There's lots of interesting papers; I couldn't begin to select a "top 10".
But for an answer to this question from the late 90s, take a look at the UC
Davis collection available at

Also a plug: every year the Annual Computer Security Applications Conference
( invites two or three authors of seminal papers to update &
present their papers given the benefit of hindsight.  Last year's papers
included an update by Gene Spafford on the dissection of the Morris Worm,
and an update from Peter Neumann on PSOS (Provably Secure Operating System).
This year we'll hear a retrospective on the Orange Book by Marv Schaefer
(one of the authors) and an update on some of the classic TCP attacks from
Steve Bellovin.


> -----Original Message-----
> Behalf Of Matt Setzer
> Sent: Saturday, August 07, 2004 9:42 PM
> Subject: [SC-L] Top security papers
> It's been kind of quiet around here lately - hopefully just 
> because everyone
> is off enjoying a well deserved summer (or winter, for those 
> of you in the
> opposite hemisphere) break.  In an effort to stir things up a 
> bit, I thought
> I'd try to get some opinions about good foundational 
> materials for security
> professionals.  (I'm relatively new to the field, and would 
> like to broaden
> my background knowledge.)  Specifically, what are the top five or ten
> security papers that you'd recommend to anyone wanting to 
> learn more about
> security?  What are the papers that you keep printed copies 
> of and reread
> every few years just to get a new perspective on them?  
> Amoroso has a list of selected papers in an appendix to 
> "Fundamentals of
> Computer Security Technology" (sorry, haven't been able to 
> find a web link),
> but I'm interested in hearing other perspectives, as well as 
> hearing about
> newer papers that have excited people.   Any thoughts?
> Matt Setzer

Reply via email to