Publications of the Laboratory for Education and Research in Secure Systems Engineering (LERSSE) 24 records found  1 - 10nextend  jump to record: Search took 0.00 seconds. 
1. Android Rooting: Methods, Detection, and Evasion / San-Tsai Sun ; Andrea Cuadros ; Konstantin Beznosov [LERSSE-RefConfPaper-2015-007]
Android rooting enables device owners to freely customize their own devices and run useful apps that require root privileges. [...]
Published in San-Tsai Sun, Andrea Cuadros and Konstantin Beznosov. Android Rooting: Methods, Detection, and Evasion. Proceedings of the 5th Annual ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices, October 2015.:
Fulltext: Download fulltextPDF Download fulltextPDF (PDFA);
2. Towards Improving the Usability and Security of Web Single Sign-On Systems / San-Tsai Sun [LERSSE-THESIS-2013-001]
OpenID and OAuth are open and lightweight web single sign-on (SSO) protocols that have been adopted by high-profile identity providers (IdPs), such as Facebook, Google, Microsoft, and Yahoo, and millions of relying party (RP) websites. [...]
Published in San-Tsai Sun, "Towards Improving the Usability and Security of Web Single Sign-On Systems," PhD dissertation, Department of Electrical and Computer Engineering, THE UNIVERSITY OF BRITISH COLUMBIA, November, 2013, pp.216:
Fulltext: Download fulltextPDF Download fulltextPDF (PDFA);
3. Investigating Users' Perspectives of Web Single Sign-On: Conceptual Gaps and Acceptance Model / San-Tsai Sun ; Eric Pospisil ; Ildar Muslukhov ; Nuray Dindar ; et al [LERSSE-RefJnlPaper-2013-001]
OpenID and OAuth are open and simple web single sign-on (SSO) protocols that have been adopted by major service providers, and millions of supporting websites. [...]
Published in San-Tsai Sun, Eric Pospisil, Ildar Muslukhov, Nuray Dindar, Kirstie Hawkey, and Konstantin Beznosov. Investigating users' perspectives of web single sign-on: Conceptual gaps and acceptance model. Accepted for publication in ACM Transactions on Internet Technology (TOIT) on June 4th, 2013.:
Fulltext: Download fulltextPDF Download fulltextPDF (PDFA);
4. The Devil is in the (Implementation) Details: An Empirical Analysis of OAuth SSO Systems / San-Tsai Sun ; Konstantin Beznosov [LERSSE-RefConfPaper-2012-003]
Millions of web users today employ their Facebook accounts to sign into more than one million relying party (RP) websites. [...]
Published in San-Tsai Sun and Konstantin Beznosov. The devil is in the (implementation) details: An empirical analysis of OAuth SSO systems. In Proceedings of ACM Conference on Computer and Communications Security (CCS'12), October 2012.:
Transfer from CDS 0.99.7: Download fulltextPDF;
5. Systematically breaking and fixing OpenID security: Formal analysis, semi-automated empirical evaluation, and practical countermeasures / San-Tsai Sun ; Kirstie Hawkey ; Konstantin Beznosov [LERSSE-RefJnlPaper-2012-001]
OpenID 2.0 is a user-centric Web single sign-on protocol with over one billion OpenID-enabled user accounts, and tens of thousands of supporting websites. [...]
Published in San-Tsai Sun, Kirstie Hawkey, and Konstantin Beznosov. Systematically breaking and fixing OpenID security: Formal analysis, semi-automated empirical evaluation, and practical countermeasures. Computers & Security, Accepted 7 February 2012.:
Transfer from CDS 0.99.7: Download fulltextPDF;
6. What Makes Users Refuse Web Single Sign-On? An Empirical Investigation of OpenID / San-Tsai Sun ; Eric Pospisil ; Ildar Muslukhov ; Nuray Dindar ; et al [LERSSE-RefConfPaper-2011-004]
OpenID is an open and promising Web single sign-on (SSO) solution. [...]
Published in San-Tsai Sun, Eric Pospisil, Ildar Muslukhov, Nuray Dindar, Kirstie Hawkey, and Konstantin Beznosov. What makes users refuse web single sign-on? an empirical investigation of OpenID. In Proceedings of Symposium on Usable Privacy and Security, July 2011.:
Transfer from CDS 0.99.7: Download fulltextPDF;
7. Is OpenID too Open? Technical, Business, and Human Issues That Get in the Way of OpenID and Ways of Addressing Them / San-Tsai Sun ; Konstantin Beznosov [LERSSE-PRESENTATION-2011-001]
The web is essential for business and personal activities well beyond information retrieval, such online banking, financial transactions, and payment authorization, but reliable user authentication remains a challenge. [...]
Published in San-Tsai Sun and Konstantin Beznosov, "Is OpenID too Open? Technical, Business, and Human Issues That Get in the Way of OpenID and Ways of Addressing Them," presented at Eurecom, February 24, 2011. 57 pages.:
Transfer from CDS 0.99.7: Download fulltextPDF;
8. OpenID-Enabled Browser: Towards Usable and Secure Web Single Sign-On / San-Tsai Sun ; Eric Pospisil ; Ildar Muslukhov ; Nuray Dindar ; et al [LERSSE-RefConfPaper-2011-001]
OpenID is an open and promising Web single sign-on solution; however, the interaction flows provided by OpenID are inconsistent and counter-intuitive, and vulnerable to phishing attacks. [...]
Published in San-Tsai Sun, Eric Pospisil, Ildar Muslukhov, Nuray Dindar, Kirstie Hawkey, Konstantin Beznosov. OpenID-Enabled Browser: Towards Usable and Secure Web Single Sign-On. In Proceedings of the 29th International Conference Extended abstracts on Human Factors in Computing Systems (CHI '11), Vancouver, Canada, 2011.:
Transfer from CDS 0.99.7: Download fulltextPDF;
9. OpenID Security Analysis and Evaluation / San-Tsai Sun ; Konstantin Beznosov [LERSSE-PRESENTATION-2010-002]
OpenID is a promising user-centric Web single sign-on protocol. [...]
Published in San-Tsai Sun and Konstantin Beznosov, "OpenID Security Analysis and Evaluation," presented at the OWASP Chapter Meeting, Vancouver, Canada, October 21th 2010:
Transfer from CDS 0.99.7: Download fulltextPDF;
10. OpenIDemail Enabled Browser: Towards Fixing the Broken Web Single Sign-On Triangle / San-Tsai Sun ; Kirstie Hawkey ; Konstantin Beznosov [LERSSE-RefConfPaper-2010-007]
Current Web single sign-on (SSO) solutions impose a cognitive burden on web users and do not provide content-hosting and service providers (CSPs) with sufficient incentives to become relying parties (RPs). [...]
Published in San-Tsai Sun, Kirstie Hawkey, and Konstantin Beznosov. OpenIDemail Enabled Browser: Towards Fixing the Broken Web Single Sign-On Triangle. In Proceedings of the Sixth ACM Workshop on Digital Identity Management (DIM), October 8 2010.:
Transfer from CDS 0.99.7: Download fulltextPDF;

Publications of the Laboratory for Education and Research in Secure Systems Engineering (LERSSE) : 24 records found   1 - 10nextend  jump to record:
Interested in being notified about new results for this query?
Set up a personal email alert or subscribe to the RSS feed.