Refereed Journal Papers

Latest additions:
2016-04-06
09:50
Phishing threat avoidance behaviour: An empirical investigation / Nalin Asanka Gamagedara Arachchilage ; Steve Love ; Konstantin Beznosov [LERSSE-RefJnlPaper-2016-001]
Abstract Phishing is an online identity theft that aims to steal sensitive information such as username, password and online banking details from its victims. [...]
Published in Nalin Asanka Gamagedara Arachchilage, Steve Love, Konstantin Beznosov, Phishing threat avoidance behaviour: An empirical investigation, Computers in Human Behavior, Volume 60, July 2016, Pages 185-197, ISSN 0747-5632:
Fulltext: Download fulltextPDF Download fulltextPDF (PDFA);
Detailed record - Similar records
2013-07-29
07:28
Heuristics for Evaluating IT Security Management Tools / Pooya Jaferian ; Kirstie Hawkey ; Andreas Sotirakopoulos ; Maria Velez-Rojas ; et al [LERSSE-RefJnlPaper-2013-002]
The usability of IT security management (ITSM) tools is hard to evaluate by regular methods, making heuristic evaluation attractive. [...]
Published in Pooya Jaferian, Kirstie Hawkey, Andreas Sotirakopoulos, Maria Velez-Rojas, Konstantin Beznosov, Heuristics for Evaluating IT Security Management Tools, Accepted in Human–Computer Interaction, doi:10.1080/07370024.2013.819198.:
Fulltext: Download fulltextPDF Download fulltextPDF (PDFA);
Detailed record - Similar records
2013-06-10
13:56
Investigating Users' Perspectives of Web Single Sign-On: Conceptual Gaps and Acceptance Model / San-Tsai Sun ; Eric Pospisil ; Ildar Muslukhov ; Nuray Dindar ; et al [LERSSE-RefJnlPaper-2013-001]
OpenID and OAuth are open and simple web single sign-on (SSO) protocols that have been adopted by major service providers, and millions of supporting websites. [...]
Published in San-Tsai Sun, Eric Pospisil, Ildar Muslukhov, Nuray Dindar, Kirstie Hawkey, and Konstantin Beznosov. Investigating users' perspectives of web single sign-on: Conceptual gaps and acceptance model. Accepted for publication in ACM Transactions on Internet Technology (TOIT) on June 4th, 2013.:
Fulltext: Download fulltextPDF Download fulltextPDF (PDFA);
Detailed record - Similar records
2012-10-03
10:29
Speculative Authorization / Pranab Kini ; Konstantin Beznosov [LERSSE-RefJnlPaper-2012-003]
We present Speculative Authorization (SPAN), a prediction technique that reduces authorization latency in enterprise systems. [...]
Published in Pranab Kini, Konstantin Beznosov, "Speculative Authorization," IEEE Transactions on Parallel and Distributed Systems, 10 Aug. 2012.:
Transfer from CDS 0.99.7: Download fulltextPDF;
Detailed record - Similar records
2012-07-13
15:10
Design and Analysis of a Social Botnet / Yazan Boshmaf ; Ildar Muslukhov ; Konstantin Beznosov ; Matei Ripeanu [LERSSE-RefJnlPaper-2012-002]
Online Social Networks (OSNs) have attracted millions of active users and have become an integral part of today's Web ecosystem. [...]
Published in Yazan Boshmaf, Ildar Muslukhov, Konstantin Beznosov, Matei Ripeanu. Design and Analysis of a Social Botnet. Elsevier Journal of Computer Network - Special Issue on Botnets, 2012.:
Transfer from CDS 0.99.7: Download fulltextPDF;
Detailed record - Similar records
2012-03-11
11:21
Systematically breaking and fixing OpenID security: Formal analysis, semi-automated empirical evaluation, and practical countermeasures / San-Tsai Sun ; Kirstie Hawkey ; Konstantin Beznosov [LERSSE-RefJnlPaper-2012-001]
OpenID 2.0 is a user-centric Web single sign-on protocol with over one billion OpenID-enabled user accounts, and tens of thousands of supporting websites. [...]
Published in San-Tsai Sun, Kirstie Hawkey, and Konstantin Beznosov. Systematically breaking and fixing OpenID security: Formal analysis, semi-automated empirical evaluation, and practical countermeasures. Computers & Security, Accepted 7 February 2012.:
Transfer from CDS 0.99.7: Download fulltextPDF;
Detailed record - Similar records
2011-08-04
19:56
Analysis of ANSI RBAC Support in EJB / Wesam Darwish ; Konstantin Beznosov [LERSSE-RefJnlPaper-2011-001]
This paper analyzes access control mechanisms of the Enterprise Java Beans (EJB) architecture and defines a configuration of the EJB protection system in a more precise and less ambiguous language than the EJB 3.0 standard. [...]
Published in Wesam Darwish and Konstantin Beznosov. Analysis of ANSI RBAC support in EJB. International Journal of Secure Software Engineering, 2(2):25-52, April-June 2011.:
Transfer from CDS 0.99.7: Download fulltextPDF;
Detailed record - Similar records
2010-10-19
14:53
Toward Understanding Distributed Cognition in IT Security Management: The Role of Cues and Norms / David Botta ; Kasia Muldner ; Kirstie Hawkey ; Konstantin Beznosov [LERSSE-RefJnlPaper-2010-002]
Information technology security management (ITSM) entails significant challenges, including the distribution of tasks and stakeholders across the organization, the need for security practitioners to cooperate with others, and technological complexity. [...]
Published in 1. D. Botta, K. Muldner, K. Hawkey, and K. Beznosov, “Toward Understanding Distributed Cognition in IT Security Management: The Role of Cues and Norms,” accepted for publication to the International Journal of Cognition, Technology and Work on 16 / Aug / 2010.:
Transfer from CDS 0.99.7: Download fulltextPDF;
Detailed record - Similar records
2010-05-30
18:48
Analysis of ANSI RBAC Support in COM+ / Wesam Darwish ; Konstantin Beznosov [LERSSE-RefJnlPaper-2010-001]
We analyze access control mechanisms of the COM+ architecture and define a configuration of the COM+ protection system in more precise and less ambiguous language than the COM+ documentation. [...]
Published in Darwish, W. and Beznosov, K. Analysis of ANSI RBAC Support in COM+. Comput. Stand. Interfaces 32, 4 (Jan. 2010), 197-214. :
Transfer from CDS 0.99.7: Download fulltextPDF;
Detailed record - Similar records
2009-12-03
10:24
Authorization Recycling in Hierarchical RBAC Systems / Qiang Wei ; Jason Crampton ; Konstantin Beznosov ; Matei Ripeanu [LERSSE-RefJnlPaper-2009-014]
As distributed applications increase in size and complexity, traditional authorization architectures based on a dedicated authorization server become increasingly fragile because this decision point represents a single point of failure and a performance bottleneck. [...]
Published in Q. Wei, J. Crampton, K. Beznosov, M. Ripeanu, “Authorization Recycling in Hierarchical RBAC Systems,” to appear in ACM Transactions on Information and System Security (TISSEC), 32 pages, preprint.:
Transfer from CDS 0.99.7: Download fulltextPDF;
Detailed record - Similar records