In Web 2.0, user is both content consumer and provider of the Web. However, current Web is site centric; each web user has to maintain a separated copy of identity, relationships, and access-control rules for each service provider... more
In Web 2.0, user is both content consumer and provider of the Web. However, current Web is site centric; each web user has to maintain a separated copy of identity, relationships, and access-control rules for each service provider (“walled garden”). For the purpose of illustrating our discussion, we will use the following scenario of content sharing:
The issue of security in healthcare has been discussed from a variety of perspectives at many CORBAMED meetings. This report focuses on the practical topic of how CORBAMED RFP's for services can go forward while accounting for security... more
The issue of security in healthcare has been discussed from a variety of perspectives at many CORBAMED meetings. This report focuses on the practical topic of how CORBAMED RFP's for services can go forward while accounting for security requirements. As we have found out, the exact nature of what is encompassed in the use of the word security can vary from person to person. Even if we start with a specific definition of security, requirements will also vary across a spectrum of viewpoints.
Abstract This paper introduces an efficient and spontaneous privacy-preserving protocol for vehicular ad-hoc networks based on revocable ring signature. The proposed protocol has three appealing characteristics: First, it offers... more
Abstract This paper introduces an efficient and spontaneous privacy-preserving protocol for vehicular ad-hoc networks based on revocable ring signature. The proposed protocol has three appealing characteristics: First, it offers conditional privacy-preservation: while a receiver can verify that a message issuer is an authorized participant in the system only a trusted authority can reveal the true identity of a message sender.
Abstract Resource Access Decision (RAD) Service allows separation of authorization from application functionality in distributed application systems by providing a logically centralized authorization control mechanism. RAD has attractive... more
Abstract Resource Access Decision (RAD) Service allows separation of authorization from application functionality in distributed application systems by providing a logically centralized authorization control mechanism. RAD has attractive features such as decoupling of authorization logic from application logic, simplicity, generality, flexibility, support for complex application level access control, and ease of policy administration in heterogeneous, distributed systems.
Abstract The Windows Vista personal firewall provides its diverse users with a basic interface that hides many operational details. However, concealing the impact of network context on the security state of the firewall may result in... more
Abstract The Windows Vista personal firewall provides its diverse users with a basic interface that hides many operational details. However, concealing the impact of network context on the security state of the firewall may result in users developing an incorrect mental model of the protection provided by the firewall. We present a study of participants' mental models of Vista Firewall (VF).
Abstract Online Social Networks (OSNs) have attracted millions of active users and have become an integral part of today's Web ecosystem. Unfortunately, in the wrong hands, OSNs can be used to harvest private user data, distribute... more
Abstract Online Social Networks (OSNs) have attracted millions of active users and have become an integral part of today's Web ecosystem. Unfortunately, in the wrong hands, OSNs can be used to harvest private user data, distribute malware, control botnets, perform surveillance, spread misinformation, and even influence algorithmic trading.
Abstract This paper describes design and implementation of client-server architecture for Semantic Binary Database Management System developed at High Performance Database Research Center1, Florida International University2. We present a... more
Abstract This paper describes design and implementation of client-server architecture for Semantic Binary Database Management System developed at High Performance Database Research Center1, Florida International University2. We present a conceptual view of the system architecture, give a detailed picture of its layers responsible for client-server interaction, describe implementation issues, and, if time constraints allow3, present performance tests results.
Abstract The request-response paradigm used for access control solutions commonly leads to point-to-point (PTP) architectures, with security enforcement logic obtaining decisions from authorization servers through remote procedure calls.... more
Abstract The request-response paradigm used for access control solutions commonly leads to point-to-point (PTP) architectures, with security enforcement logic obtaining decisions from authorization servers through remote procedure calls. In massive-scale and complex enterprises, PTP authorization architectures result in fragile and inefficient solutions. They also fail to exploit virtually free CPU resources and network bandwidth.
Abstract We introduce the concept, model, and policy-specific algorithms for inferring new access control decisions from previous ones. Our secondary and approximate authorization model (SAAM) defines the notions of primary vs. secondary... more
Abstract We introduce the concept, model, and policy-specific algorithms for inferring new access control decisions from previous ones. Our secondary and approximate authorization model (SAAM) defines the notions of primary vs. secondary and precise vs. approximate authorizations. Approximate authorization responses are inferred from cached primary responses, and therefore provide an alternative source of access control decisions in the event that the authorization server is unavailable or slow.
Abstract Securing smartphones' data is a new and growing concern, especially when this data represents valuable or sensitive information. Even though there are many data protection solutions for smartphones, there are no studies that... more
Abstract Securing smartphones' data is a new and growing concern, especially when this data represents valuable or sensitive information. Even though there are many data protection solutions for smartphones, there are no studies that investigate users' requirements for such solutions. In this paper, we approach smartphones' data protection problem in a user-centric way, and analyze the requirements of data protection systems from users' perspectives.
Abstract Traditional authorization mechanisms based on the request-response model are generally supported by point-to-point communication between applications and authorization servers. As distributed applications increase in size and... more
Abstract Traditional authorization mechanisms based on the request-response model are generally supported by point-to-point communication between applications and authorization servers. As distributed applications increase in size and complexity, an authorization architecture based on point-to-point communication becomes fragile and difficult to manage.
Abstract Effective functionalities of many of the critical infrastructures depend on Communication and Information Technology Infrastructure (CITI). As such, any fault in CITI can disrupt the operation of these infrastructures.... more
Abstract Effective functionalities of many of the critical infrastructures depend on Communication and Information Technology Infrastructure (CITI). As such, any fault in CITI can disrupt the operation of these infrastructures. Understanding the origin of these faults, their propagation pattern and their impact on other infrastructures can be very valuable for secure and reliable infrastructures design and operation. However, up to now there is no well-defined technique to comprehend these interinfrastructure fault scenarios.
Abstract Even though personal firewalls are an important aspect of security for the users of personal computers, little attention has been given to their usability. We conducted semi-structured interviews with a diverse set of... more
Abstract Even though personal firewalls are an important aspect of security for the users of personal computers, little attention has been given to their usability. We conducted semi-structured interviews with a diverse set of participants to gain an understanding of their knowledge, requirements, perceptions, and misconceptions of personal firewalls. Through a qualitative analysis of the data, we found that most of our participants were not aware of the functionality of personal firewalls and their role in protecting computers.
Abstract This panel discusses specific challenges in the usability of access control technologies and new opportunities for research. The questions vary from" Why nobody, even experts, uses access control lists (ACLs)?" to" Shall access... more
Abstract This panel discusses specific challenges in the usability of access control technologies and new opportunities for research. The questions vary from" Why nobody, even experts, uses access control lists (ACLs)?" to" Shall access controls (and corresponding languages) be totally embedded and invisible and never, ever seen by the users?" to" What should be the user-study methodology for access control systems?".
Abstract We discuss issues in CPR enterprise security architecture. The main goal is to provide a security environment where a user will be viewed the same across all enterprise systems, and access control decisions will be consistent... more
Abstract We discuss issues in CPR enterprise security architecture. The main goal is to provide a security environment where a user will be viewed the same across all enterprise systems, and access control decisions will be consistent across all components of the CPR enterprise.
We analyze access control mechanisms of the COM+ architecture and define a configuration of the COM+ protection system in more precise and less ambiguous language than the COM+ documentation. Using this configuration, we suggest an... more
We analyze access control mechanisms of the COM+ architecture and define a configuration of the COM+ protection system in more precise and less ambiguous language than the COM+ documentation. Using this configuration, we suggest an algorithm that formally specifies the semantics of authorization decisions in COM+. We analyze the level of support for the American National Standard Institute's (ANSI) specification of role-based access control (RBAC) components and functional specification in COM+.
Abstract As distributed applications increase in size and complexity, traditional authorization architectures based on a dedicated authorization server become increasingly fragile because this decision point represents a single point of... more
Abstract As distributed applications increase in size and complexity, traditional authorization architectures based on a dedicated authorization server become increasingly fragile because this decision point represents a single point of failure and a performance bottleneck. Authorization caching, which enables the reuse of previous authorization decisions, is one technique that has been used to address these challenges.
Abstract Web 2.0 users need usable mechanisms for sharing their content with each other in a controlled manner across boundaries of content-hosting or application-service providers (CSPs). In this paper, we describe the architecture,... more
Abstract Web 2.0 users need usable mechanisms for sharing their content with each other in a controlled manner across boundaries of content-hosting or application-service providers (CSPs). In this paper, we describe the architecture, design, and implementation of a proposed system for Web 2.0 content sharing across CSPs. With our approach, users use their existing email account to login to CSPs, and content owners use their email-based contact-lists to specify access policies.
As Internet has become the primary source of disseminating information, companies and government organization are increasingly opening their IT infrastructure to give external customers and partners access to resources and internal users... more
As Internet has become the primary source of disseminating information, companies and government organization are increasingly opening their IT infrastructure to give external customers and partners access to resources and internal users to various corporate data [6]. Authorization policies regulate access to these resources making them extremely important in protecting IT infrastructure. Modern access control architectures follow the request-response paradigm.
Abstract Current Web single sign-on (SSO) solutions impose a cognitive burden on web users and do not provide content-hosting and service providers (CSPs) with sufficient incentives to become relying parties (RPs). We propose a... more
Abstract Current Web single sign-on (SSO) solutions impose a cognitive burden on web users and do not provide content-hosting and service providers (CSPs) with sufficient incentives to become relying parties (RPs). We propose a browser-based Web SSO solution that requires minimal user interaction and provide RPs with clear value propositions to motivate their adoption.
Abstract Web 2.0 users need usable mechanisms for sharing their content with each other in a controlled manner across boundaries of content-hosting or application-service providers (CSPs). In this paper, we propose an approach for Web 2.0... more
Abstract Web 2.0 users need usable mechanisms for sharing their content with each other in a controlled manner across boundaries of content-hosting or application-service providers (CSPs). In this paper, we propose an approach for Web 2.0 content sharing beyond walled gardens. The system is built upon the existing secret-link mechanism and augments OpenID identity providers with both an OpenIDemail extension and a role-based trust-management policy service (RTPS).
Abstract The usability of security systems within an organization is impacted not only by tool interfaces but also by the security management model (SMM) of the IT security team. Finding the right SMM is critical and yet can be... more
Abstract The usability of security systems within an organization is impacted not only by tool interfaces but also by the security management model (SMM) of the IT security team. Finding the right SMM is critical and yet can be challenging, as there are tradeoffs inherent with each approach. We present a case study of one post-secondary educational institution that created a centralized security team, but disbanded it in favour of a more distributed approach three years later.
The Author Index contains the primary entry for each item, listed under the first author's name. The primary entry includes the coauthors' names, the title of the paper or other item, and its location, specified by the publication... more
The Author Index contains the primary entry for each item, listed under the first author's name. The primary entry includes the coauthors' names, the title of the paper or other item, and its location, specified by the publication abbreviation, year, month, and inclusive pagination. The Subject Index contains entries describing the item under all appropriate subject headings, plus the first author's name, the publication abbreviation, month, and year, and inclusive pages. Subject cross-references are included to assist in finding items of interest.
We recently replicated and extended a 2009 study that investigated the effectiveness of SSL warnings. The original study was conducted at CMU by Sunshine et al.[2], and we will refer to it as the CMU study. As in the CMU study, we... more
We recently replicated and extended a 2009 study that investigated the effectiveness of SSL warnings. The original study was conducted at CMU by Sunshine et al.[2], and we will refer to it as the CMU study. As in the CMU study, we required participants to perform a series of tasks; and we observed their reactions to SSL warnings that were presented to them. After they completed the tasks, we asked them to complete an online questionnaire where we asked about their reasoning behind their actions during the study's tasks.
Identity management (IdM) comprises the processes and infrastructure for the creation and maintenance of user's digital identities and the designation of who has access to resources, who grants that access, and how accountability and... more
Identity management (IdM) comprises the processes and infrastructure for the creation and maintenance of user's digital identities and the designation of who has access to resources, who grants that access, and how accountability and compliance are maintained. Identity management in organizations is done centrally using an enterprise identity management system (IdM system) or in a distributed fashion using different applications across the organization.
Abstract In today's world, IT security plays a critical role in different organizations, yet little is known about IT security in the context of organizations. This paper addresses this issue based on qualitative description analysis of... more
Abstract In today's world, IT security plays a critical role in different organizations, yet little is known about IT security in the context of organizations. This paper addresses this issue based on qualitative description analysis of 10 interviews with IT security practitioners from small to medium size organizations. Our results revealed the required knowledge and skills for effective IT security, IT security tasks, and the tools which are used to perform these tasks.
Abstract We present an approach to decouple security policy decisions logic from application logic for those systems that exercise application level security policies. In particular, we propose a design solution that allows to decouple... more
Abstract We present an approach to decouple security policy decisions logic from application logic for those systems that exercise application level security policies. In particular, we propose a design solution that allows to decouple authorization logic from CORBA-based security-aware applications.
Abstract Technologies advanced in communication devices and wireless networks enable telecommunication network operators to provide rich personalized multimedia services. To attract potential customers and increase average revenue per... more
Abstract Technologies advanced in communication devices and wireless networks enable telecommunication network operators to provide rich personalized multimedia services. To attract potential customers and increase average revenue per customer, network operators will provide personalized services as differentiating factors in the near future.
ABSTRACT Although social networking sites provide rich privacy settings to protect their users, many of these settings are based on the assumption that the individuals to whom a user is connected are trusted and genuinely benign. Thus,... more
ABSTRACT Although social networking sites provide rich privacy settings to protect their users, many of these settings are based on the assumption that the individuals to whom a user is connected are trusted and genuinely benign. Thus, most of this protection is lost once this trust is exploited by a malicious “friend”. In this work-in-progress research, we discuss how an adversary can craft a fictitious user profile that is socially compatible with a target user profile (ie, the victim) using only publicly accessible information.
Abstract This paper presents an effective approach for detecting and preventing known as well as novel SQL injection attacks. Unlike existing approaches, ours (1) is resistant to evasion techniques, such as hexadecimal encoding or inline... more
Abstract This paper presents an effective approach for detecting and preventing known as well as novel SQL injection attacks. Unlike existing approaches, ours (1) is resistant to evasion techniques, such as hexadecimal encoding or inline comment,(2) does not require analysis or modification of the application source code,(3) does not need training traces,(4) does not require modification of the runtime environment, such as PHP interpreter or JVM, and (5) is independent of the back-end database used.
Abstract Request response access control systems that use Policy Decision Points have their reliability and latency bounded by network communication. We propose the use of a secondary decision point that combines previously computed... more
Abstract Request response access control systems that use Policy Decision Points have their reliability and latency bounded by network communication. We propose the use of a secondary decision point that combines previously computed authorizations with knowledge of the security model to infer the result of authorization requests. We demonstrate that this approximate recycling approach increases the reliability of a system to a greater extent than existing precise authorization recycling solutions.
Page 1. Reviewer Acknowledgments Alessandro Acquisti Carnegie Mellon University Pittsburgh, Pennsylvania Shamel Addas McGill University Montréal, Quebec, Canada Maxim Afanasyev Stanford University Stanford, California James Agarwal... more
Page 1. Reviewer Acknowledgments Alessandro Acquisti Carnegie Mellon University Pittsburgh, Pennsylvania Shamel Addas McGill University Montréal, Quebec, Canada Maxim Afanasyev Stanford University Stanford, California James Agarwal University of Calgary Calgary, Alberta, Canada Ritu Agarwal University of Maryland College Park, Maryland William W. Agresti.
Personal firewalls are recognized as the first line of defense for personal computers. However, the protection they afford depends strongly on their correct configuration [4]. Therefore, their usability is key to their effectiveness. In... more
Personal firewalls are recognized as the first line of defense for personal computers. However, the protection they afford depends strongly on their correct configuration [4]. Therefore, their usability is key to their effectiveness. In particular, as users become increasingly mobile, it is important for them to be able to judge whether their computer is secure enough for the usage context at hand [2].
Abstract We present Speculative Authorization (SPAN), a prediction technique that reduces authorization latency in enterprise systems. SPAN predicts requests that a system client might make in the near future, based on its past behavior.... more
Abstract We present Speculative Authorization (SPAN), a prediction technique that reduces authorization latency in enterprise systems. SPAN predicts requests that a system client might make in the near future, based on its past behavior. SPAN allows authorization decisions for the predicted requests to be made before the requests are issued, thus virtually reducing the authorization latency to zero.
Smartphones have become truly ubiquitous devices and it is hard to imagine our daily life without them. Today's modern smartphones offer a diverse set of services and rich functionalities, which include gaming, web browsing, emails, GPS... more
Smartphones have become truly ubiquitous devices and it is hard to imagine our daily life without them. Today's modern smartphones offer a diverse set of services and rich functionalities, which include gaming, web browsing, emails, GPS navigation, voice search and high definition video. Such rich functionalities attracted a large number of smartphone owners (referred to as users), and as a result, smartphones overtook laptops and desktops in terms of the number of sold items per year [1].
Abstract We describe access control mechanisms of the Common Object Request Broker Architecture (CORBA) and define a configuration of the CORBA protection system in more precise and less ambiguous language than the CORBA Security... more
Abstract We describe access control mechanisms of the Common Object Request Broker Architecture (CORBA) and define a configuration of the CORBA protection system in more precise and less ambiguous language than the CORBA Security specification (CORBASec). Using the configuration definition, we suggest an algorithm that formally specifies the semantics of authorization decisions in CORBA.
Architectures of modern access control solutions—such as Access Manager, GetAccess, SiteMinder, EJB—are based on the request-response paradigm. In this paradigm, the policy enforcement point (PEP) intercepts application requests, obtains... more
Architectures of modern access control solutions—such as Access Manager, GetAccess, SiteMinder, EJB—are based on the request-response paradigm. In this paradigm, the policy enforcement point (PEP) intercepts application requests, obtains access control decisions (or authorizations) from the policy decision point (PDP), and enforces those decisions.
With Web 2.0, the user is both a consumer and provider of Web content. However, today's Web is site centric. A user has to maintain a separated copy of identity and corresponding password for each content-hosting and service providers... more
With Web 2.0, the user is both a consumer and provider of Web content. However, today's Web is site centric. A user has to maintain a separated copy of identity and corresponding password for each content-hosting and service providers (CSPs), which leads to weaker passwords and/or password re-use across accounts [4]. Federated identity solutions enable cross-domain single sign-on, and remove the need for users to keep identifiers and passwords at individual CSPs.
ABSTRACT Performing ecologically valid user studies for IT security management (ITSM) systems is challenging. The users of these systems are security professionals who are difficult to recruit for interviews, let alone controlled user... more
ABSTRACT Performing ecologically valid user studies for IT security management (ITSM) systems is challenging. The users of these systems are security professionals who are difficult to recruit for interviews, let alone controlled user studies. Furthermore, evaluation of ITSM systems inherits the difficulties of studying collaborative and complex systems. During our research, we have encountered many challenges in studying ITSM systems in their real context of use.
Page 1. Computer and Distributed Security: Introductory Overview for Researchers Konstantin Beznosov beznosov@cs.fiu.edu Presentation at CADSE, FIU October 2, 1998 Copyright c 1998 Konstantin Beznosov Page 2. We Will Discuss Today: What... more
Page 1. Computer and Distributed Security: Introductory Overview for Researchers Konstantin Beznosov beznosov@cs.fiu.edu Presentation at CADSE, FIU October 2, 1998 Copyright c 1998 Konstantin Beznosov Page 2. We Will Discuss Today: What is security of computer systems Security and usability The main challenge for security Threats, Vulnerabilities, and Attacks Security Concerns Distributed Security Security Functionalities Summary References Copyright c 1998 Konstantin Beznosov 1 Page 3.
Abstract: Development of mobile software applications for use in specific domains such as Public Security must conform to stringent security requirements. While mobile devices have many known limitations, assuring complex fine-grained... more
Abstract: Development of mobile software applications for use in specific domains such as Public Security must conform to stringent security requirements. While mobile devices have many known limitations, assuring complex fine-grained security policies poses an additional challenge to quality mobile services and raises usability concerns. We address these challenges by means of a novel approach to authentication and gradual multi-factor authorization for access to sensitive data.
Abstract This paper presents an approach for retrofitting existing web applications with run-time protection against known as well as unseen SQL injection attacks (SQLIAs). This approach (1) is resistant to evasion techniques, such as... more
Abstract This paper presents an approach for retrofitting existing web applications with run-time protection against known as well as unseen SQL injection attacks (SQLIAs). This approach (1) is resistant to evasion techniques, such as hexadecimal encoding or inline comment,(2) does not require analysis or modification of the application source code,(3) does not require modification of the runtime environment, such as PHP interpreter or JVM, and (4) is independent of the back-end database used.
Abstract: Multiple-Channel SSL (MC-SSL) is our model and protocol for the security of client-server communication. In contrast to SSL, MC-SSL can securely provide applications with multiple channels, and each of them can have a specific... more
Abstract: Multiple-Channel SSL (MC-SSL) is our model and protocol for the security of client-server communication. In contrast to SSL, MC-SSL can securely provide applications with multiple channels, and each of them can have a specific cipher suite and a various number of application proxies; meanwhile, the channel negotiation and operation in MC-SSL are still based on SSL, which needs a small change in order to support multiple cipher suites.
Abstract This study investigates how security practitioners perform diagnostic work during the identification of security incidents. Based on empirical data from 16 interviews with security practitioners, we identify the tasks, skills,... more
Abstract This study investigates how security practitioners perform diagnostic work during the identification of security incidents. Based on empirical data from 16 interviews with security practitioners, we identify the tasks, skills, strategies and tools that security practitioners use to diagnose security incidents. Our analysis shows that diagnosis is a highly collaborative activity, which may involve practitioners developing their own tools to perform specific tasks.
Abstract Mobile devices are becoming more pervasive and more advanced with respect to their processing power and memory size. Relying on the personalized and trusted nature of such devices, security features can be deployed on them in... more
Abstract Mobile devices are becoming more pervasive and more advanced with respect to their processing power and memory size. Relying on the personalized and trusted nature of such devices, security features can be deployed on them in order to uniquely identify a user to a service provider. In this paper, we present a strong authentication mechanism that exploits the use of mobile devices to provide a two-factor authentication method.
Abstract The ease with which we adopt online personas and relationships has created a soft spot that cyber criminals are willing to exploit. Advances in artificial intelligence make it feasible to design bots that sense, think and act... more
Abstract The ease with which we adopt online personas and relationships has created a soft spot that cyber criminals are willing to exploit. Advances in artificial intelligence make it feasible to design bots that sense, think and act cooperatively in social settings just like human beings. In the wrong hands, these bots can be used to infiltrate online communities, build up trust over time and then send personalized messages to elicit information, sway opinions and call to action.
Abstract In recent years, concerns about the safety and security of critical infrastructures have increased enormously. These infrastructures can easily become subjects of physical and cyber attacks. In this paper, we propose a software... more
Abstract In recent years, concerns about the safety and security of critical infrastructures have increased enormously. These infrastructures can easily become subjects of physical and cyber attacks. In this paper, we propose a software architecture named security and protection architecture for physical infrastructures (SPAPI) for the protection of these critical infrastructures and for other non-military uses.
Abstract The security administration of large organizations is exceptionally challenging due to the increasingly large numbers of application instances, resources, and users; the growing complexity and dynamics of business processes; and... more
Abstract The security administration of large organizations is exceptionally challenging due to the increasingly large numbers of application instances, resources, and users; the growing complexity and dynamics of business processes; and the spiralling volume of change that results from the interaction of the first two factors.
Page 1. University of British Columbia Vancouver, Canada University of Applied Sciences Offenburg, Germany A Method for Assessing the Trustworthiness of an Entity by Cooperating Authorities Master Thesis Communication and Media... more
Page 1. University of British Columbia Vancouver, Canada University of Applied Sciences Offenburg, Germany A Method for Assessing the Trustworthiness of an Entity by Cooperating Authorities Master Thesis Communication and Media Engineering Period: March 2005 - August 2005 Mathias Kohler, 165456 Wiesenstrasse 61-1 79312 Emmendingen Germany Supervisors: Prof. Dr. Konstantin Beznosov beznosov@ece.ubc.ca Dept. of Electrical & Computer Engineering University of British Columbia Vancouver, BC, Canada V6T 1Z4 Prof.