1.
|
Toward understanding and improving the user experience with smartphone physical security
/ Masoud Mehrabi Koushki
[LERSSE-THESIS-2022-003]
The incumbent physical security system on smartphones is known to dissatisfy users. [...]
Published in Masoud Mehrabi Koushki, "Toward understanding and improving the user experience with smartphone physical security", PhD Dissertation, Department of Electrical and Computer Engineering, THE UNIVERSITY OF BRITISH COLUMBIA, September, 2022:
Fulltext: PDF;
|
2.
|
Neither Access nor Control: A Longitudinal Investigation of the Efficacy of User Access-Control Solutions on Smartphones
/ Masoud Mehrabi Koushki ; Yue Huang ; Julia Rubin ; Konstantin Beznosov
[LERSSE-RefConfPaper-2022-004]
The incumbent all-or-nothing model of access control on smartphones has been known to dissatisfy users, due to high overhead (both cognitive and physical) and lack of device-sharing support. [...]
Published in Masoud Mehrabi Koushki, Yue Huang, Julia Rubin, and Konstantin Beznosov. Neither Access nor Control: A Longitudinal Investigation of The Efficacy of User Access Control Solutions on Smartphones. In Proceedings of the 31st USENIX Security Symposium, 2022.:
Fulltext: PDF;
|
3.
|
Contextual Permission Models for Better Privacy Protection
/ Primal Wijesekera
[LERSSE-THESIS-2018-002]
Despite corporate cyber intrusions attracting all the attention, privacy breaches that we, as ordinary users, should be worried about occur every day without any scrutiny. [...]
Published in Primal Wijesekera, "Contextual Permission Models for Better Privacy Protection", PhD Dissertation, Department of Electrical and Computer Engineering, THE UNIVERSITY OF BRITISH COLUMBIA, June, 2018:
Fulltext: PDF PDF (PDFA);
|
4.
|
Contextualizing Privacy Decisions for Better Prediction (and Protection)
/ Primal Wijesekera ; Joel Reardon ; Irwin Reyes ; Lynn Tsai ; et al
[LERSSE-RefConfPaper-2018-001]
Modern mobile operating systems implement an ask-on-first-use policy to regulate applications’ access to private user data: the user is prompted to allow or deny access to a sensitive resource the first time an app attempts to use it. [...]
Published in Primal Wijesekera, Joel Reardon, Irwin Reyes, Lynn Tsai, Jung-Wei Chen, Nathan Good, David Wagner, Konstantin Beznosov, and Serge Egelman. Contextualizing Privacy Decisions for Better Prediction (and Protection). Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (CHI ’18), 2018.:
Fulltext: PDF PDF (PDFA);
|
5.
|
Speculative Authorization
/ Pranab Kini ; Konstantin Beznosov
[LERSSE-RefJnlPaper-2012-003]
We present Speculative Authorization (SPAN), a prediction technique that reduces authorization latency in enterprise systems. [...]
Published in Pranab Kini, Konstantin Beznosov, "Speculative Authorization," IEEE Transactions on Parallel and Distributed Systems, 10 Aug. 2012.:
Transfer from CDS 0.99.7: PDF;
|
6.
|
Speculative Authorization
/ Pranab Kini ; Konstantin Beznosov
[LERSSE-REPORT-2010-002]
As enterprises aim towards achieving zero latency for their systems, latency introduced by authorization process can act as an obstacle towards achieving their goal. [...]
Published in Pranab Kini and Konstantin Beznosov, "Speculative Authorizaion," Tech. Rep. LERSSE-TR-2010-002, Laboratory for Education and Research in Secure Systems Engineering, University of British Columbia, December 2010: :
Transfer from CDS 0.99.7: PDF;
|
7.
|
Towards Improving the Performance of Enterprise Authorization Systems using Speculative Authorization
/ Pranab Kini
[LERSSE-THESIS-2010-001]
With the emergence of tighter corporate policies and government regulations, access control has become an integral part of business requirements in enterprises. [...]
Published in Pranab Kini, "Towards Improving the Performance of Enterprise Authorization Systems using Speculative Authorization" Masters thesis, Department of Electrical and Computer Engineering, THE UNIVERSITY OF BRITISH COLUMBIA, October, 2010 :
Transfer from CDS 0.99.7: PDF;
|
8.
|
Analysis of ANSI RBAC Support in COM+
/ Wesam Darwish ; Konstantin Beznosov
[LERSSE-RefJnlPaper-2010-001]
We analyze access control mechanisms of the COM+ architecture and define a configuration of the COM+ protection system in more precise and less ambiguous language than the COM+ documentation. [...]
Published in Darwish, W. and Beznosov, K. Analysis of ANSI RBAC Support in COM+. Comput. Stand. Interfaces 32, 4 (Jan. 2010), 197-214. :
Transfer from CDS 0.99.7: PDF;
|
9.
|
Authorization Recycling in Hierarchical RBAC Systems
/ Qiang Wei ; Jason Crampton ; Konstantin Beznosov ; Matei Ripeanu
[LERSSE-RefJnlPaper-2009-014]
As distributed applications increase in size and complexity, traditional authorization architectures based on a dedicated authorization server become increasingly fragile because this decision point represents a single point of failure and a performance bottleneck. [...]
Published in Q. Wei, J. Crampton, K. Beznosov, M. Ripeanu, “Authorization Recycling in Hierarchical RBAC Systems,” to appear in ACM Transactions on Information and System Security (TISSEC), 32 pages, preprint.:
Transfer from CDS 0.99.7: PDF;
|
10.
|
Towards Improving the Availability and Performance of Enterprise Authorization Systems
/ Qiang Wei
[LERSSE-THESIS-2009-006]
Authorization protects application resources by allowing only authorized entities to access them. [...]
Published in Qiang Wei, "Towards Improving the Availability and Performance of Enterprise Authorization Systems," PhD dissertation, Department of Electrical and Computer Engineering, THE UNIVERSITY OF BRITISH COLUMBIA, October, 2009, pp.141.:
Transfer from CDS 0.99.7: PDF;
|