CiteSeerX — Search Results — Towards making accessible human-interaction proofs more secure and usable

Results 1 - 10 of 116,786

Data Security

by Dorothy E. Denning, Peter J. Denning , 1979

"... The rising abuse of computers and increasing threat to personal privacy through data banks have stimulated much interest m the techmcal safeguards for data. There are four kinds of safeguards, each related to but distract from the others. Access controls regulate which users may enter the system and ..."

Abstract - Cited by 611 (3 self) - Add to MetaCart

The rising abuse of computers and increasing threat to personal privacy through data banks have stimulated much interest m the techmcal safeguards for data. There are four kinds of safeguards, each related to but distract from the others. Access controls regulate which users may enter the system

Human-Computer Interaction

by Alan Dix, Sandra Cairncross, Gilbert Cockton, Russell Beale, Robert St Amant, Martha Hause , 1993

"... www.bcs-hci.org.uk Find out what happened at HCI2004 Interacting with … music aeroplanes petrol pumps Published by the British HCI Group • ISSN 1351-119X 1 ..."

Abstract - Cited by 582 (18 self) - Add to MetaCart

www.bcs-hci.org.uk Find out what happened at HCI2004 Interacting with … music aeroplanes petrol pumps Published by the British HCI Group • ISSN 1351-119X 1

Language-Based Information-Flow Security

by Andrei Sabelfeld , Andrew C. Myers - IEEE JOURNAL ON SELECTED AREAS IN COMMUNICATIONS , 2003

"... Current standard security practices do not provide substantial assurance that the end-to-end behavior of a computing system satisfies important security policies such as confidentiality. An end-to-end confidentiality policy might assert that secret input data cannot be inferred by an attacker throug ..."

Abstract - Cited by 821 (57 self) - Add to MetaCart

Current standard security practices do not provide substantial assurance that the end-to-end behavior of a computing system satisfies important security policies such as confidentiality. An end-to-end confidentiality policy might assert that secret input data cannot be inferred by an attacker

Why Johnny can’t encrypt: A usability evaluation of PGP 5.0

by Alma Whitten, J. D. Tygar , 1999

"... User errors cause or contribute to most computer security failures, yet user interfaces for security still tend to be clumsy, confusing, or near-nonexistent. Is this simply due to a failure to apply standard user interface design techniques to security? We argue that, on the contrary, effective secu ..."

Abstract - Cited by 472 (4 self) - Add to MetaCart

security requires a different usability standard, and that it will not be achieved through the user interface design techniques appropriate to other types of consumer software. To test this hypothesis, we performed a case study of a security program which does have a good user interface by general

Basic concepts and taxonomy of dependable and secure computing

by Algirdas Avizienis, Jean-claude Laprie, Brian Randell, Carl Landwehr - IEEE TDSC , 2004

"... This paper gives the main definitions relating to dependability, a generic concept including as special case such attributes as reliability, availability, safety, integrity, maintainability, etc. Security brings in concerns for confidentiality, in addition to availability and integrity. Basic defin ..."

Abstract - Cited by 758 (6 self) - Add to MetaCart

This paper gives the main definitions relating to dependability, a generic concept including as special case such attributes as reliability, availability, safety, integrity, maintainability, etc. Security brings in concerns for confidentiality, in addition to availability and integrity. Basic

A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks

by Shafi Goldwasser, Silvio Micali, Ronald L. Rivest , 1995

"... We present a digital signature scheme based on the computational diculty of integer factorization. The scheme possesses the novel property of being robust against an adaptive chosen-message attack: an adversary who receives signatures for messages of his choice (where each message may be chosen in a ..."

Abstract - Cited by 985 (43 self) - Add to MetaCart

were considered in the folklore to be contradictory. More generally, we show how to construct a signature scheme with such properties based on the existence of a "claw-free" pair of permutations - a potentially weaker assumption than the intractibility of integer factorization. The new scheme

Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. Technical Report 2003/235, Cryptology ePrint archive, http://eprint.iacr.org, 2006. Previous version appeared at EUROCRYPT 2004

by Yevgeniy Dodis, Rafail Ostrovsky, Leonid Reyzin, Adam Smith - 34 [DRS07] [DS05] [EHMS00] [FJ01] Yevgeniy Dodis, Leonid Reyzin, and Adam , 2004

"... We provide formal definitions and efficient secure techniques for • turning noisy information into keys usable for any cryptographic application, and, in particular, • reliably and securely authenticating biometric data. Our techniques apply not just to biometric information, but to any keying mater ..."

Abstract - Cited by 532 (38 self) - Add to MetaCart

We provide formal definitions and efficient secure techniques for • turning noisy information into keys usable for any cryptographic application, and, in particular, • reliably and securely authenticating biometric data. Our techniques apply not just to biometric information, but to any keying

The Protection of Information in Computer Systems

by Jerome H. Saltzer, Michael D. Schroeder , 1975

"... This tutorial paper explores the mechanics of protecting computer-stored information from unauthorized use or modification. It concentrates on those architectural structures--whether hardware or software--that are necessary to support information protection. The paper develops in three main sections ..."

Abstract - Cited by 815 (2 self) - Add to MetaCart

of protecting information in computers. Access The ability to make use of information stored in a computer system. Used frequently as a verb, to the horror of grammarians. Access control list A list of principals that are authorized to have access to some object. Authenticate To verify the identity of a person

Disconnected Operation in the Coda File System

by James J. Kistler, M. Satyanarayanan - ACM Transactions on Computer Systems , 1992

"... Disconnected operation is a mode of operation that enables a client to continue accessing critical data during temporary failures of a shared data repository. An important, though not exclusive, application of disconnected operation is in supporting portable computers. In this paper, we show that di ..."

Abstract - Cited by 1014 (36 self) - Add to MetaCart

Disconnected operation is a mode of operation that enables a client to continue accessing critical data during temporary failures of a shared data repository. An important, though not exclusive, application of disconnected operation is in supporting portable computers. In this paper, we show

JFlow: Practical Mostly-Static Information Flow Control

by Andrew C. Myers - In Proc. 26th ACM Symp. on Principles of Programming Languages (POPL , 1999

"... A promising technique for protecting privacy and integrity of sensitive data is to statically check information flow within programs that manipulate the data. While previous work has proposed programming language extensions to allow this static checking, the resulting languages are too restrictive f ..."

Abstract - Cited by 579 (32 self) - Add to MetaCart

for practical use and have not been implemented. In this paper, we describe the new language JFlow, an extension to the Java language that adds statically-checked information flow annotations. JFlow provides several new features that make information flow checking more flexible and convenient than in previous

Results 1 - 10 of 116,786

Tools