Design
Learning objectives: * understand the principles of engineering secure systems. * make effective use of security constructs provided by current technologies. * trade off security against useability...
View ArticleProceedings of the Second EECE 512 Mini-Conference on Computer Security
The proceedings of the second mini-conference of the EECE 512 course on Topics in Computer Security include four papers: 1. "Controlling Access to Resources Within The Python Interpreter" by Brett...
View ArticleGuidelines for Designing IT Security Management Tools
An important factor that impacts the effectiveness of security systems within an organization is the usability of security management tools. In this paper, we present a survey of design guidelines for...
View Article"I did it because I trusted you": Challenges with the Study Environment...
We recently replicated and extended a 2009 study that investigated the effectiveness of SSL warnings. Our experimental design aimed to mitigate some of the limitations of that prior study, including...
View ArticleHarvesting the Low-hanging Fruits: Defending Against Automated Large-Scale...
The orthodox paradigm to defend against automated social-engineering attacks in large-scale socio-technical systems is reactive and victim-agnostic. Defenses generally focus on identifying the...
View Article