| 2001 | 17th Annual Computer Security Applications Conference (ACSAC 2001), 11-14 December 2001, New Orleans, Louisiana, USA |
| 2001 | A Component-Based Architecture for Secure Data Publication. Piero A. Bonatti, Ernesto Damiani, Sabrina De Capitani di Vimercati, Pierangela Samarati |
| 2001 | A Framework for Multiple Authorization Types in a Healthcare Application System. Ramaswamy Chandramouli |
| 2001 | A JCA-Based Implementation Framework for Threshold Cryptography. Yih Huang, David Rine, Xunhua Wang |
| 2001 | A Regulated Approach to Certificate Management. Victoria Ungureanu |
| 2001 | A Security Model for Military Message Systems: Retrospective. Carl E. Landwehr, Constance L. Heitmeyer, John D. McLean |
| 2001 | Abuse-Case-Based Assurance Arguments. John P. McDermott |
| 2001 | An Information Flow Tool for Gypsy. John McHugh |
| 2001 | Application Intrusion Detection using Language Library Calls. Anita K. Jones, Yu Lin |
| 2001 | Architecture and Applications for a Distributed Embedded Firewall. Charles Payne, Tom Markham |
| 2001 | Building Reliable Secure Computing Systems out of Unreliable Insecure Components. John E. Dobson, Brian Randell |
| 2001 | CONSEPP: CONvenient and Secure Electronic Payment Protocol Based on X9.59. Albert Levi, Çetin Kaya Koç |
| 2001 | Computing Without Wires (Or Even a Net): The Pitfalls, Potentials, and Practicality of Wireless Networking. Anna Entrichel, James Bergman, Jason Willis, Herb Little |
| 2001 | DAIS: A Real-Time Data Attack Isolation System for Commercial Database Applications. Peng Liu |
| 2001 | Detecting Conflicts in a Role-Based Delegation Model. Andreas Schaad |
| 2001 | Determining Privileges of Mobile Agents. Wayne A. Jansen |
| 2001 | Enabling Hierarchical and Bulk-Distribution for Watermarked Content. Germano Caronni, Christoph L. Schuba |
| 2001 | Engineering of Role/Permission Assignments. Pete Epstein, Ravi S. Sandhu |
| 2001 | Experiences Implementing a Common Format for IDS Alerts. Benjamin S. Feinstein, Gregory A. Matthews, Stuart Staniford, Andy Walther |
| 2001 | Genoa TIE, Advanced Boundary Controller Experiment. Eric Monteith |
| 2001 | How Useful is Software Fault Injection for Evaluating the Security of COTS Products? Matt Bishop, Anup K. Ghosh, James A. Whittaker |
| 2001 | Implementing the Intrusion Detection Exchange Protocol. Tim Buchheim, Michael Erlinger, Benjamin S. Feinstein, Gregory A. Matthews, Roy Pollock, Joseph Betser, Andy Walther |
| 2001 | Information Flow Analysis of Component-Structured Applications. Peter Herrmann |
| 2001 | Information Security: Science, Pseudoscience, and Flying Pigs. Roger R. Schell |
| 2001 | Introduction to Classic Papers. Dan Thomsen |
| 2001 | IntruDetector: A Software Platform for Testing Network Intrusion Detection Algorithms. Tao Wan, Xue Dong Yang |
| 2001 | Java Security Extensions for a Java Server in a Hostile Environment. David M. Wheeler, Adam Conyers, Jane Luo, Alex Xiong |
| 2001 | Managing Alerts in a Multi-Intrusion Detection Environmen. Frédéric Cuppens |
| 2001 | Mining Alarm Clusters to Improve Alarm Handling Efficiency. Klaus Julisch |
| 2001 | Mitigating Distributed Denial of Service Attacks with Dynamic Resource Pricing. David Mankins, Rajesh Krishnan, Ceilyn Boyd, John Zao, Michael Frentz |
| 2001 | Practical Automated Filter Generation to Explicitly Enforce Implicit Input Assumptions. Valentin Razmov, Daniel R. Simon |
| 2001 | Privacy-Preserving Cooperative Statistical Analysis. Wenliang Du, Mikhail J. Atallah |
| 2001 | Requirements for a General Framework for Response to Distributed Denial-of-Service. D. W. Gresty, Qi Shi, Madjid Merabti |
| 2001 | Restricting Access with Certificate Attributes in Multiple Root Environments-A Recipe for Certificate Masquerading. James M. Hayes |
| 2001 | Secure Anonymous Group Infrastructure for Common and Future Internet Applications. Nathalie Weiler |
| 2001 | Secure Blue: An Architecture for a Scalable, Reliable, High Volume SSL Internet Server. Ronald Mraz |
| 2001 | Securing Web Servers against Insider Attack . Shan Jiang, Sean W. Smith, Kazuhiro Minami |
| 2001 | Security Policy Enforcement at the File System Level in the Windows NT Operating System Family. Stephen D. Wolthusen |
| 2001 | Security Vendor CTOs: Perspectives, Opinions, and Lessons Learned. Ron Gula, Gene Kim, Chris Klaus, Paul Proctor |
| 2001 | Temporal Signatures for Intrusion Detection. Anita Jones, Song Li |
| 2001 | The Authorization Service of Tivoli Policy Director. Günter Karjoth |
| 2001 | The Performance Measurement of Cryptographic Primitives on Palm Devices. Duncan S. Wong, Hector Ho Fuentes, Agnes Hui Chan |
| 2001 | Trustworthiness in Distributed Electronic Healthcare Records-Basis for Shared Care. Bernd Blobel |
| 2001 | Verifiable Identifiers in Middleware Security. Ulrich Lang, Dieter Gollmann, Rudolf Schreiner |
| 2001 | Watcher: The Missing Piece of the Security Puzzle. John C. Munson, Scott Wimer |
| 2001 | Why Information Security is Hard-An Economic Perspective. Ross J. Anderson |
| 2001 | Wired versus Wireless Security: The Internet, WAP and iMode for E-Commerce. Paul Ashley, Heather M. Hinton, Mark Vandenwauver |
| 2001 | eXpert-BSM: A Host-Based Intrusion Detection Solution for Sun Solaris. Ulf Lindqvist, Phillip A. Porras |