Quantcast
Channel: Publications of the Laboratory for Education and Research in Secure Systems Engineering (LERSSE)
Browsing all 82 articles
Browse latest View live

Security Practitioners in Context: Their Activities and Interactions with...

This study investigates the context of interactions of IT security practitioners, based on a qualitative analysis of 30 interviews and participatory observation. We identify nine different activities...

View Article



An integrated view of human, organizational, and technological challenges of...

Abstract Purpose – The purpose of this study is to determine the main challenges that IT security practitioners face in their organizations, including the interplay among human, organizational, and...

View Article

SQLPrevent: Effective Dynamic Protection Against SQL Injection Attacks

This paper presents an approach for retrofitting existing web applications with run-time protection against known as well as unseen SQL injection attacks (SQLIAs). This approach (1) is resistant to...

View Article

Usability Meets Access Control: Challenges and Research Opportunities

This panel discusses specific challenges in the usability of access control technologies and new opportunities for research. The questions vary from “Why nobody, even experts, uses access control lists...

View Article

Application-Based TCP Hijacking

We present application-based TCP hijacking (ABTH), a new attack on TCP applications that exploits flaws due to the interplay between TCP and application protocols to inject data into an application...

View Article


Identification of sources of failures and their propagation in critical...

Understanding the origin of infrastructure failures and their propagation patterns in critical infrastructures can provide important information for secure and reliable infrastructure design. Among the...

View Article

Poster: Towards Secure Web 2.0 User Content Sharing Beyond Walled Gardens

Web 2.0 users need usable mechanisms for sharing their content with each other in a controlled manner across boundaries of content-hosting or application-service providers (CSPs). In this paper, we...

View Article

Speculative Authorizations

In a large-scale enterprise system, making authorization decisions is often computationally expensive due to the complexity of the policies involved and the large size of the resource and user...

View Article


Toward Improving Availability and Performance of Enterprise Authorization...

In currently deployed large enterprise systems, policy enforcement points (PDPs) are commonly implemented as logically centralized authorization servers. This centralization provides important...

View Article


Revealing Hidden Context: Improving Mental Models of Personal Firewall Users

The Windows Vista personal firewall provides its diverse users with a basic interface that hides many operational details. However, concealing the impact of network context on the security state of...

View Article

Poster: Toward Enabling Secure Web 2.0 Content Sharing Beyond Walled Gardens

Web 2.0 users need usable mechanisms for sharing their content with each other in a controlled manner across boundaries of content-hosting or application-service providers (CSPs). In this paper, we...

View Article

Towards Web 2.0 Content Sharing Beyond Walled Gardens

Web 2.0 users need usable mechanisms for sharing their content with each other in a controlled manner across boundaries of content-hosting or application-service providers (CSPs). In this presentation,...

View Article

Open Problems in Web 2.0 User Content Sharing

Users need useful mechanisms for sharing their Web 2.0 content with each other in a controlled manner across boundaries of content-hosting and service providers (CSPs). In this paper, we discuss open...

View Article


Revealing Hidden Context: Improving Mental Models of Personal Firewall Users

The Windows Vista personal firewall provides its diverse users with a basic interface that hides many operational details. However, concealing the impact of network context on the security state of the...

View Article

Towards Enabling Web 2.0 Content Sharing Beyond Walled Gardens

Web 2.0 users have many choices of content-hosting or application-service providers (CSPs). It can be difficult for a user to share content with a set of real-life friends and associates; intended...

View Article


Retrofitting Existing Web Applications with Effective Dynamic Protection...

This paper presents an approach for retrofitting existing web applications with run-time protection against known as well as unseen SQL injection attacks (SQLIAs) without the involvement of application...

View Article

Revealing Hidden Context: Improving Users' Mental Models of Personal Firewalls

Windows Vista’s personal firewall provides its diverse users with a basic interface that hides many operational details. However, our study of this interface revealed that concealing the impact of...

View Article


Towards Understanding Diagnostic Work During the Detection and Investigation...

This study investigates how security practitioners perform diagnostic work during the identification of security incidents. Based on empirical data from 16 interviews with security practitioners, we...

View Article

A Multi-method Approach for User-centered Design of Identity Management Systems

Identity management (IdM) comprises the processes and infrastructure for the creation, maintenance, and use of digital identities. This includes designating who has access to resources, who grants that...

View Article

Authorization Recycling in RBAC Systems

As distributed applications increase in size and complexity, traditional authorization mechanisms based on a single policy decision point are increasingly fragile because this decision point represents...

View Article
Browsing all 82 articles
Browse latest View live




Latest Images