carlson, E. Proebstel, and M. Bishop, “A Practical Formalism for Vulnerability Comparison”, Technical Report CSE-2006-11, Dept. of Computer Science, University of California at Davis, Davis, CA 95616-8562 (Aug. 2006).
• Task Force on Voting System Security, “The Machinery of Democracy: Protecting Elections in an Electronic World”, Brennan Center for Justice, New York University School of Law, New York, NY (June 2006).
• S. Engle, S. Whalen, D. Howard, and M. Bishop, “Tree Approach to Vulnerability Classification”, Technical Report CSE-2006-10, Dept. of Computer Science, University of California at Davis, Davis, CA 95616-8562 (May 2006).
• D. Wagner, D. Jefferson, M. Bishop, C. Karlof, and N. Sastry, “Security Analysis of the Diebold AccuBasic Interpreter”, Technical Report, Voting Systems Technology Assessment Advisory Board, Office of the Secretary of State of California, Sacramento, CA 95814 (Feb. 2006).

2005

• M. Bishop, “Spam and the CAN-SPAM Act”, Expert Report, Federal Trade Commission, Washington DC 20580 (Dec. 2005).
• M. Bishop, L. Guarino, D. Jefferson, D. Wagner, and M. Orkin, “Analysis of Volume Testing of the AccuVote TSx/AccuView”, Technical Report, Voting Systems Technology Assessment Advisory Board, Office of the Secretary of State of California, Sacramento, CA 95814 (Oct. 2005).
• E. Barr, M. Bishop, D. DeFigueiredo, M. Gondree, and P. Wheeler, “Toward Clarifying Election Systems Standards”, Technical Report CSE-2005-21, Dept. of Computer Science, University of California at Davis, Davis, CA 95616-8562 (Sep. 2005).
• S. Whalen, M. Bishop, and S. Engle, “Protocol Vulnerability Analysis”, Technical Report CSE-2005-4, Dept. of Computer Science, University of California at Davis, Davis, CA 95616-8562 (May 2005).

2004

• M. Bishop, “Issues for a ‘Do Not Email’ List”, Expert Report, Federal Trade Commission, Washington DC 20580 (June 2004).
• J. Chambers and J. Thompson, “Vulnerability Disclosure Framework: Final Report and Recommendations by the Council”, National Infrastructure Advisory Council (Jan. 2004).
• RABA Innovative Solution Cell, “Trusted Agent Report Diebold AccuVote-TS Voting System”, RABA Technologies LLC, Columbia, MD 21045 (Jan. 2004).

2003

• M. Bishop, “An Overview of Electronic Voting and Security”, Yolo County Clerk/Recorder, Woodland, CA 95695 (Dec. 2003).

2000

• B. Hashii, S. Malabarba, R. Pandey, and M. Bishop, “Supporting Reconfigurable Security Policies for Mobile Programs”, Technical Report CSE-2000-8, Dept. of Computer Science, University of California at Davis, Davis, CA 95616-8562 (2000).

1998

• M. Bishop and S. Northcutt, “Executive Summary of the UC Davis Intrusion Detection and Response Data Sharing Workshop”, Technical Report CSE-98-7, Dept. of Computer Science, University of California at Davis, Davis, CA 95616-8562 (Sep. 1998).

1996

• M. Bishop and D. Bailey, “A Critical Analysis of Vulnerability Taxonomies”, Technical Report CSE-96-11, Dept. of Computer Science, University of California at Davis, Davis, CA 95616-8562 (Sep. 1996).

1995

• G. Fink, M. Helmke, M. Bishop, and K. Levitt, “An Interface Language Between Specifications and Testing”, Technical Report CSE-95-15, Dept. of Computer Science, University of California at Davis, Davis, CA 95616-8562 (Aug. 1995).
• M. Bishop and M. Dilger, “Checking for Race Conditions in File Accesses”, Technical Report CSE-95-10, Dept. of Computer Science, University of California at Davis, Davis, CA 95616-8562 (Sep. 1995).
• M. Bishop, “Race Conditions, Files, and Security Flaws; or the Tortoise and the Hare Redux”, Technical Report CSE-95-9, Dept. of Computer Science, University of California at Davis, Davis, CA 95616-8562 (Sep. 1995).
• M. Bishop, M. Valence, and L. Wisniewski, “Process Migration for Heterogeneous Distributed Systems”, Technical Report PCS-TR95-264, Dept. of Mathematics and Computer Science, Dartmouth College, Hanover, NH 03755 (Aug. 1995).
• M. Bishop, “A Taxonomy of UNIX System and Network Vulnerabilities”, Technical Report CSE-95-8, Dept. of Computer Science, University of California at Davis, Davis, CA 95616-8562 (May 1995).

1992

• P. Su and M. Bishop, “How to Encrypt /usr/dict/words in About a Second”, Technical Report PCS-TR92-182, Dept. of Mathematics and Computer Science, Dartmouth College, Hanover, NH 03755 (1992).
• D. Kotz, F. Makedon, M. Bishop, R. Drysdale, D. Johnson, and P. Metaxas, “Parallel Computer Needs at Dartmouth College”, Technical Report PCS-TR92-176, Dept. of Mathematics and Computer Science, Dartmouth College, Hanover, NH 03755 (June 1992).

1991

• M. Bishop, “Implementation Notes on bdes(1)”, Technical Report PCS-TR91-158, Dept. of Mathematics and Computer Science, Dartmouth College, Hanover, NH 03755 (1991).
• M. Bishop, “An Overview of Computer Viruses in a Research Environment”, Technical Report PCS-TR91-156, Dept. of Mathematics and Computer Science, Dartmouth College, Hanover, NH 03755 (1991).
• M. Bishop, “A Security Analysis of Version 2 of the Network Time Protocol NTP: A Report to the Privacy and Security Research Group”, Technical Report PCS-TR91-154, Dept. of Mathematics and Computer Science, Dartmouth College, Hanover, NH 03755 (1991).
• M. Bishop, “Privacy-Enhanced Electronic Mail”, Technical Report PCS-TR91-150, Dept. of Mathematics and Computer Science, Dartmouth College, Hanover, NH 03755 (1991).

1990

• M. Bishop, “Administrator’s Guide to the Digital Signature Facility ‘Rover’”, Technical Report PCS-TR90-153, Dept. of Mathematics and Computer Science, Dartmouth College, Hanover, NH 03755 (1990).
• M. Bishop, “A Proactive Password Checker”, Technical Report PCS-TR90-152, Dept. of Mathematics and Computer Science, Dartmouth College, Hanover, NH 03755 (1990).
• M. Bishop, “Applying the Take-Grant Protection Model”, Technical Report PCS-TR90-151, Dept. of Mathematics and Computer Science, Dartmouth College, Hanover, NH 03755 (1990).

1988

• M. Bishop, “An Application of a Fast Data Encryption Standard Implementation”, Technical Report PCS-TR88-138, Dept. of Mathematics and Computer Science, Dartmouth College, Hanover, NH 03755 (1988)
• M. Bishop, “Theft of Information in the Take-Grant Protection Model”, Technical Report PCS-TR88-137, Dept. of Mathematics and Computer Science, Dartmouth College, Hanover, NH 03755 (1988).
• M. Bishop, “The Sharing of Rights and Information in a Capability-Based Protection System”, Technical Report PCS-TR88-136, Dept. of Mathematics and Computer Science, Dartmouth College, Hanover, NH 03755 (1988).

1987

• M. Bishop, “A Fast Version of the DES and a Password Encryption Algorithm,””, Technical Report 87.18, Research Institute for Advanced Computer Science, NASA Ames Research Center, Moffett Field, CA 94035 (July 1987; revised Aug. 1988).

1984

• M. Bishop, “Practical Take-Grant Systems: Do They Exist?”, Ph.D. Thesis, Dept. of Computer Sciences, Purdue University, West Lafayette, IN 47907 (May 1984).

1983

• M. Bishop, “Security Problems with the UNIX Operaing System”, Dept. of Computer Sciences, Purdue University, West Lafayette, IN 47907 (Jan. 1983).

According to all the latest reports, there was no truth in any of the earlier reports.