6th USENIX Security Symposium

6th USENIX Security Symposium

Post by Toni Vegl » Sun, 05 May 1996 04:00:00

            Focusing on Applications of Cryptography
                       July 22-25, 1996
             Fairmont Hotel, San Jose, California

Sponsored by the USENIX Association, Co-sponsored by UniForum
and in cooperation with The Computer Emergency Response Team (CERT)

Dear Colleague:

Since the last USENIX Security Symposium, just a year ago, the
world has really awakened to the Internet, sat up and looked
around, and started to get worried. Laws have been proposed and
some passed, mechanisms for security and censorship designed,
secure products broken, and censors bypassed.

Along with the growing awareness that security is important has
come a realization that there are some problems only cryptographic
techniques will solve. While great advances in cryptography have
been made in the last two decades, deployment of these advances
has been slow. It is time to correct that, and by focusing this
year on the subject of Applications of Cryptography, this
symposium has become the venue of choice for anyone with
responsibility for security on computer networks, now and into the

Security researchers and practitioners, system administrators,
systems analysts, site managers, programmers, and others with an
interest in computer security, will hear latest results from
research, new and innovative ideas and real-world experiences.
Attendees will be able to share experiences and ideas in both
formal and informal settings.  There will be tutorials providing
immediately useful information, peer-reviewed technical
presentations, invited talks, and Birds-of-a-Feather sessions, all
given by industry-renowned and up-and-coming speakers.

USENIX has augmented its offerings with a tutorial and panel
sessions sponsored by UniForum.  This track for managers, running
in parallel with the USENIX tutorials and technical sessions, will
provide a comprehensive overview of computer security as it
relates to open systems from a manager's perspective.  The first
day offers a tutorial providing an introduction to cryptographic
techniques.  Day two will provide intensive panel sessions
addressing security and privacy, electronic commerce,
cryptographic infrastructure and cryptography and the law.

If your job requires you to keep on top of the latest security
tools and techniques, I hope you will be able to join us in San
Jose in July.


Greg Rose
Program Chair

PS:  Remember to sign up for tutorials early. Space is limited and
demand is high.  You'll get your first choice, and save money.

Symposium Organizers

USENIX Program Committee
Program Chair:  Greg Rose, RoSecure Software
  Fred Avolio, Trusted Information Systems, Inc.
  Steven M. Bellovin, AT&T Research
  Brent Chapman, Great Circle Associates
  Diane Coe, The MITRE Corporation
  Ed DeHart, CERT
  Kathy Fithen, CERT
  Daniel Geer, Open Market, Inc.
  Peter Gutmann, University of Auckland
  Kent Landfield, Sterling Software
  Clifford Neuman, University of Southern California
  Avi Rubin, Bellcore
  Ken van Wyk, Defense Information Systems Agency
  Karen Worstell, The Boeing Company

  Matt Bishop, University of California, Davis
  Lee Damon, Qualcomm
  Phil Karn, Qualcomm
  Greg Noel, Qualcomm
  Brett Rees, Sterling Software

UniForum Program Committee
Program Chair: Jim Schindler, Hewlett-Packard
  Rik Farrow, Consultant
  Deborah Murray, UniForum
Hotel Reservation Deadline:     June 27, 1996
Pre-registration Deadline:      July 1, 1996
Sunday, July 21
  On-Site Registration                   6:00 pm -  9:00 pm
  Welcome Reception                      6:00 pm -  9:00 pm
Monday, July 22
  On-Site Registration                   7:30 am -  5:00 pm    
  Tutorial Program                       9:00 am -  5:00 pm    
Tuesday, July 23
   On-Site Registration                  7:30 am -  5:00 pm
   Tutorial Program                      9:00 am -  5:00 pm
   Birds-of-a-Feather Sessions           6:00 pm - 10:00 pm
Wednesday, July 24
   On-Site Registration                  7:30 am -  5:00 pm            
   Opening Remarks & Keynote                 9:00 am - 10:30 am
   USENIX Technical Sessions            11:00 am -  5:30 pm    
   UniForum Panel Sessions              10:45 am -  6:00 pm    
   Vendor Exhibits                        12 noon  -2:00 pm
                                       and 3:00 pm  7:00 pm
   Symposium Reception                   6:30 pm  - 8:30 pm    
Thursday, July 25
   USENIX Technical Session              9:00 am  - 5:30 pm
   USENIX Invited Talks                  9:00 am  - 5:30 pm

Tutorial Program        Monday and Tuesday, July 22-23, 1996
USENIX and UniForum tutorials are intensive, informative,
practical, and essential to your professional development.
They are delivered by experts with hands-on experience.

Attend these tutorials and benefit from the opportunity for
in-depth exploration and skill development in essential areas of
security and cryptography.

Seating is limited, so register now to guarantee your first choice.

Tutorial fees include:
        -Admission to the tutorials you select
        -Printed and bound tutorial materials from your sessions

USENIX provides CEUs for a small administrative fee.  Established
by the International Association for Continuing Education and
Training, the CEU is a nationally recognized standard unit of
measure for continuing education and training, and is used by
thousands of organizations across the United States.

Completion of one full day of the tutorial program qualifies for
0.6 CEUs.  You can request CEU credit by checking the appropriate
box on the registration form.  USENIX provides a certificate and
maintains transcripts for each attendee who chooses CEU credits.
CEUs are not the same as college credits.  Consult your employer
or school to determine their applicability.

Monday, July 22
9:00 am - 5:00 pm      
M1:  Internet Security for System and Network Administrators
Ed DeHart, CERT

Intended audience:   UNIX system and network administrators who
need to build and maintain trustworthy networked systems; UNIX
system programmers and practitioners who evaluate or initiate
Internet connectivity.

Participants have an organizational mandate to provide trustworthy
network services. They  need to understand network security issues
and how to protect their systems from the threats on the

This course will teach practical strategies and techniques to
combat the threat of intrusions and improve the security of
operating systems connected to the Internet. It will cover
fundamental security practices for UNIX system administration.
Participants will learn about the latest information on security
problems, defensive strategies, offensive strategies, network
security, and how to establish appropriate site security policy.

After completing the course, participants will be able to
establish and maintain a secure Internet site that allows the
benefits of connectivity to the Internet while protecting the
organization's data. Participants will become familiar with
security tools .

Topics include:
--latest information on security problems
--UNIX system security
--network security
--site security policies

Ed DeHart is a training team leader at the Computer Emergency
Response Team (CERT), where he is actively involved in the
day-to-day business of site security and incident handling.  CERT,
which Ed helped found in 1988, was formed by the Defense Advanced
Research Projects Agency (DARPA) to serve as a focal point for the
computer security concerns of Internet users.  The Coordination
Center for the CERT is located at the Software Engineering
Institute, Carnegie Mellon University, in Pittsburgh, PA.

M2:  Security on the World Wide Web
Daniel Geer, Open Market, Inc., and Jon Rochlis, BBN Planet

Intended Audience:  Anyone responsible for running a Web site who
wants to know current methods for making it secure and understand
the tradeoffs.

The World Wide Web is perhaps the most important enabler of
electronic commerce. But it was initially designed with little
thought to industrial strength security. Over the past several
years, numerous proposals have surfaced to secure the web. This
course will survey the strengths and weaknesses of each.  Topics
included are:

-Client/server network security
-A brief overview of encryption and its role in all security
-Simple schemes (Basic Auth)
-Prevailing protocols
         *Secure Sockets Layer (SSL)
         *Secure HyperText Transfer Protocol (S-HTTP)
         *Private Communications Technology (PCT)
-IP Security
-Payment protocols
         *Open Market
         *First Virtual
         *Visa/Mastercard (SET)
                    and many more
-Secure operation
         *Interaction with firewalls
         *Proxy servers

Daniel Geer is director of engineering at Open Market, Inc.
Formerly he was chief scientist, vice president of technology and
managing director of security consulting services for OpenVision
Technologies.  He holds a Doctor of Science from Harvard

Jon Rochlis is an engineering manager with BBN Planet where he
leads groups developing managed connectivity and security
services.  Previously Mr. Rochlis was with OpenVision
Technologies, responsible for half a dozen systems and security
management products.

9:00 am - 5:00 pm

T1:  Security for Software Developers: How to Write Code that
     Withstands Hostile Environments
Marcus J. Ranum, V-ONE Corporation

Intended audience: System managers and software engineers
developing client/server applications that will be used over the
Internet.  UNIX programmers who want to learn to write
security-critical networking software.  A strong background in
UNIX and UNIX programming is highly recommended. Many examples
will refer to C programming constructs, though familiarity with C
is not a prerequisite.

Increasingly, client/server software is being deployed in hostile
environments that it may not have been designed to withstand.
Attendees will learn how to spot and avoid making typical flaws in
security programming, using examples and case studies from
existing applications.

        *Taxonomies of software and system flaws
        *The importance of security
        *Putting security at the right layer
        *Orange book (C2, B1, B2 systems)
        *Authentication versus Authorization

-Data Protocols
        *How protocols are secure or insecure
        *Designing a protocol for security
        *Typical weaknesses of protocols

-Using cryptography
        *Basics (Public key, Secret Key, Certificates)
        *Synchronizing protocols
        *What cryptography can and can't do for you

        *What to authenticate
        *Authenticating packet streams
        *Publicly-available authentication systems

-Writing secure network daemons
        *Minimizing code
        *How to avoid doing everything as "root"

Marcus J. Ranum is a network and computer security consultant and
principal author of several major Internet firewall products. He
has been managing UNIX systems and network security for over 13
years, including configuring and managing whitehouse.gov.

T2:  UNIX Security Tools:  Use and Comparison
Matt Bishop, University of California, Davis

Intended Audience:  UNIX security administrators and users

The goal of this course is to assist UNIX security administrators
and interested users, in locating and using publicly-available
programs to improve the security of their systems.  The course
will compare the uses and drawbacks of several different programs,
with an emphasis on when to use each.  Topics will include:

-Tool checking and analysis: what to look for, how to analyze a
 tool, checking downloaded tools for security problems

-Tools for authentication: proactive password changers (ex:
 npasswd, passwd+); password generation tools, challenge-response
 and one-time password techniques (ex: S/key), password concealment
 and cracking tools (ex: shadow, crack)

-Static analysis tools: file system auditing (ex: Trip-wire,
 binaudit), more general analysis tools (ex: tiger, COPS)

-Network analysis and security tools: monitors (ex: tcp_wrapper),
 probers (ex: strobe), NFS and NIS analysis and testing tools (ex:
 nfsbug, nfswatch), ISS, SATAN, Gabriel, Courtney

-Tools for privilege: managing shells (ex: osh, sudo), shared
 account management (ex: lsu)

-Tools for logging and log analysis tools (ex: swatch)

-Libraries: (ex: securelib, msystem, safe_access, etc.)

Matt Bishop received his PhD from Purdue University in computer
science where he specialized in computer security.  Besides
computer and network security, his research and teaching areas
include operating systems and software engineering.  He chaired
the first two UNIX Security Workshops.

T3:  Keys to Successfully Implementing Cryptography
Bruce Schneier, Counterpane Systems

Intended Audience:  Information security managers, system and
network administrators,consultants, technical staff, and
developers who need to learn about cryptography.

This course is an overview of cryptography with a half day for the
introductory aspects of cryptography, and a half day for advanced
cryptography technology. Attendees will learn the role
cryptography should play in an overall security solution.

The introduction to cryptography will discuss fundamentals,
including the advantages of public and private key systems,
cryptographic algorithms, cryptographic keys and distribution
systems, and some of the criteria that should be used when
selecting cryptography for your environment.  Issues to be
addressed include:

-- Will the algorithm being used now be valid in five years?

--Current U.S. export policy treats products that have a cryptographic
  capability as "munitions products."  Do those regulations apply to
  your environment?

The second half of the course will discuss the use of cryptography
in more sophisticated user environments, focusing on the use of
cryptography for authentication, digital signatures, and
non-repudiation.  Key escrow alternatives will be discussed,
including the advantages and disadvantages of each.

Bruce Schneier is president of Counterpane Systems, a consulting
firm specializing in cryptography and computer security.  His
clients include Compaq Computer, Hughes Data Systems, Intel, MCI,
Merrill Lynch, Oracle, Mitsubishi Electronics and National
Semiconductor.  He is the author of Applied Cryptography and a
contributing editor to Dr. Dobbs Journal and Computer and
Communications Security Reviews.

Cryptography has become one of the main tools for privacy, trust,
access control, electronic payments, corporate security, and
numerous other areas.  As we move toward becoming a computerized
information society, the need for global computer and network
security is becoming increasingly urgent. These panel discussions
will provide an overview of changes that have occurred to create
the sudden urgency for cryptographic technology.

PRELIMINARY TECHNICAL PROGRAM   Wednesday & Thursday, July 24-25, 1996


9:00 - 10:30
Opening Remarks
  Greg Rose, RoSecure Software

Keynote Address:  A Simple Distributed Security Infrastructure
   Ronald L. Rivest, MIT Laboratory for Computer Science

A new distributed security infrastructure called SDSI (pronounced
``Sudsy'') combines a simple public key infrastructure design with
a means of defining groups and issuing group-membership
certificates. SDSI's groups provide simple, clear terminology for
defining access-control lists and security policies.  SDSI's
design emphasizes linked local name spaces rather than a
hierarchical global name space. This talk will describe the
philosophy and structure of SDSI.

Ronald L. Rivest is a professor of computer science at the
Massachusetts Institute of Technology, and associate director of
MIT's Laboratory for Computer Science.  He is an inventor of the
RSA public key cryptosystem, and a founder and director of RSA
Data Security, Inc.  Dr. Rivest has extensive experience in
cryptographic design and cryptanalysis.  He is a co-author of
Introduction to Algorithms.

10:45 - 11:00
 UniForum Introduction and Welcome
    Jim Schindler, Hewlett-Packard

11:00 - 12:30
USENIX Session 1: "He who controls the area controls the religion
   Session Chair:  Brent Chapman, Great Circle Associates

A Secure Environment for Untrusted Helper Applications
     Ian Goldberg, David Wagner, Randi Thomas and Eric A. Brewer
     University of California, Berkeley

A DNS filter and Switch for Packet-filtering Gateways
     Bill Cheswick, Lucent Technologies;
     Steven M. Bellovin, AT&T Research

Confining Root Programs with Domain and Type Enforcement
     Kenneth M. Walker, Daniel F. Sterne, M. Lee Badger,
     Michael J. Petkac, David L. Sherman, Karen A. Oostendorp,
     Trusted Information Systems, Inc.

UniForum Session 1:  Security and Privacy Issues
Session Chair:  Peter Neumann, Stanford Research Institute

Panelists:  Mary Connors, Computer Professionals for Social
Responsibility, Jose Martinez, Sausalito Associates International,
Gio Wederhold, Stanford University

The panelists will discuss the security and privacy requirements
and practices in four areas:

 - system and network infrastructure    -medical community
 - government systems                   -financial applications

1:30 - 2:45
UniForum Session 2:  Electronic Commerce
Session Chair:  Rik Farrow, Consultant
Panelists:      Fred Avolio, Trusted Information Systems, Inc.
                Daniel Geer, Open Market, Inc.
                Bruce Schneier, Counterpane Systems

This session will discuss the critical components of an electronic
commerce security strategy including risks and the need for
firewalls. It will also examine applications that will be viable
for the next two to five years.

2:00 - 3:30
USENIX Session 2:  "The secret whispers of each other's watch (W.S.)"
  Session Chair:  Avi Rubin, Bellcore

SSH - Secure Login Connections Over the Internet
     Tatu Ylonen, Helsinki University of Technology

Dual-workfactor Encrypted Key Exchange:  Efficiently Preventing
Password Chaining and Dictionary Attacks
     Barry Jaspan, Consultant

Security Mechanism Independence in ONC RPC
     Mike Eisler, Roland J. Schemers and Raj Srinivasan, SunSoft, Inc.

3:00 - 4:15
UniForum Session 3:  Cryptography and the Law
  Session Chair:  Daniel Appelman, Heller, Ehrman, White & McAuliffe
Panelists:  TBA
This session will address legal issues associated with cryptography
including intellectual property (content, distribution, copyright and
protection), trade secrets, email, and computer crimes.

4:00 - 5:30
USENIX Session 3:  "There are more things in heaven and earth (W.S.)"
  Session Chair:  Steven M. Bellovin, AT&T Research

Establishing Identity Without Certification Authorities
     Carl Ellison, Cybercash, Inc.

Secure Deletion of Data from Magnetic and Solid-State Memory
     Peter Gutmann, University of Auckland

A revocable backup system
     Dan Boneh and Richard J. Lipton, Princeton University

4:30 - 5:45
UniForum Session 4:  Cryptographic Infrastructure
     Session Chair:  Fred Avolio, Trusted Information Systems, Inc.
Panelists:  Peter Dinsmore, Trusted Information Systems, Inc.,
Carl Ellison, Cybercash, Inc., Constantin Tanno, Morgan Stanley & Co.

This session will identify the issues of key management escrow and
distribution from the perspectives of an architect, an implementer,
and an end user.

5:45 - 6:00
UniForum Wrap-up & Q&A

THURSDAY, July 25 - USENIX Technical Sessions and Invited Talks

9:00 - 10:30
Session 4:  "to promote commerce, and not betray it (Pepys)"
   Session Chair:  Clifford Neuman, University of Southern California

Achieving Atomicity in Electronic Commerce and Its Impact
on Communication Efficiency
     Jiawen Su and J.D. Tygar, Carnegie Mellon University

Kerberos on Wall Street
     Isaac Hollander, P. Rajaram and Constantin Tanno
     Morgan Stanley & Co.

A Framework for Building an Electronic Currency System
     Lei Tang, Carnegie Mellon University

Invited Talk:  "Just another convicted Perl hacker"
  Randall Schwartz, Stonehenge Consulting Services

This talk will describe how the speaker became a felon in the
process of doing his job as a systems administrator in the
well-publicized Oregon v. Schwartz case (victim: Intel).  It will
include some points about Oregon's current law and the implications
of this case on the computer community.  There will be a special
focus on how to make sure this doesn't happen to you.

11:00 - 12:30
Session 5:  "In middle of her Web, which spreadeth wide (Davies)"
                   Session Chair:  Kathy Fithen, CERT

Chrg-http:  A Tool for Micropayments on the World Wide Web
     Lei Tang, Carnegie Mellon University; Steve Low and Nicholas
     Maxemchuck, AT&T Research    

Building Systems That Flexibly Download Executable Content
     Trent Jaeger and Atul Prakash, Univeristy of Michigan; Avi Rubin,

Enabling Secure Collaboration over the Internet
     Li Gong, SRI International

Invited Talk:  Using Technical Means to Protect Individual Privacy:
               The C2.NET Privacy Model
  Sameer Parekh, Community ConneXion

While some may clamor for legislative action to protect people's
privacy while on the Internet, many in the "cypherpunk" community
feel that technical, rather than legislative, solutions are the
answer.  The speaker will discuss how his business has been
protecting people from threats ranging from their neighbors, the
Church of Scientology, all the way to government intelligence
agencies for more than two years.

2:00 - 3:30
Session 6:  "Two massy keys he bore (Milton)"
  Session Chair:  Diane Coe, The MITRE Corporation

Public Key Distribution with Secure DNS
     James M. Galvin, EIT/VeriFone

Compliance Defects in Public Key Cryptography
     Don Davis, Independent Consultant

Texas A&M University Anarchistic Key Authorization (AKA)
     David Safford, Douglas Schales and David Hess, Texas A&M University

Invited Talk: "Firewalls:  Are they being used right? Are they
  Marcus Ranum, V-ONE Corporation

Are we entering an age of voodoo security?  Some industry analysts
estimate that firewall and security products will be a 100 million
dollar market.  How much of this investment will actually help
advance the state of computing, and how much will be stop-gap
measures that will be obsolete within four years?  This talk will
address some of the problems which current technologies fail to
address and their significance for the future.  It will also
examine the cost/benefits of technologies like firewalls and
network security systems vis-a-vis the current technology

4:00 - 5:30
Session 7:  "... tangled in amorous nets (Milton)"
  Session Chair:  Fred Avolio, Trusted Information Systems, Inc.

Murphy's law and computer security
     Wietse Venema, Eindhoven University of Technology

NetKuang--A Multi-Host Configuration Vulnerability Checker
     Dan Zerkle and Karl Levitt, University of California, Davis

Problem Areas for the IP Security Protocols
     Steven M. Bellovin, AT&T Research

Invited Talk:  PGP Library API
  Derek Atkins, Sun Microsystems, Inc.

Current development of Philip Zimmermann's Pretty Good Privacy
system is creating a PGP Library with a new, modular construction
and a specified Programming Interface (API).  This talk describe
the design of the PGP Library and touch on some of the basic
interfaces available to programmers who wish to include PGP
security in their applications.


The USENIX student stipend program covers travel, living expenses,
and registration fees to enable full-time students to attend
USENIX meetings.  Detailed information about applying for a
stipend is available at the USENIX web site: http://www.usenix.org,
by reading comp.org.usenix or sending email to <stude...@usenix.org>

One copy of the proceedings is included with your Technical Sessions
registration fee.  To order additional copies, contact the USENIX
Association at 510-528-8649, or send your email to: <off...@usenix.org>

Tuesday - July 23, 6:00pm - 10:00pm
Do you have a topic that you'd like to discuss with others?  Our
Birds-of-a-Feather Sessions may be perfect for you.  BoFs are very
interactive and informal gatherings for attendees interested in a
particular topic. Schedule your BoF in advance by telephoning the
USENIX Conference Office at 714.588.8649, or email to:

Wednesday, July 24
12 noon - 2:00pm and 3:00 pm - 7:00 pm
For the first time, the USENIX Association will have an informal,
table-top Vendor Display at the Security Symposium.  Space is very
limited, so if your company wants to participate, please contact
Cynthia Deno.  Phone 408.335.9445 or send email to:

Participating Vendors to Date:
   Computer Security Institute
   Internet Security Systems, Inc.
   Memco Software, Inc.
   Platinum Technology, Inc.

PPP and terminal access to the Internet along with dial-out access
will be provided in the Terminal Room.  The Terminal Room will be
open Monday morning through Thursday afternoon.  Some secure
access methods (currently undetermined) will be available.
Attendees can request Kerberos IDs and/or IP addresses for
portables on the registration form.  Terminal Room volunteers will
receive a complimentary technical sessions registration.  Look for
details posted in <comp.org.usenix>

PGP (Pretty Good Privacy) allows messages to be exchanged across
public networks while protecting the privacy of the message and
guaranteeing the authenticity of the sender.  USENIX's PGP Key
Signing Service allows members to have their PGP keys signed by
USENIX, which effectively introduces the key's owner to the Web of
Trust.  To take advantage of this new member benefit, bring two
forms of identification, at least one of which includes a picture
(i.e. driver's license, passport, etc.) and sign up at the
registration desk.

USENIX Conference Office
22672 Lambert St., Suite 613
Lake Forest, CA  92630
Phone:  714.588.8649
Fax:  714.588.9706
Email: <confere...@usenix.org>
Web:  <http://www.usenix.org>
Office Hours:  8:30 am - 5:00 pm Pacific Time


The Conference headquarters will be:

Fairmont Hotel
170 South Market Street
San Jose, CA  95113
Toll Free:  800.527.4727
Telephone:  408.998.1900
Reservation Fax:  408.287.1648

$125.00 Single          
$135.00 Double
(Plus local tax, currently 10%)

Call the hotel directly and ask for the Reservations Desk.  You
must mention USENIX to get this special rate.  A one night's
deposit is required to guarantee your first night's stay.  To
cancel your reservation, you must notify the hotel at least 48
hours prior to your scheduled arrival.

IMPORTANT:  The room reservation deadline is June 27, 1996.
Requests for reservations received after the deadline will be
handled on a space and rate available basis.

It is suggested that you fly into San Jose International Airport.
Special airline discounts will be available for USENIX attendees.
Please call for details:
        JNR, Inc.       Toll Free       800-343-4546 (USA and Canada)
                        Telephone       714-476-2788

The Fairmont Hotel is located just 10 minutes from the San Jose
International Airport.  The Fairmont offers a complimentary
shuttle service to and from the airport every thirty minutes from
5:30 am - 10:30 pm weekdays and 7:00 am - 10:30 pm weekends.  At
the airport, you can catch the shuttle outside the baggage claim
at the courtesy vehicles area.

Taxi service is also available at an approximate cost of $12 one way.

Since 1975, the USENIX Association has provided a forum where the
community of engineers, scientists, and technicians working on the
cutting edge of the computing world come together to communicate
the results of innovation and research in UNIX and modern open
systems.  USENIX is well known for its technical conferences,
tutorial programs, and the wide variety of publications it has
sponsored over the years.

USENIX is the original, not-for-profit membership organization for
individuals and institutions interested in UNIX and related
technologies.  Evolving with technology, USENIX has broadened its
activities to include open systems and the globally interconnected
and interoperable computing environment.

The USENIX Association and its members are dedicated to:
   * problem-solving with a practical bias,
   * fostering innovation and research that works,
   * rapidly communicating the results of both research and
     innovation, and
   * providing a neutral forum for the exercise of critical thought
     and the airing of technical issues.

SAGE, the System Administrators Guild, a Special Technical Group
within the USENIX Association, is dedicated to the recognition and
advancement of system administration as a profession.

About UniForum
Since its inception in 1981, UniForum has served as a
vendor-independent, not-for-profit professional association that
helps individuals and their organizations increase their
information system's effectiveness through the use of open
systems, based on shared industry standards.  Central to
UniForum's mission is the delivery of high-quality educational
programs, trade shows and conferences, publications, online
services and peer group interactions.

The initial goals of UniForum still hold true today:

 -- to promote the understanding and use of UNIX and open systems
 -- to provide leadership in the development of industry cooperation
    and standards
 -- to provide educational benefits to association members through
    educational conferences, seminars and informative publications.

==========================cut here=================================
                          REGISTRATION FORM
                   6th USENIX Security Symposium
              July 22 - 25, 1996          San Jose, CA

Please complete the form below and return with full payment to:

                USENIX Conference Office
                22672 Lambert St., Suite 613, Lake Forest, CA  92630
                Phone:  714-588-8649  /  Fax:  714-588-9706


              (first)                   (last)

First Name for Badge_______________________Member Number_____________

Company or Institution_______________________________________________

Mailing Address______________________________________________________
                                                    Mail Stop

City_____________________State_______Zip___________Country __________

Telephone No:_________________________Fax No: _______________________

Network Address______________________________________________________
                                      (one only please)

Please help us serve you better.  By answering the following
questions, you help us plan our activities to meet members'
needs.  All information is confidential.

[ ] I do not want to be on the attendee list

[ ] I do not want my address made available for other than USENIX

[ ] I do not want USENIX to email me notices of Association activities.

What is your affiliation? (check one)
[ ] academic  [ ] commercial  [ ] gov't  [ ] R&D

What is your role in the purchase decision? (check one)
1.[] final  2.[] specify  3.[] recommend 4.[] influence 5.[] no role

What is your job function? (check one)
1.[ ] system/network administrator    2.[ ] consultant
3.[ ] academic/research   4.[ ] developer/programmer/architect
5.[ ] system engineer    6.[ ] technical manager  7.[ ] student

How did you hear about this meeting? (check one)
1.[ ] USENIX mailing  2.[ ] newsgroup/bulletin board 3.[ ] ;login:
4.[ ] World Wide Web  5.[ ] from a colleague  6.[ ] magazine

What publications or newsgroups do you read related to security issues?


Do you want a Terminal Room Kerberos ID?   [ ] yes        [ ] no

Do you want a Terminal Room IP address for your portable/laptop?  
[ ] yes       [ ] no

Select only one full-day tutorial per day - 9:00am - 5:00pm.

Monday, July 22, 1996
[ ] M1  Internet Security for Administrators

[ ] M2  Security on the WWW

      Second Choice if first is filled:____________________________

Tuesday, July 23, 1996
[ ] T1  Security for Software Developers

[ ] T2  UNIX Security Tools

[ ] T3  Successfully Implementing Cryptography

      Second Choice if first is filled:____________________________

TUTORIAL PROGRAM FEES - Monday & Tuesday, July 22-23
Tutorial Program for two days.......................... $590  $_________
        CEU credit (optional).......................... $ 30  $_________
Tutorial Program for one day............................$320  $_________
        CEU credit (optional)...........................$ 15  $_________

        Late fee applies if postmarked after
        Monday, July 1,1996.........................Add $ 50  $_________

TECHNICAL SESSION FEES - Wednesday & Thursday, July 24-25
Current Member..........................................$310  $_________
      (Applies for current USENIX, UniForum, EurOpen, JUS
       and AUUG members)

Non-Member or Renewing Member *.........................$380  $_________
      *Join or renew your USENIX membership and
       attend the symposium for same low price
       low price..............................  Check here [ ]

      *Join or renew your SAGE membership.......... Add $ 25  $_________
         (You must be a current member of USENIX)

         Late fee applies if postmarked after
         Monday, July 1, 1996.......................Add $ 50  $_________

Full-Time student.......................................$ 75  $_________
        (Students must provide a current student I.D.)

Full-Time student, including USENIX membership fee......$100  $_________

                             TOTAL ENCLOSED...................$_________

Payment (US Dollars only) must accompany this form.  Purchase orders,
vouchers, telephone or email registrations cannot be accepted.

You may fax your registration form if paying by credit card to:  
      USENIX Conference Office - fax: 714-588-9706
To avoid duplicate billing, please DO NOT mail an additional copy.

[ ] Payment Enclosed (Make check payable to USENIX Conference)

CHARGE TO MY:____Visa ____Mastercard ____American Express ____Diners Club

ACCOUNT NO._____________________________________ EXP. DATE___________

 Print Cardholder's Name             Cardholder's Signature

If you must cancel, all refund requests must be in writing and
postmarked no later than Friday, July 12, 1996.  Telephone
cancellations cannot be accepted. You may substitute another in
your place.  Just contact the Conference Office for details.