Table of Contents

From the Editors
Charge of the Light Brigade  ,Marc Donner, Googlepp. 5-5

News Briefs
News Briefs  ,Brandi Ortega, Staff editor pp. 6-8

In Memoriam
James P. Anderson: An Information Security Pioneer  Eugene Spafford, Pp. 9

Interview
Silver Bullet Talks with Eugene Spafford  Gary McGraw, Cigitalpp. 10-15

Virtual Roundtable
Information Assurance Technology Forecast 2008  Steven M. Bellovin pp. 16-23

Communications Security
Risking Communications Security: Potential Hazards of the Protect America Act
Steven M. Bellovin, Columbia University  pp. 24-33

Securing Information
Securing Information Transfer in Distributed Computing Environments
Siani Pearson, Hewlett-Packard Labs pp. 34-42

Grid Computing
Grid Computing Security: A Taxonomy Anirban Chakrabarti,  pp. 44-51

Security Metrics
Estimating a System's Mean Time-to-Compromise
David John Leversage, British Columbia Institute of Technology pp. 52-60

Education
Combating the Insider Cyber Threat
Frank L. Greitzer, Pacific Northwest National Laboratory pp. 61-64

On the Horizon
Taming Virtualization Martim Carbone, pp. 65-67

Crypto Corner
CAPTCHAs: Humans vs. Bots Aleksey Kolupaev,  pp. 68-70

Basic Training
Becoming a Security Expert Michael Howard, Microsoft pp. 71-73

Attack Trends
The Confused Deputy and the Domain Hijacker  Dave Ahmad,  pp. 74-77

Digital Protection
Forum Shopping on the Internet Michael Lesk, Rutgers University pp. 78-80

Building Security In
Security Testing of Internal Tools Edward Bonver, Symantecpp. 81-83

Emerging Standards
An RBAC Implementation and Interoperability Standard: The INCITS Cyber Security 1.1 Model Ed Coyne, pp. 84-87

For Good Measure
What We Got for Christmas Dan Geer, VerdasysDaniel Conway, p. 88