beznosov - Search Results - LERSSE Digital Library

Search:

Search Tips :: Advanced Search

Search collections:

Sort by:	Display results:	Output format:

Results overview: Found 245 records in 0.02 seconds.
Refereed Journal Papers, 20 records found Refereed Conference Papers, 79 records found Books, 3 records found Theses, 1 records found Unrefereed Conference Papers, 6 records found Technical Reports, 29 records found Talks/Presentations, 85 records found Posters, 20 records found etc, 2 records found

Refereed Journal Papers	20 records found

1.	Phishing threat avoidance behaviour: An empirical investigation / Nalin Asanka Gamagedara Arachchilage ; Steve Love ; Konstantin Beznosov [LERSSE-RefJnlPaper-2016-001] Abstract Phishing is an online identity theft that aims to steal sensitive information such as username, password and online banking details from its victims. [...] Published in Nalin Asanka Gamagedara Arachchilage, Steve Love, Konstantin Beznosov, Phishing threat avoidance behaviour: An empirical investigation, Computers in Human Behavior, Volume 60, July 2016, Pages 185-197, ISSN 0747-5632: Fulltext: PDF PDF (PDFA); Detailed record - Similar records
2.	Heuristics for Evaluating IT Security Management Tools / Pooya Jaferian ; Kirstie Hawkey ; Andreas Sotirakopoulos ; Maria Velez-Rojas ; et al [LERSSE-RefJnlPaper-2013-002] The usability of IT security management (ITSM) tools is hard to evaluate by regular methods, making heuristic evaluation attractive. [...] Published in Pooya Jaferian, Kirstie Hawkey, Andreas Sotirakopoulos, Maria Velez-Rojas, Konstantin Beznosov, Heuristics for Evaluating IT Security Management Tools, Accepted in Human–Computer Interaction, doi:10.1080/07370024.2013.819198.: Fulltext: PDF PDF (PDFA); Detailed record - Similar records
3.	Investigating Users' Perspectives of Web Single Sign-On: Conceptual Gaps and Acceptance Model / San-Tsai Sun ; Eric Pospisil ; Ildar Muslukhov ; Nuray Dindar ; et al [LERSSE-RefJnlPaper-2013-001] OpenID and OAuth are open and simple web single sign-on (SSO) protocols that have been adopted by major service providers, and millions of supporting websites. [...] Published in San-Tsai Sun, Eric Pospisil, Ildar Muslukhov, Nuray Dindar, Kirstie Hawkey, and Konstantin Beznosov. Investigating users' perspectives of web single sign-on: Conceptual gaps and acceptance model. Accepted for publication in ACM Transactions on Internet Technology (TOIT) on June 4th, 2013.: Fulltext: PDF PDF (PDFA); Detailed record - Similar records
4.	Speculative Authorization / Pranab Kini ; Konstantin Beznosov [LERSSE-RefJnlPaper-2012-003] We present Speculative Authorization (SPAN), a prediction technique that reduces authorization latency in enterprise systems. [...] Published in Pranab Kini, Konstantin Beznosov, "Speculative Authorization," IEEE Transactions on Parallel and Distributed Systems, 10 Aug. 2012.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
5.	Design and Analysis of a Social Botnet / Yazan Boshmaf ; Ildar Muslukhov ; Konstantin Beznosov ; Matei Ripeanu [LERSSE-RefJnlPaper-2012-002] Online Social Networks (OSNs) have attracted millions of active users and have become an integral part of today's Web ecosystem. [...] Published in Yazan Boshmaf, Ildar Muslukhov, Konstantin Beznosov, Matei Ripeanu. Design and Analysis of a Social Botnet. Elsevier Journal of Computer Network - Special Issue on Botnets, 2012.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
6.	Systematically breaking and fixing OpenID security: Formal analysis, semi-automated empirical evaluation, and practical countermeasures / San-Tsai Sun ; Kirstie Hawkey ; Konstantin Beznosov [LERSSE-RefJnlPaper-2012-001] OpenID 2.0 is a user-centric Web single sign-on protocol with over one billion OpenID-enabled user accounts, and tens of thousands of supporting websites. [...] Published in San-Tsai Sun, Kirstie Hawkey, and Konstantin Beznosov. Systematically breaking and fixing OpenID security: Formal analysis, semi-automated empirical evaluation, and practical countermeasures. Computers & Security, Accepted 7 February 2012.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
7.	Analysis of ANSI RBAC Support in EJB / Wesam Darwish ; Konstantin Beznosov [LERSSE-RefJnlPaper-2011-001] This paper analyzes access control mechanisms of the Enterprise Java Beans (EJB) architecture and defines a configuration of the EJB protection system in a more precise and less ambiguous language than the EJB 3.0 standard. [...] Published in Wesam Darwish and Konstantin Beznosov. Analysis of ANSI RBAC support in EJB. International Journal of Secure Software Engineering, 2(2):25-52, April-June 2011.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
8.	Toward Understanding Distributed Cognition in IT Security Management: The Role of Cues and Norms / David Botta ; Kasia Muldner ; Kirstie Hawkey ; Konstantin Beznosov [LERSSE-RefJnlPaper-2010-002] Information technology security management (ITSM) entails significant challenges, including the distribution of tasks and stakeholders across the organization, the need for security practitioners to cooperate with others, and technological complexity. [...] Published in 1. D. Botta, K. Muldner, K. Hawkey, and K. Beznosov, “Toward Understanding Distributed Cognition in IT Security Management: The Role of Cues and Norms,” accepted for publication to the International Journal of Cognition, Technology and Work on 16 / Aug / 2010.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
9.	Analysis of ANSI RBAC Support in COM+ / Wesam Darwish ; Konstantin Beznosov [LERSSE-RefJnlPaper-2010-001] We analyze access control mechanisms of the COM+ architecture and define a configuration of the COM+ protection system in more precise and less ambiguous language than the COM+ documentation. [...] Published in Darwish, W. and Beznosov, K. Analysis of ANSI RBAC Support in COM+. Comput. Stand. Interfaces 32, 4 (Jan. 2010), 197-214. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
10.	Authorization Recycling in Hierarchical RBAC Systems / Qiang Wei ; Jason Crampton ; Konstantin Beznosov ; Matei Ripeanu [LERSSE-RefJnlPaper-2009-014] As distributed applications increase in size and complexity, traditional authorization architectures based on a dedicated authorization server become increasingly fragile because this decision point represents a single point of failure and a performance bottleneck. [...] Published in Q. Wei, J. Crampton, K. Beznosov, M. Ripeanu, “Authorization Recycling in Hierarchical RBAC Systems,” to appear in ACM Transactions on Information and System Security (TISSEC), 32 pages, preprint.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
11.	Preparation, detection, and analysis: the diagnostic work of IT security incident response / Rodrigo Werlinger ; Kasia Muldner ; Kirstie Hawkey ; Konstantin Beznosov [LERSSE-RefJnlPaper-2009-013] Purpose — The purpose of this study is to examine security incident response practices of IT security practitioners as a diagnostic work process, including the preparation phase, detection, and analysis of anomalies. [...] Published in Rodrigo Werlinger, Kasia Muldner, Kirstie Hawkey, and Konstantin Beznosov. Preparation, detection, and analysis: the diagnostic work of IT security incident response. Journal of Information Management & Computer Security, 18(1):26-42, January 2010. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
12.	Retrofitting Existing Web Applications with Effective Dynamic Protection Against SQL Injection Attacks / San-Tsai Sun ; Konstantin Beznosov [LERSSE-RefJnlPaper-2009-012] This paper presents an approach for retrofitting existing web applications with run-time protection against known as well as unseen SQL injection attacks (SQLIAs) without the involvement of application developers. [...] Published in Sun-Tsai Sun and Konstantin Beznosov. Retrofitting Existing Web Applications with Effective Dynamic Protection Against SQL Injection Attacks. In International Journal of Secure Software Engineering, pages 20-40, 1(1), January 2010.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
13.	Identification of sources of failures and their propagation in critical infrastructures from 12 years of public failure reports / Hafiz Abdur Rahman ; Konstantin Beznosov ; José R. Martí [LERSSE-RefJnlPaper-2009-010] Understanding the origin of infrastructure failures and their propagation patterns in critical infrastructures can provide important information for secure and reliable infrastructure design. [...] Published in Hafiz Abdur Rahman, Konstantin Beznosov and José R. Martí, "Identification of sources of failures and their propagation in critical infrastructures from 12 years of public failure reports ", International Journal of Critical Infrastructures 2009 - Vol. 5, No.3 pp. 220 - 244: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
14.	An integrated view of human, organizational, and technological challenges of IT security management / Rodrigo Werlinger ; Kirstie Hawkey ; Konstantin Beznosov [LERSSE-RefJnlPaper-2009-009] Abstract Purpose – The purpose of this study is to determine the main challenges that IT security practitioners face in their organizations, including the interplay among human, organizational, and technological factors [...] Published in Rodrigo Werlinger, Kirstie Hawkey and Konstantin Beznosov, "An integrated view of human, organizational, and technological challenges of IT security management", Information Management & Computer Security, vol. 17, n. 1, 2009, pp.4-19.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
15.	Security Practitioners in Context: Their Activities and Interactions with Other Stakeholders within Organizations / Rodrigo Werlinger ; Kirstie Hawkey ; David Botta ; Konstantin Beznosov [LERSSE-RefJnlPaper-2009-007] This study investigates the context of interactions of IT security practitioners, based on a qualitative analysis of 30 interviews and participatory observation. [...] Published in Rodrigo Werlinger, Kirstie Hawkey, David Botta, Konstantin Beznosov, "Security Practitioners in Context: Their Activities and Interactions with Other Stakeholders within Organizations", International Journal of Human-Computer Studies, 67(7):584–606, March 2009. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
16.	On the Imbalance of the Security Problem Space and its Expected Consequences / Konstantin Beznosov ; Olga Beznosova [LERSSE-RefJnlPaper-2008-006] Purpose – This paper aims to report on the results of an analysis of the computer security problem space, to suggest the areas with highest potential for making progress in the attacker-defender game, and to propose questions for future research. [...] Published in Konstantin Beznosov and Olga Beznosova, "On the Imbalance of the Security Problem Space and its Expected Consequences," Journal of Information Management & Computer Security, Emerald, vol. 15 n.5, September 2007, pp.420-431.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
17.	Cooperative Secondary Authorization Recycling / Qiang Wei ; Matei Ripeanu ; Konstantin Beznosov [LERSSE-RefJnlPaper-2008-005] As enterprise systems, Grids, and other distributed applications scale up and become increasingly complex, their authorization infrastructures—based predominantly on the request-response paradigm—are facing challenges of fragility and poor scalability. [...] Published in Qiang Wei, Matei Ripeanu, and Konstantin Beznosov, "Cooperative Secondary Authorization Recycling," IEEE Transactions on Parallel and Distributed Systems, vol. 20 n.2, February 2009, pp.275-288.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
18.	Searching for the Right Fit: Balancing IT Security Management Model Trade-Offs / Kirstie Hawkey ; Kasia Muldner ; Konstantin Beznosov [LERSSE-RefJnlPaper-2008-004] IT security professionals’ effectiveness in an organization is influenced not only by how usable their security management tools are but also by how well the organization’s security management model (SMM) fits. [...] Published in Kirstie Hawkey, Kasia Muldner and Konstantin Beznosov, "Searching for the Right Fit Balancing IT Security Management Model Trade-Offs", Special Issue on Useful Computer Security, IEEE Internet Computing Magazine, 12(3), 2008, p. 22-30.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
19.	Multiple-Channel Security Architecture and Its Implementation over SSL / Yong Song ; Konstantin Beznosov ; Victor C.M. Leung [LERSSE-RefJnlPaper-2006-003] This paper presents multiple-channel SSL (MC-SSL), an architecture and protocol for protecting client-server communications. [...] Published in Song, Y., Beznosov, K., and Leung, V. C. Multiple-channel security architecture and its implementation over SSL. EURASIP J. EURASIP Journal on Wireless Communications and Networking. 2006, 2 (Apr. 2006), 78-78.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
20.	Supporting end-to-end Security Across Proxies with Multiple-Channel SSL / Yi Deng ; Jiacun Wang ; Jeffrey J. P. Tsai ; Konstantin Beznosov [LERSSE-RefJnlPaper-2005-002] Security system architecture governs the composition of components in security systems and interactions between them [...] Published in Yong Song, Victor C. M. Leung, Konstantin Beznosov, Supporting end-to-end Security Across Proxies with Multiple-Channel SSL, Security and Protection in Information Processing Systems, Vol 147, 2004, 323-337 : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records

Refereed Conference Papers	79 records found

1.	The Feasibility of Dynamically Granted Permissions: Aligning Mobile Privacy with User Preferences / Primal Wijesekera ; Arjun Baokar ; Lynn Tsai ; Joel Reardon ; et al [LERSSE-RefConfPaper-2017-004] Current smartphone operating systems regulate application permissions by prompting users on an ask-on-first-use basis. [...] Published in P. Wijesekera, A. Baokar, L.Tsai, J. Reardon, S. Egelman, D. Wagner, K. Beznosov, “The Feasibility of Dynamically Granted Permissions: Aligning Mobile Privacy with User Preferences,” in IEEE Symposium on Security and Privacy (IEEE S&P), San-Jose, CA, May 2017, 17 pages.: Fulltext: PDF PDF (PDFA); Detailed record - Similar records
2.	Characterizing Social Insider Attacks on Facebook / Wali Ahmed Usmani ; Diogo Marques ; Ivan Beschastnikh ; Konstantin Beznosov ; et al [LERSSE-RefConfPaper-2017-003] Facebook accounts are secured against unauthorized access through passwords and device-level security. [...] Published in W. A. Usmani, D. Marques, I. Beschastnikh, K. Beznosov, T. Guerreiro, L. Carrico, “Characterizing Social Insider Attacks on Facebook,” to appear in Proc. of the ACM Conference on Human Factors in Computing Systems (CHI), 2017, 11 pages.: Fulltext: PDF PDF (PDFA); Detailed record - Similar records
3.	I’m too Busy to Reset my LinkedIn Password: On the Effectiveness of Password Reset Emails / Jun Ho Huh ; Hyoungshick Kim ; Swathi S.V.P. Rayala ; Rakesh B. Bobba ; et al [LERSSE-RefConfPaper-2017-002] A common security practice used to deal with a password breach is locking user accounts and sending out an email to tell users that they need to reset their password to unlock their account. [...] Published in J. H. Huh, H. Kim, S. S. V. Rayala, R. B. Bobba, K. Beznosov, “I’m too busy to reset my LinkedIn password: On the effectiveness of password reset emails,” to appear in Proceedings of the ACM SIGCHI Conference on Human Factors in Computing Systems (CHI), 2017, 5 pages.: Fulltext: PDF PDF (PDFA); Detailed record - Similar records
4.	I Don’t Use Apple Pay Because It’s Less Secure ...: Perception of Security and Usability in Mobile Tap-and-Pay / Jun Ho Huh ; Saurabh Verma ; Swathi Sri V Rayala ; Rakesh B. Bobba ; et al [LERSSE-RefConfPaper-2017-001] This paper reports on why people use, not use, or have stopped using mobile tap-and-pay in stores. [...] Published in J. H. Huh, S. Verma, S. S. V. Rayala, R. B. Bobba, K. Beznosov, H. Kim, “I Don’t Use Apple Pay Because It’s Less Secure ...: Perception of Security and Usability in Mobile Tap-and-Pay,” to appear in Proceedings of the Workshop on Usable Security (USEC), 2017, 12 pages.: Fulltext: PDF PDF (PDFA); Detailed record - Similar records
5.	Harvesting the Low-hanging Fruits: Defending Against Automated Large-Scale Cyber-Intrusions by Focusing on the Vulnerable Population / Hassan Halawa ; Konstantin Beznosov ; Yazan Boshmaf ; Baris Coskun ; et al [LERSSE-RefConfPaper-2016-003] The orthodox paradigm to defend against automated social-engineering attacks in large-scale socio-technical systems is reactive and victim-agnostic [...] Published in In Proceedings of the New Security Paradigms Workshop (NSPW), September 26-29, 2016, Granby, CO, USA.: Fulltext: PDF PDF (PDFA); Detailed record - Similar records
6.	Snooping on Mobile Phones: Prevalence and Trends / Diogo Marques ; Ildar Muslukhov ; Tiago Guerreiro ; Konstantin Beznosov ; et al [LERSSE-RefConfPaper-2016-002] Personal mobile devices keep private information which people other than the owner may try to access [...] Published in Diogo Marques, Ildar Muslukhov, Tiago Guerreiro, Konstantin Beznosov and Luis Carrico. 2016. Snooping on Mobile Phones: Prevalence and Trends, SOUPS'16: Symposium On Usable Privacy and Security. Denver, Colorado, USA: Fulltext: PDF PDF (PDFA); Detailed record - Similar records
7.	Sharing Health Information on Facebook: Practices, Preferences, and Risk Perceptions of North American Users / Sadegh Torabi ; Konstantin Beznosov [LERSSE-RefConfPaper-2016-001] Motivated by the beneﬁts, people have used a variety of webbased services to share health information (HI) online. [...] Published in Sadegh Torabi and Konstantin Beznosov. 2016. Sharing Health Information on Facebook: Practices, Preferences, and Risk Perceptions of North American Users, SOUPS'16: Symposium On Usable Privacy and Security. Denver, Colorado, USA: Fulltext: PDF PDF (PDFA); Detailed record - Similar records
8.	Android Rooting: Methods, Detection, and Evasion / San-Tsai Sun ; Andrea Cuadros ; Konstantin Beznosov [LERSSE-RefConfPaper-2015-007] Android rooting enables device owners to freely customize their own devices and run useful apps that require root privileges. [...] Published in San-Tsai Sun, Andrea Cuadros and Konstantin Beznosov. Android Rooting: Methods, Detection, and Evasion. Proceedings of the 5th Annual ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices, October 2015.: Fulltext: PDF PDF (PDFA); Detailed record - Similar records
9.	Surpass: System-initiated User-replaceable Passwords / Jun Ho Huh ; Seongyeol Oh ; Hyoungshick Kim ; Konstantin Beznosov [LERSSE-RefConfPaper-2015-006] System-generated random passwords have maximum pass- word security and are highly resistant to guessing attacks. [...] Published in Jun Ho Huh, Seongyeol Oh, Hyoungshick Kim and Konstantin Beznosov. Surpass: System-initiated User-replaceable Passwords. In Proceedings of ACM Conference on Computer and Communications Security (CCS'15), October 2015.: Fulltext: PDF PDF (PDFA); Detailed record - Similar records
10.	Thwarting Fake OSN Accounts by Predicting their Victims / Yazan Boshmaf ; Matei Ripeanu ; Konstantin Beznosov [LERSSE-RefConfPaper-2015-005] Traditional defense mechanisms for fighting against automated fake accounts in online social networks are victim-agnostic. [...] Published in Yazan Boshmaf, Matei Ripeanu, Konstantin Beznosov. Thwarting Fake OSN Accounts by Predicting their Victims. In Proceedings of the 2015 Workshop on Artificial Intelligent and Security Workshop (AISec'15), Denver, Colorado, USA, Oct, 2015: Fulltext: PDF PDF (PDFA); Detailed record - Similar records
11.	Android Permissions Remystified: A Field Study on Contextual Integrity / Primal Wijesekera ; Arjun Baokar ; Ashkan Hosseini ; Serge Egelman ; et al [LERSSE-RefConfPaper-2015-004] We instrumented the Android platform to collect data regarding how often and under what circumstances smartphone applications access protected resources regulated by permissions. [...] Published in Primal Wijesekera, Arjun Baokar, Ashkan Hosseini, Serge Egelman, David Wagner and Konstantin Beznosov. 2015. Android Permissions Remystified: A Field Study on Contextual Integrity. USENIX Security 2015, Washington DC, USA.: Fulltext: PDF PDF (PDFA); Detailed record - Similar records
12.	On the Memorability of System-generated PINs: Can Chunking Help? / Jun Ho Huh ; Hyoungschick Kim ; Rakesh B. Bobba ; Masooda N. Bashir ; et al [LERSSE-RefConfPaper-2015-003] To ensure that users do not choose weak personal identification numbers (PINs), many banks give out system-generated random PINs. [...] Published in Jun Ho Huh, Hyoungschick Kim, Rakesh B. Bobba, Masooda N. Bashir and Konstantin Beznosov. 2015. On the Memorability of System-generated PINs: Can Chunking Help? SOUPS'15: Symposium On Usable Privacy and Security. Ottawa, Ontario, Canada: Fulltext: PDF PDF (PDFA); Detailed record - Similar records
13.	A Study on the Influential Neighbors to Maximize Information Diffusion in Online Social Networks / Hyoungshick Kim ; Konstantin Beznosov ; Eiko Yoneki [LERSSE-RefConfPaper-2015-002] The problem of spreading information is a topic of considerable recent interest, but the traditional influence maximization problem is inadequate for a typical viral marketer who cannot access the entire network topology. [...] Published in Kim, K. Beznosov, and E. Yoneki, “A Study on the Influential Neighbors to Maximize Information Diffusion in Online Social Networks” in Computational Social Networks, February 2015, v2n3.: Fulltext: PDF PDF (PDFA); Detailed record - Similar records
14.	On the Impact of Touch ID on iPhone Passcodes / Ivan Cherapau ; Ildar Muslukhov ; Nalin Asanka ; Konstantin Beznosov [LERSSE-RefConfPaper-2015-001] Smartphones today store large amounts of data that can be confidential, private or sensitive. [...] Published in LERSSE-RefConfPaper-2015-001: Fulltext: PDF PDF (PDFA); Detailed record - Similar records
15.	Integro: Leveraging Victim Prediction for Robust Fake Account Detection in OSNs / Yazan Boshmaf ; Dionysios Logothetis ; Georgos Siganos ; Jorge Leria ; et al [LERSSE-RefConfPaper-2014-004] Detecting fake accounts in online social networks (OSNs) protects OSN operators and their users from various malicious activities. [...] Published in Boshmaf et al. "Integro: Leveraging Victim Prediction for Robust Fake Account Detection in OSNs" In proceedings the 2015 Network and Distributed System Security Symposium (NDSS'15), San Diego, USA.: Fulltext: NDSS_260_Final - PDF PDF (PDFA); boshmaf_ndss_2015 - PDF PDF (PDFA); Detailed record - Similar records
16.	To authorize or not authorize: helping users review access policies in organizations / Pooya Jaferian ; Hootan Rashtian ; Konstantin Beznosov [LERSSE-RefConfPaper-2014-003] This work addresses the problem of reviewing complex access policies in an organizational context using two studies [...] Published in Pooya Jaferian, Hootan Rashtian, and Konstantin Beznosov. 2014. To authorize or not authorize: helping users review access policies in organizations. SOUPS'14: Symposium On Usable Privacy and Security. Menlo Park, CA.: Fulltext: PDF PDF (PDFA); Detailed record - Similar records
17.	To Befriend Or Not? A Model of Friend Request Acceptance on Facebook / Hootan Rashtian ; Yazan Boshmaf ; Pooya Jaferian ; Konstantin Beznosov [LERSSE-RefConfPaper-2014-002] Accepting friend requests from strangers in Facebook-like online social networks is known to be a risky behavior. [...] Published in Rashtian, H., Boshmaf, Y., Jaferian, P., Beznosov, K. (2014, July). To Befriend Or Not? A Model of Friend Request Acceptance on Facebook. In Proceedings of the 10th symposium on Usable Privacy and Security. ACM.: Fulltext: PDF PDF (PDFA); Detailed record - Similar records
18.	Finding Influential Neighbors to Maximize Information Diffusion in Twitter / Hyoungshick Kim ; Konstantin Beznosov ; Eiko Yoneki [LERSSE-RefConfPaper-2014-001] The problem of spreading information is a topic of considerable recent interest, but the traditional influence maximization problem is inadequate for a typical viral marketer who cannot access the entire network topology. [...] Published in Finding Influential Neighbors to Maximize Information Diffusion in Twitter, Hyoungshick Kim, Konstantin Beznosov, and Eiko Yoneki, WWW’14 Companion, April 7–11, 2014, Seoul, Korea.: Fulltext: PDF PDF (PDFA); Detailed record - Similar records
19.	Privacy Aspects of Health Related Information Sharing in Online Social Networks / Sadegh Torabi ; Konstantin Beznosov [LERSSE-RefConfPaper-2013-003] Online social networks (OSNs) have formed virtual social networks where people meet and share information. [...] Published in Sadegh Torabi and Konstantin Beznosov. “Privacy Aspects of Health Related Information Sharing in Online Social Networks,” USENIX Workshop on Health Information Technologies (HealthTech '13), August 2013, Washington, USA.: Fulltext: PDF PDF (PDFA); Detailed record - Similar records
20.	Know Your Enemy: The Risk of Unauthorized Access in Smartphones by Insiders / Ildar Muslukhov ; Yazan Boshmaf ; Cynthia Kuo ; Jonathan Lester ; et al [LERSSE-RefConfPaper-2013-002] Smartphones store large amounts of sensitive data, such as SMS messages, photos, or email. [...] Published in Ildar Muslukhov, Yazan Boshmaf, Cynthia Kuo, Jonathan Lester and Konstantin Beznosov, Know Your Enemy: The Risk of Unauthorized Access in Smartphones by Insiders. In Proceedings of the 15th international conference on Human-computer interaction with mobile devices and services companion: Fulltext: paper.rev2 - PDF; paper - PDF PDF (PDFA); ASONAM_2013 - PDF PDF (PDFA); Detailed record - Similar records
21.	Graph-based Sybil Detection in Social and Information Systems / Yazan Boshmaf ; Konstantin Beznosov ; Matei Ripeanu [LERSSE-RefConfPaper-2013-001] Sybil attacks in social and information systems have serious security implications. [...] Published in Yazan Boshmaf, Konstantin Beznosov, Matei Ripeanu. Graph-based Sybil Detection in Social and Information Systems. In the Proceedings of the 2013 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM'13), Niagara Falls, Canada, August 25-28, 2013.: Fulltext: PDF; Detailed record - Similar records
22.	Does My Password Go up to Eleven? The Impact of Password Meters on Password Selection / Serge Egelman ; Andreas Sotirakopoulos ; Ildar Muslukhov ; Konstantin Beznosov ; et al [LERSSE-RefConfPaper-2013-001] Password meters tell users whether their passwords are "weak" or "strong." We performed a laboratory experiment to examine whether these meters influenced users' password selections when they were forced to change their real passwords, and when they were not told that their passwords were the subject of a study. [...] Published in Serge Egelman, Andreas Sotirakopoulos, Ildar Muslukhov, Konstantin Beznosov, and Cormac Herley. Does My Password Go up to Eleven? The Impact of Password Meters on Password Selection. In Proceedings of Computer-Human Interaction conference, April 2013.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
23.	The Devil is in the (Implementation) Details: An Empirical Analysis of OAuth SSO Systems / San-Tsai Sun ; Konstantin Beznosov [LERSSE-RefConfPaper-2012-003] Millions of web users today employ their Facebook accounts to sign into more than one million relying party (RP) websites. [...] Published in San-Tsai Sun and Konstantin Beznosov. The devil is in the (implementation) details: An empirical analysis of OAuth SSO systems. In Proceedings of ACM Conference on Computer and Communications Security (CCS'12), October 2012.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
24.	Key Challenges in Defending Against Malicious Socialbots / Yazan Boshmaf ; Ildar Muslukhov ; Konstantin Beznosov ; Matei Ripeanu [LERSSE-RefConfPaper-2012-002] The ease with which we adopt online personas and relationships has created a soft spot that cyber criminals are willing to exploit. [...] Published in Yazan Boshmaf, Ildar Muslukhov, Konstantin Beznosov, Matei Ripeanu. Key challenges in defending against malicious socialbots. In Proceedings of the 5th USENIX workshop on Large-scale exploits and emergent threats, LEET'12, Berkeley, CA, USA. USENIX Association.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
25.	Understanding Users’ Requirements for Data Protection in Smartphones / Ildar Muslukhov ; Yazan Boshmaf ; Cynthia Kuo ; Jonathan Lester ; et al [LERSSE-RefConfPaper-2012-001] Securing smartphones’ data is a new and growing concern, especially when this data represents valuable or sensitive information. [...] Published in Ildar Muslukhov, Yazan Boshmaf, Cynthia Kuo, Jonathan Lester, and Konstantin Beznosov. Understanding users' requirements for data protection in smartphones. In Workshop on Secure Data Management on Smartphones and Mobiles, 2012.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
26.	The Socialbot Network: When Bots Socialize for Fame and Money / Yazan Boshmaf ; Ildar Muslukhov ; Konstantin Beznosov ; Matei Ripeanu [258] [LERSSE-RefConfPaper-2011-008] Online Social Networks (OSNs) have become an integral part of today's Web. [...] Published in Yazan Boshmaf, Ildar Muslukhov, Konstantin Beznosov, and Matei Ripeanu. The socialbot network: when bots socialize for fame and money. In Proceedings of the 27th Annual Computer Security Applications Conference (ACSAC'11), December 2011. For the technical report, please refer to http://lersse-dl.ece.ubc.ca/record/272: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
27.	A Brick Wall, a Locked Door, and a Bandit: A Physical Security Metaphor For Firewall Warnings / Fahimeh Raja ; Kirstie Hawkey ; Steven Hsu ; Kai-Le Clement Wang ; et al [LERSSE-RefConfPaper-2011-007] We used an iterative process to design firewall warnings in which the functionality of a personal firewall is visualized based on a physical security metaphor. [...] Published in Fahimeh Raja, Kirstie Hawkey, Steven Hsu, Kai-Le Clement Wang, and Konstantin Beznosov. A Brick Wall, a Locked Door, and a Bandit: A Physical Security Metaphor For Firewall Warnings. In SOUPS '11: Proceedings of the 7th symposium on Usable privacy and security, 20 pages.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
28.	Heuristics for Evaluating IT Security Management Tools / Pooya Jaferian ; Kirstie Hawkey ; Andreas Sotirakopoulos ; Maria Velez-Rojas ; et al [LERSSE-RefConfPaper-2011-006] The usability of IT security management (ITSM) tools is hard to evaluate by regular methods, making heuristic evaluation attractive. [...] Published in Pooya Jaferian, Kirstie Hawkey, Andreas Sotirakopoulos, Maria Velez-Rojas, Konstantin Beznosov, Heuristics for Evaluating IT Security Management Tools, in Proceedings of the Symposium on Usable Privacy and Security (SOUPS), Carnegie Mellon University, Pittsburgh, PA, USA, July 20-22, 2011. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
29.	On the Challenges in Usable Security Lab Studies: Lessons Learned from Replicating a Study on SSL Warnings / Andreas Sotirakopoulos ; Kirstie Hawkey ; Konstantin Beznosov [LERSSE-RefConfPaper-2011-005] We replicated and extended a 2008 study conducted at CMU that investigated the e effectiveness of SSL warnings. [...] Published in Andreas Sotirakopoulos, Kirstie Hawkey, and Konstantin Beznosov. On the Challenges in Usable Security Lab Studies: Lessons Learned from Replicating a Study on SSL Warnings. In Proceedings of Symposium on Usable Privacy and Security, July 2011: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
30.	What Makes Users Refuse Web Single Sign-On? An Empirical Investigation of OpenID / San-Tsai Sun ; Eric Pospisil ; Ildar Muslukhov ; Nuray Dindar ; et al [LERSSE-RefConfPaper-2011-004] OpenID is an open and promising Web single sign-on (SSO) solution. [...] Published in San-Tsai Sun, Eric Pospisil, Ildar Muslukhov, Nuray Dindar, Kirstie Hawkey, and Konstantin Beznosov. What makes users refuse web single sign-on? an empirical investigation of OpenID. In Proceedings of Symposium on Usable Privacy and Security, July 2011.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
31.	The Socialbot Network: When Bots Socialize for Fame and Money / Yazan Boshmaf ; Ildar Muslukhov ; Konstantin Beznosov ; Matei Ripeanu [258] [LERSSE-RefConfPaper-2011-008] Online Social Networks (OSNs) have become an integral part of today's Web. [...] Published in Yazan Boshmaf, Ildar Muslukhov, Konstantin Beznosov, and Matei Ripeanu. The socialbot network: when bots socialize for fame and money. In Proceedings of the 27th Annual Computer Security Applications Conference (ACSAC'11), December 2011: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
32.	Improving Malicious URL Re-Evaluation Scheduling Through an Empirical Study of Malware Download Centers / Kyle Zeeuwen ; Matei Ripeanu ; Konstantin Beznosov [LERSSE-RefConfPaper-2011-003] The retrieval and analysis of malicious content is an essential task for security researchers. [...] Published in K. Zeeuwen, M. Ripeanu, K. Beznosov, “Improving Malicious URL Re-Evaluation Scheduling Through an Empirical Study of Malware Download Centers”. WebQuality Workshop 2011, March 28, 2011.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
33.	Heuristics for Evaluating IT Security Management Tools / Pooya Jaferian ; Kirstie Hawkey ; Andreas Sotirakopoulos ; Konstantin Beznosov [LERSSE-RefConfPaper-2011-002] The usability of IT security management (ITSM) tools is hard to evaluate by regular methods, making heuristic evaluation attractive [...] Published in Pooya Jaferian, Kirstie Hawkey, Andreas Sotirakopoulos, and Konstantin Beznosov, Heuristics for Evaluating IT Security Management Tools, In Proceedings of the 29th international conference extended abstracts on Human factors in computing systems (CHI '11), Vancouver, Canada, 2011. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
34.	OpenID-Enabled Browser: Towards Usable and Secure Web Single Sign-On / San-Tsai Sun ; Eric Pospisil ; Ildar Muslukhov ; Nuray Dindar ; et al [LERSSE-RefConfPaper-2011-001] OpenID is an open and promising Web single sign-on solution; however, the interaction flows provided by OpenID are inconsistent and counter-intuitive, and vulnerable to phishing attacks. [...] Published in San-Tsai Sun, Eric Pospisil, Ildar Muslukhov, Nuray Dindar, Kirstie Hawkey, Konstantin Beznosov. OpenID-Enabled Browser: Towards Usable and Secure Web Single Sign-On. In Proceedings of the 29th International Conference Extended abstracts on Human Factors in Computing Systems (CHI '11), Vancouver, Canada, 2011.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
35.	It's Too Complicated, So I Turned It Off! Expectations, Perceptions, and Misconceptions of Personal Firewalls / Fahimeh Raja ; Kirstie Hawkey ; Pooya Jaferian ; Konstantin Beznosov ; et al [LERSSE-RefConfPaper-2010-008] Even though personal firewalls are an important aspect of security for the users of personal computers, little attention has been given to their usability. [...] Published in Fahimeh Raja, Kirstie Hawkey, Pooya Jaferian, Konstantin Beznosov, and Kellogg S. Booth. It's Too Complicated, So I Turned It Off! Expectations, Perceptions, and Misconceptions of Personal Firewalls. In Proceedings of the Third ACM Workshop on Assurable & Usable Security Configuration (SafeConfig), October 4, 2010.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
36.	OpenIDemail Enabled Browser: Towards Fixing the Broken Web Single Sign-On Triangle / San-Tsai Sun ; Kirstie Hawkey ; Konstantin Beznosov [LERSSE-RefConfPaper-2010-007] Current Web single sign-on (SSO) solutions impose a cognitive burden on web users and do not provide content-hosting and service providers (CSPs) with sufficient incentives to become relying parties (RPs). [...] Published in San-Tsai Sun, Kirstie Hawkey, and Konstantin Beznosov. OpenIDemail Enabled Browser: Towards Fixing the Broken Web Single Sign-On Triangle. In Proceedings of the Sixth ACM Workshop on Digital Identity Management (DIM), October 8 2010.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
37.	A Billion Keys, but Few Locks: The Crisis of Web Single Sign-On / San-Tsai Sun ; Yazan Boshmaf ; Kirstie Hawkey ; Konstantin Beznosov [LERSSE-RefConfPaper-2010-006] OpenID and InfoCard are two mainstream Web single sign-on (SSO) solutions intended for Internet-scale adoption. [...] Published in San-Tsai Sun, Yazan Boshmaf, Kirstie Hawkey, and Konstantin Beznosov. A Billion Keys, but Few Locks: The Crisis of Web Single Sign-On. In Proceedings of the New Security Paradigms Workshop (NSPW), September 20-22, 2010. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
38.	Challenges in evaluating complex IT security management systems / Pooya Jaferian ; Kirstie Hawkey ; Konstantin Beznosov [LERSSE-RefConfPaper-2010-005] Performing ecologically valid user studies for IT security management (ITSM) systems is challenging. [...] Published in P. Jaferian, K. Hawkey, and K. Beznosov. Challenges in evaluating complex IT security management systems. In SOUPS Usable Security Experiment Reports (USER) Workshop, 2010.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
39.	The Challenges of Understanding Users’ Security-related Knowledge, Behaviour, and Motivations / Sara Motiee ; Kirstie Hawkey ; Konstantin Beznosov [LERSSE-RefConfPaper-2010-004] In order to improve current security solutions or devise novel ones, it is important to understand users' knowledge, behaviour, motivations and challenges in using a security solution. [...] Published in S. Motiee, K. Hawkey, and K. Beznosov. The Challenges of Understanding Users’ Security-related Knowledge, Behaviour, and Motivations. In SOUPS Usable Security Experiment Reports (USER) Workshop, 2010.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
40.	"I did it because I trusted you": Challenges with the Study Environment Biasing Participant Behaviours / Andreas Sotirakopoulos ; Kirstie Hawkey ; Konstantin Beznosov [LERSSE-RefConfPaper-2010-003] We recently replicated and extended a 2009 study that investigated the effectiveness of SSL warnings. [...] Published in A. Sotirakopoulos, K. Hawkey, and K. Beznosov. "I did it because I trusted you": Challenges with the study environment biasing participant behaviours. In SOUPS Usable Security Experiment Reports (USER) Workshop, 2010.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
41.	Do Windows Users Follow the Principle of Least Privilege? Investigating User Account Control Practices / Sara Motiee ; Kirstie Hawkey ; Konstantin Beznosov [LERSSE-RefConfPaper-2010-002] The principle of least privilege requires that users and their programs be granted the most restrictive set of privileges possible to perform required tasks in order to limit the damages caused by security incidents. [...] Published in Motiee, S., Hawkey, K., and Beznosov, K. 2010. Do windows users follow the principle of least privilege?: investigating user account control practices. In Proceedings of the Sixth Symposium on Usable Privacy and Security (Redmond, Washington, July 14 - 16, 2010). SOUPS '10, vol. 485. ACM, New York, NY, 1-13.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
42.	A Case Study of Enterprise Identity Management System Adoption in an Insurance Organization / Pooya Jaferian ; David Botta ; Kirstie Hawkey ; Konstantin Beznosov [LERSSE-RefConfPaper-2009-039] This case study describes the adoption of an enterprise identity management(IdM) system in an insurance organization [...] Published in Jaferian, P., Botta, D., Hawkey, K., and Beznosov, K. 2009. A Case Study of Enterprise Identity Management System Adoption in an Insurance Organization. In Proceedings of the 3rd ACM Symposium on Computer Human interaction For Management of information Technology (Baltimore, Maryland, November 7 - 8, 2009). CHiMiT '09. ACM, New York, NY.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
43.	Secure Web 2.0 Content Sharing Beyond Walled Gardens / San-Tsai Sun ; Kirstie Hawkey ; Konstantin Beznosov [LERSSE-RefConfPaper-2009-038] Web 2.0 users need usable mechanisms for sharing their content with each other in a controlled manner across boundaries of content-hosting or application-service providers (CSPs). [...] Published in San-Tsai Sun, Kirstie Hawkey, and Konstantin Beznosov. Secure Web 2.0 content sharing beyond walled gardens. In Proceedings of the 25th Annual Computer Security Applications Conference (ACSAC), pages 409-418, December 2009: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
44.	Towards Understanding Diagnostic Work During the Detection and Investigation of Security Incidents / Rodrigo Werlinger ; Kasia Muldner ; Kirstie Hawkey ; Konstantin Beznosov [LERSSE-RefConfPaper-2009-037] This study investigates how security practitioners perform diagnostic work during the identification of security incidents. [...] Published in Werlinger, R., Muldner, K., Hawkey, K., and Beznosov, K. (2009). Towards Understanding Diagnostic Work during the Detection and Investigation of Security Incidents. Proc. of Int. Symposium on Human Aspects of Information Security & Assurance (HAISA 2009), Athens, Greece, June 25-26, 2009, 119-132.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
45.	Towards Enabling Web 2.0 Content Sharing Beyond Walled Gardens / San-Tsai Sun ; Kirstie Hawkey ; Konstantin Beznosov [LERSSE-RefConfPaper-2009-036] Web 2.0 users have many choices of content-hosting or application-service providers (CSPs). [...] Published in San-Tsai Sun, Kirstie Hawkey, and Konstantin Beznosov. Towards enabling Web 2.0 content sharing beyond walled gardens. In Proceedings of the Workshop on Security and Privacy in Online Social Networking, pages 979-984, August 29th 2009.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
46.	Open Problems in Web 2.0 User Content Sharing / San-Tsai Sun ; Konstantin Beznosov [LERSSE-RefConfPaper-2009-035] Users need useful mechanisms for sharing their Web 2.0 content with each other in a controlled manner across boundaries of content-hosting and service providers (CSPs). [...] Published in San-Tsai Sun and Konstantin Beznosov. Open problems in Web 2.0 user content sharing. In Proceedings of the iNetSec Workshop, pages 37-51, Zurich, Switzerland, April 23th 2009.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
47.	Revealing Hidden Context: Improving Mental Models of Personal Firewall Users / Fahimeh Raja ; Kirstie Hawkey ; Konstantin Beznosov [LERSSE-RefConfPaper-2009-034] The Windows Vista personal firewall provides its diverse users with a basic interface that hides many operational details [...] Published in Fahimeh Raja, Kirstie Hawkey, and Konstantin Beznosov. Revealing hidden context: Improving mental models of personal firewall users. In SOUPS '09: Proceedings of the 5th symposium on Usable privacy and security, New York, NY, USA, 2009. ACM, pp 1-12. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
48.	Application-Based TCP Hijacking / Oliver Zheng ; Jason Poon ; Konstantin Beznosov [LERSSE-RefConfPaper-2009-033] We present application-based TCP hijacking (ABTH), a new attack on TCP applications that exploits flaws due to the interplay between TCP and application protocols to inject data into an application session without either server or client applications noticing the spoofing attack. [...] Published in Oliver Zheng, Jason Poon, Konstantin Beznosov, "Application-Based TCP Hijacking," in Proceedings of the 2009 European Workshop on System Security, Nuremberg, Germany, ACM, 31 March 2009, pp. 9-15.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
49.	Mobile Applications for Public Sector: Balancing Usability and Security / Yurij Natchetoi ; Konstantin Beznosov ; Viktor Kaufman [LERSSE-RefConfPaper-2009-032] Development of mobile software applications for use in specific domains such as Public Security must conform to stringent security requirements [...] Published in Yurij Natchetoi, Konstantin Beznosov, Viktor Kaufman, “Mobile Applications for Public Sector: Balancing Usability and Security” in the Collaboration and the Knowledge Economy: Issues, Applications, Case Studies, Paul Cunningham and Miriam Cunningham (Eds), IOS Press, 2008 Amsterdam, ISBN 978–1–58603–924-0, Stockholm, Sweden, 22 - 24 October 2008, article #117, 6 pages.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
50.	Authorization Using the Publish-Subscribe Model / Qiang Wei ; Matei Ripeanu ; Konstantin Beznosov [LERSSE-RefConfPaper-2008-031] Traditional authorization mechanisms based on the request-response model are generally supported by point-to-point communication between applications and authorization servers. [...] Published in Qiang Wei, Matei Ripeanu, and Konstantin Beznosov. Authorization using the publishsubscribe model. In Proceedings of the 2008 IEEE International Symposium on Parallel and Distributed Processing with Applications (ISPA), pages 53-62, Sydney, Australia, December 10-12 2008. IEEE Computer Society.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
51.	Guidelines for Designing IT Security Management Tools / Pooya Jaferian ; David Botta ; Fahimeh Raja ; Kirstie Hawkey ; et al [LERSSE-RefConfPaper-2008-030] An important factor that impacts the effectiveness of security systems within an organization is the usability of security management tools. [...] Published in Pooya Jaferian, David Botta, Fahimeh Raja, Kirstie Hawkey, Konstantin Beznosov, "Guidelines for Designing IT Security Management Tools," In CHIMIT '08: Proceedings of the 2008 symposium on Computer Human Interaction for the Management of Information Technology, San Diego, CA, USA, 7:1-7:10, ACM.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
52.	The Challenges of Using an Intrusion Detection System: Is It Worth the Effort? / Rodrigo Werlinger ; Kirstie Hawkey ; Kasia Muldner ; Pooya Jaferian ; et al [LERSSE-RefConfPaper-2008-029] An intrusion detection system (IDS) can be a key component of security incident response within organizations. [...] Published in R. Werlinger, K. Hawkey, K. Muldner, P. Jaferian, and K. Beznosov. The challenges of using an intrusion detection system: Is it worth the effort? In Proc. of ACM Symposium on Usable Privacy and Security (SOUPS) , pp 107 - 116 , 2008: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
53.	Human, Organizational and Technological Challenges of Implementing IT Security in Organizations / Rodrigo Werlinger ; Kirstie Hawkey ; Konstantin Beznosov [LERSSE-RefConfPaper-2008-028] Our qualitative research provides a comprehensive list of challenges to the practice of IT security within organizations, including the interplay between human, organizational, and technical factors. [...] Published in R. Werlinger, K. Hawkey, and K. Beznosov. Human, Organizational and Technological Challenges of Implementing IT Security in Organizations. In Proc of. HAISA '08: Human Aspects of Information Security and Assurance, 10 pages), July 2008, pp 35-48.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
54.	Identifying Differences Between Security and Other IT Professionals: a Qualitative Analysis. / Andre Gagne ; Kasia Muldner ; Konstantin Beznosov [LERSSE-RefConfPaper-2008-027] We report factors differentiating security and other IT responsibilities. [...] Published in Andre Gagne, Kasia Muldner, and Konstantin Beznosov. Identifying Differences between Security and other IT Professionals: a Qualitative Analysis. In proceedings of Human Aspects of Information Security and Assurance (HAISA), Plymouth, England, July 2008, pp 69-80.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
55.	Authorization Recycling in RBAC Systems / Qiang Wei ; Jason Crampton ; Konstantin Beznosov ; Matei Ripeanu [LERSSE-RefConfPaper-2008-026] As distributed applications increase in size and complexity, traditional authorization mechanisms based on a single policy decision point are increasingly fragile because this decision point represents a single point of failure and a performance bottleneck. [...] Published in Qiang Wei, Jason Crampton, Konstantin Beznosov, and Matei Ripeanu. Authorization recycling in RBAC systems. In SACMAT '08: Proceedings of the 13th ACM Symposium on Access Control Models and Technologies, Estes Park, Colorado, USA, June 11-13 2008, pp. 63-72. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
56.	Security Practitioners in Context: Their Activities and Interactions / Rodrigo Werlinger ; Kirstie Hawkey ; Konstantin Beznosov [LERSSE-RefConfPaper-2008-025] This study develops the context of interactions of IT security practitioners [...] Published in Rodrigo Werlinger, Kirstie Hawkey, and Konstantin Beznosov. Security practitioners in context: their activities and interactions. In CHI ’08 extended abstracts on Human factors in computing systems, pages 3789–3794, Florence, Italy, 2008. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
57.	Towards Understanding IT Security Professionals and Their Tools / David Botta ; Rodrigo Werlinger ; André Gagné ; Konstantin Beznosov ; et al [LERSSE-RefConfPaper-2007-023] We report preliminary results of our ongoing field study of IT professionals who are involved in security management. [...] Published in David Botta, Rodrigo Werlinger, André Gagné, Konstantin Beznosov, Lee Iverson, Sidney Fels, Brian Fisher, "Towards Understanding IT Security Professionals and Their Tools" in Proceedings of the Symposium on Usable Privacy and Security (SOUPS), Carnegie Mellon University, Pittsburgh, PA, USA, July 18-20, 2007, pp.100-111.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
58.	Cooperative Secondary Authorization Recycling / Qiang Wei ; Matei Ripeanu ; Konstantin Beznosov [LERSSE-RefConfPaper-2007-022] As distributed applications such as Grid and enterprise systems scale up and become increasingly complex, their authorization infrastructures—based predominantly on the request-response paradigm—are facing challenges in terms of fragility and poor scalability. [...] Published in Qiang Wei, Matei Ripeanu, and Konstantin Beznosov, "Cooperative Secondary Authorization Recycling," in Proceedings of the 16th Symposium on High Performance Distributed Computing (HPDC'07), June 25–29, 2007, Monterey, California, USA. pp.65-74: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
59.	On the Imbalance of the Security Problem Space and its Expected Consequences / Konstantin Beznosov ; Olga Beznosova [LERSSE-RefConfPaper-2007-021] This paper considers the attacker-defender game in the field of computer security as a three-dimensional phenomenon [...] Published in Konstantin Beznosov, Olga Beznosova "On the Imbalance of the Security Problem Space and its Expected Consequences," To appear in Symposium on Human Aspects of Information Security & Assurance (HAISA), Plymouth, UK, 10 July, 2007, pp.10. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
60.	Studying IT Security Professionals: Research Design and Lessons Learned / David Botta ; Rodrigo Werlinger ; André Gagné ; Konstantin Beznosov ; et al [LERSSE-RefConfPaper-2007-020] The HOT Admin Field Study used qualitative methods to study information technology security administrators. [...] Published in David Botta, Rodrigo Werlinger, André Gagné, Konstantin Beznosov, Lee Iverson, Sidney Fels, and Brian Fisher, "Studying IT Security Professionals: Research Design and Lessons Learned" position paper at the CHI Workshop on Security User studies: Methodologies and Best Practices, San Francisco, CA, 28 April 2007, 4 pages.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
61.	A Security Analysis of the Precise Time Protocol (Short Paper) / Jeanette Tsang ; Konstantin Beznosov [LERSSE-RefConfPaper-2006-019] This paper reports on a security analysis of the IEEE 1588 standard, a.k.a [...] Published in Jeanette Tsang, Konstantin Beznosov "A Security Analysis of the Precise Time Protocol (Short Paper)," In Proceedings of Eighth International Conference on Information and Communications Security (ICICS), Raleigh, North Carolina, USA, Springer-Verlag Berlin Heidelberg, LNCS 4307, 4-7 December, 2006, pp.50-59. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
62.	The Secondary and Approximate Authorization Model and its Application to Bell-LaPadula Policies / Jason Crampton ; Wing Leung ; Konstantin Beznosov [LERSSE-RefConfPaper-2006-017] We introduce the concept, model, and policy-specific algorithms for inferring new access control decisions from previous ones. [...] Published in Jason Crampton, Wing Leung, Konstantin Beznosov "The Secondary and Approximate Authorization Model and its Application to Bell-LaPadula Policies," In Proceedings of the ACM Symposium on Access Control Models and Technologies (SACMAT), Lake Tahoe, California, USA, ACM, 7-9 June, 2006, pp.111-120.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
63.	Extending XP Practices to Support Security Requirements Engineering / Gustav Boström ; Jaana Wäyrynen ; Marine Bodén, ; Konstantin Beznosov ; et al [LERSSE-RefConfPaper-2006-016] This paper proposes a way of extending eXtreme Programming (XP) practices, in particular the original planning game and the coding guidelines, to aid the developers and the customer to engineer security requirements while maintaining the iterative and rapid feedback-driven nature of XP. [...] Published in Gustav Boström, Jaana Wäyrynen, Marine Bodén, Konstantin Beznosov, Philippe Kruchten, "Extending XP Practices to Support Security Requirements Engineering," Proceedings of Workshop on Software Engineering for Secure Systems (SESS), Shanghai, China, ACM, 20–21 May, 2006, pp.11-17.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
64.	Towards Agile Security Assurance / Konstantin Beznosov ; Philippe Kruchten [LERSSE-RefConfPaper-2005-015] Agile development methods are promising to become the next generation replacing water-fall development. [...] Published in Proceedings of the workshop on New security paradigms, Nova Scotia, Canada: (2004) pp. 47-54 Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
65.	Supporting Relationships in Access Control Using Role Based Access Control / John Barkley ; Konstantin Beznosov ; Jinny Uppal ; John Barkley ; et al [LERSSE-RefConfPaper-2005-014] The Role Based Access Control (RBAC) model and mechanism have proven to be useful and effective. [...] Published in Proceedings of the Fourth ACM Workshop on Role-Based Access Control, Fairfax, Virginia, USA: (October, 1999) pp. 55-65 Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
66.	SPAPI: A Security and Protection Architecture for Physical Infrastructures and Its Deployment Strategy Using Sensor Networks / Hafiz Rahman ; Konstantin Beznosov [LERSSE-RefConfPaper-2005-013] In recent years, concerns about the safety and security of critical infrastructures have increased enormously. [...] Published in Proceedings of 10th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA 2005), Catania, Italy: (19-22 September, 2005) pp. 885-892 Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
67.	Performance Considerations for a CORBA-based Application Authorization Service / Konstantin Beznosov ; Luis Espinal ; Yi Deng [LERSSE-RefConfPaper-2005-012] Resource Access Decision (RAD) Service allows separation of authorization from application functionality in distributed application systems by providing a logically centralized authorization control mechanism. [...] Published in Proceedings of IASTED International Conference Software Engineering and Applications, Las Vegas, Nevada: (November, 2000) Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
68.	Object Security Attributes: Enabling Application-specific Access Control in Middleware / Konstantin Beznosov [LERSSE-RefConfPaper-2005-011] This paper makes two primary contributions toward establishing support for application-specific factors in middleware security mechanisms. [...] Published in Proceedings of 4th International Symposium on Distributed Objects and Applications (DOA), Irvine, California: (October 28 - November 1, 2002) pp. 693-710 Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
69.	Implementing Multiple Channels over SSL / Yong Song ; Victor C.M. Leung ; Konstantin Beznosov [LERSSE-RefConfPaper-2005-010] Multiple-Channel SSL (MC-SSL) is our model and protocol for the security of client-server communication. [...] Published in Yong Song, Victor C.M. Leung, and Konstantin Beznosov. Implementing multiple channels over SSL. In Proceedings of the 1st International Conference on E-business and Telecom-munication Networks, pages 246–253, Setubal, Portugal, 25-28 August 2004.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
70.	Here’s Your Lego™ Security Kit: How to Give Developers All Protection Mechanisms They Will Ever Need / Konstantin Beznosov [LERSSE-RefConfPaper-2005-009] By presenting a protection architecture for ASP.NET Web services, this paper demonstrates the feasibility of creating middleware mechanisms in the form of composable, flexible, and extensible building blocks. [...] Published in Konstantin Beznosov, “Here’s Your Lego! Security Kit: How to Give Developers All Protection Mechanisms They Will Ever Need,” in Proceedings of Software Engineering and Middleware (SEM) Workshop, pp. 3-18, Linz, Austria, 20-21 September 2004.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
71.	eXtreme Security Engineering: On Employing XP Practices to Achieve “Good Enough Security” without Defining It / Konstantin Beznosov [LERSSE-RefConfPaper-2005-008] This paper examines practices of eXtreme Programming (XP) on the subject of their application to the development of security solutions. [...] Published in Konstantin Beznosov. Extreme security engineering: On employing xp practices to achieve "good enough security" without deﬁning it. In First ACM Workshop on Business Driven Security Engineering (BizSec), Faiﬀax, VA, USA, 2003. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
72.	Supporting End-to-end security Across Proxies with Multiple-channel SSL / Yong Song ; Victor C.M. Leung ; Konstantin Beznosov [LERSSE-RefConfPaper-2005-005] Secure Socket Layer (SSL) has functional limitations that prevent end-to-end security in the presence of untrusted intermediary application proxies used by clients to communicate with servers [...] Published in Yong Song, Victor C.M. Leung, and Konstantin Beznosov. Supporting end-to-end security across proxies with multiple-channel SSL. In Proceedings of the 19th IFIP International Information Security Conference, pages 246–253, Toulouse, France, 23-26 August 2004.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
73.	Architecting a Computerized Patient Record with Distributed Objects / Kent Wreder ; Konstantin Beznosov ; A. Bramblett ; Eric Butler ; et al [LERSSE-RefConfPaper-2005-004] Published in Kent Wreder, Konstantin Beznosov, A. Bramblett, Eric Butler, A. D-Empaire, E. Hernandez, Eric Navarro, A. Romano, M. Tortolini-Taylor, E. Urzais, R. Ventura, "Architecting a Computerized Patient Record with Distributed Objects," in Proceedings of Healthcare Information and Management Systems Society Conference, Orange County Convention Center, Orlando, FL, USA, HIMSS, February, 1998, pp.149-158.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
74.	Applying Aspect-Orientation in Designing Security Systems: A Case Study / Shu Gao ; Yi Deng ; Huiqun Yu ; Xudong He ; et al [LERSSE-RefConfPaper-2005-003] As a security policy model evolves, the design of security systems using that model could become increasingly complicated [...] Published in Shu Gao, Yi Deng, Huiqun Yu, Xudong He, Konstantin Beznosov, Kendra Cooper, "Applying Aspect-Orientation in Designing Security Systems: A Case Study," in Proceedings of The Sixteenth International Conference on Software Engineering and Knowledge Engineering (SEKE 04), Banff, Alberta, Canada, June 20-24, 2004, pp.360-365.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
75.	A Resource Access Decision Service for CORBA-based Distributed Systems / Konstantin Beznosov ; Yi Deng ; Bob Blakley ; Carol Burt ; et al [LERSSE-RefJnlPaper-2005-001] Decoupling authorization logic from application logic allows applications with fine-grain access control requirements to be independent from a particular access control policy and from factors that are used in authorization decisions as well as access control models, no matter how dynamic those polices and factors are [...] Published in Konstantin Beznosov, Yi Deng, Bob Blakley, Carol Burt, John Barkley, "A Resource Access Decision Service for CORBA-based Distributed Systems," in Proceedings of the Annual Computer Security Applications Conference (ACSAC), Phoenix, Arizona, U.S.A., 6-10 December, 1999, pp.310-319.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
76.	A Framework for Implementing Role-based Access Control Using CORBA Security Service / Konstantin Beznosov ; Yi Deng [LERSSE-RefConfPaper-2005-002] The paper shows how role-based access control (RBAC) models could be implemented using CORBA Security service [...] Published in Konstantin Beznosov, Yi Deng, "A Framework for Implementing Role-based Access Control Using CORBA Security Service," in Proceedings of the Fourth ACM Workshop on Role-Based Access Control, Fairfax, Virginia, USA, ACM, October, 1999, pp.19-30.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
77.	Experience Report: Design and Implementation of a Component-Based Protection Architecture for ASP.NET Web Services / Konstantin Beznosov [TEST-RefConfPaper-2005-001] This report reflects, from a software engineering perspective, on the experience of designing and implementing protection mechanisms for ASP.NET Web services [...] Published in Konstantin Beznosov, "Experience Report: Design and Implementation of a Component-Based Protection Architecture for ASP.NET Web Services," in Proceedings of the Eighth International SIGSOFT Symposium on Component-based Software Engineering (CBSE), St. Louis, Missouri, USA, SIGSOFT, 15-21 May, 2005, pp.337-352.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
78.	On the Benefits of Decomposing Policy Engines into Components / Konstantin Beznosov [TEST-ARTICLE-2005-004] In order for middleware systems to be adaptive, their properties and services need to support a wide variety of application-specific policies. [...] Published in Konstantin Beznosov. Flooding and recycling authorizations. In Proceedings of the New Security Paradigms Workshop (NSPW’05), pages 67–72, Lake Arrowhead, CA, USA, 20-23 September 2005. ACM Press. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
79.	Flooding and Recycling Authorizations / Konstantin Beznosov [TEST-ARTICLE-2005-003] The request-response paradigm used for access control solutions commonly leads to point-to-point (PTP) architectures with security enforcement logic obtaining decisions from the authorization servers through remote procedure calls. [...] Published in Konstantin Beznosov, "Flooding and Recycling Authorizations", in Proceedings of New Security Paradigms Workshop (NSPW), Lake Arrowhead, CA, USA, ACM, 20-23 September, 2005, pp.67-72.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records

Books	3 records found

1.	Mastering Web Services Security / Bret Hartman ; Donald J. Flinn ; Konstantin Beznosov ; Shirley Kawamoto [LERSSE-BOOK-2005-003] We present material on how to use the architectures and technologies and how to understand the specifications that are available to build a secure Web Services system. [...] Published in Bret Hartman, Donald J. Flinn, Konstantin Beznosov, Shirley Kawamoto, "Mastering Web Services Security," New York, New York, USA, John Wiley Sons, Inc., ISBN 0-471-26716-3, January, 2003, pp.464. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
2.	Enterprise Security with EJB™ and CORBA® / Bret Hartman ; Donald J. Flinn ; Konstantin Beznosov [LERSSE-BOOK-2005-002] This book shows you how to apply enterprise security integration (ESI) to secure your enterprise from end-to-end, using theory, examples, and practical advice. [...] Published in Bret Hartman, Donald J. Flinn, Konstantin Beznosov, "Enterprise Security with EJB? and CORBA?," New York, New York, USA, John Wiley and Sons, Inc., ISBN 0-471-40131-5, April, 2001, pp.400. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
3.	Engineering Application-level Access Control in Distributed Systems / Konstantin Beznosov ; Yi Deng [LERSSE-BOOK-2005-001] This chapter discusses issues of engineering access control solutions in distributed applications for enterprise computing environments. [...] Published in Konstantin Beznosov, Yi Deng, "Engineering Application-level Access Control in Distributed Systems," in Handbook of Software Engineering And Knowledge Engineering, World Scientific Publishing, vol. 1, ISBN 981-02-4973-X, January, 2002, pp.20. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records

Theses	1 records found

Unrefereed Conference Papers	6 records found

1.	Strategies for Monitoring Fake AV Distribution Networks / Onur Komili ; Kyle Zeeuwen ; Matei Ripeanu ; Konstantin Beznosov [LERSSE-UnrefConfPaper-2011-001] We perform a study of Fake AV networks advertised via search engine optimization. [...] Published in Onur Komili, Kyle Zeeuwen, Matei Ripeanu, and Konstantin Beznosov. Strategies for Monitoring Fake AV Distribution Networks. In Proceedings of the 21st Virus Bulletin Conference, October 5-7, 2011.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
2.	Usability Meets Access Control: Challenges and Research Opportunities / Konstantin Beznosov ; Philip Inglesant ; Jorge Lobo ; Rob Reeder ; et al [LERSSE-UnrefConfPaper-2009-005] This panel discusses speciﬁc challenges in the usability of access control technologies and new opportunities for research [...] Published in Konstantin Beznosov, Philip Inglesant, Jorge Lobo, Rob Reeder, and Mary Ellen Zurko, "Usability Meets Access Control: Challenges and Research Opportunities," in Proceedings of the ACM Symposium on Access Control Models and Aechnologies (SACMAT), Stresa, Italy, ACM, 3-5 June, 2009 : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
3.	Identification of Sources of Failures and Their Propagation in Critical Infrastructures from 12 Years of Public Failure Reports / Hafiz A. Rahman ; Konstantin Beznosov ; Jose R. Martí [LERSSE-UnrefConfPaper-2006-004] Survival in our society relies on continued services from interdependent critical infrastructures. [...] Published in Hafiz A. Rahman, Konstantin Beznosov, Jose R. Martí "Identification of Sources of Failures and Their Propagation in Critical Infrastructures from 12 Years of Public Failure Reports," Proceedings of the Third International Conference on Critical Infrastructures, Alexandria, VA, USA, The International Institute for Critical Infrastructures, 24-27 September, 2006, pp.11.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
4.	Requirements for Access Control: US Healthcare Domain / Konstantin Beznosov [LERSSE-UnrefConfPaper-2005-003] Roles are important factors in authorization rules. [...] Published in Konstantin Beznosov, "Requirements for Access Control: US Healthcare Domain," in Proceedings of the Third ACM Workshop on Role-Based Access Control, Fairfax, Virginia, USA, ACM, pp.43: (October, 1998) Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
5.	Issues in the Security Architecture of the Computerized Patient Record Enterprise / Konstantin Beznosov [LERSSE-UnrefConfPaper-2005-002] We discuss issues in CPR enterprise security architecture. [...] Published in Konstantin Beznosov, "Issues in the Security Architecture of the Computerized Patient Record Enterprise," in Proceedings of the Second Workshop on Distributed Object Computing Security (DOCSec), Baltimore, Maryland, USA, pp.5: (May, 1998) Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
6.	Future Direction of Access Control Models, Architectures, and Technologies / Konstantin Beznosov [LERSSE-UnrefConfPaper-2005-001] The goal of this panel is to explore future directions in the research and practice of Access Control Models, Architectures, and Technologies (ACMAT). [...] Published in Konstantin Beznosov, "Future Direction of Access Control Models, Architectures, and Technologies," in Proceedings of the Tenth ACM Symposium on Access Control Models and Aechnologies (SACMAT), Stockholm, Sweden, ACM, pp.48-48: (1-3 June, 2005) Transfer from CDS 0.99.7: PDF; Detailed record - Similar records

Technical Reports	29 records found

1.	Access Review Survey Report / Pooya Jaferian ; Konstantin Beznosov [LERSSE-REPORT-2014-001] To further understand the state of the practice in access review, and collect quantitative results on how companies perform access review, we conducted a survey of security practitioners [...] Published in P. Jaferian and K. Beznosov. Access Review Survey Report. Technical Report LERSSE-TR-2014-001, Laboratory for Education and Research in Secure Systems Engineering, University of British Columbia, May 2014.: Fulltext: PDF PDF (PDFA); Detailed record - Similar records
2.	The Socialbot Network: When Bots Socialize for Fame and Money / Yazan Boshmaf ; Ildar Muslukhov ; Konstantin Beznosov ; Matei Ripeanu [LERSSE-REPORT-2012-001] Online Social Networks (OSNs) have attracted millions of active users and have become an integral part of today's Web ecosystem. [...] Published in Yazan Boshmaf, Ildar Muslukhov, Konstantin Beznosov, and Matei Ripeanu. The socialbot network: when bots socialize for fame and money. In Proceedings of the 27th Annual Computer Security Applications Conference (ACSAC'11), December 2011: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
3.	Speculative Authorization / Pranab Kini ; Konstantin Beznosov [LERSSE-REPORT-2010-002] As enterprises aim towards achieving zero latency for their systems, latency introduced by authorization process can act as an obstacle towards achieving their goal. [...] Published in Pranab Kini and Konstantin Beznosov, "Speculative Authorizaion," Tech. Rep. LERSSE-TR-2010-002, Laboratory for Education and Research in Secure Systems Engineering, University of British Columbia, December 2010: : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
4.	An RT-based Policy Model for Converged Networks / San-Tsai Sun ; Konstantin Beznosov [LERSSE-REPORT-2010-001] Technologies advanced in communication devices and wireless networks enable telecommunication network operators to provide rich personalized multimedia services. [...] Published in San-Tsai Sun and Konstantin Beznosov, "An RT-based Policy Model for Converged Networks," Tech. Rep. LERSSE-TR-2010-001, Laboratory for Education and Research in Secure Systems Engineering, University of British Columbia, January 2010: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
5.	Support for ANSI RBAC in EJB / Wesam Darwish ; Konstantin Beznosov [LERSSE-REPORT-2009-034] We analyze access control mechanisms of the Enterprise Java Beans (EJB)architecture and define a configuration of the EJB protection system in a more precise and less ambiguous language than the EJB 3.0 standard. [...] Published in Wesam Darwish and Konstantin Beznosov. Support for ANSI RBAC in EJB. Technical Report LERSSE-TR-2009-34, accessible from http://lersse-dl.ece.ubc.ca, Laboratory for Education and Research in Secure Systems Engineering, University of British Columbia, January 21 2009: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
6.	SQLPrevent: Effective Dynamic Protection Against SQL Injection Attacks / San-Tsai Sun ; Konstantin Beznosov [LERSSE-REPORT-2009-032] This paper presents an approach for retrofitting existing web applications with run-time protection against known as well as unseen SQL injection attacks (SQLIAs). [...] Published in San-Tsai Sun and Konstantin Beznosov, "SQLPrevent: Effective Dynamic Protection Against SQL Injection Attacks," Tech. Rep. LERSSE-TR-2009-32, Laboratory for Education and Research in Secure Systems Engineering, University of British Columbia, March 2009: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
7.	Auxiliary Material for the Study of Security Practitioners in Context: Their Activities and Interactions with Other Stakeholders Within Organizations / Rodrigo Werlinger ; Kirstie Hawkey ; Konstantin Beznosov [LERSSE-REPORT-2009-028] This technical report contains additional material for the study, which investigated the context of interactions of IT security practitioners.. Published in Rodrigo Werlinger, Kirstie Hawkey, and Konstantin Beznosov, "Auxiliary Material for the Study of Security Practitioners in Context: Their Activities and Interactions with Other Stakeholders Within Organizations," Tech. Rep. LERSSE-TR-2009-01, Laboratory for Education and Research in Secure Systems Engineering, University of British Columbia, Jan 2009: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
8.	A Two-factor Authentication Mechanism Using Mobile Phones / Nima Kaviani ; Kirstie Hawkey ; Konstantin Beznosov [LERSSE-REPORT-2008-027] Mobile devices are becoming more pervasive and more advanced with respect to their processing power and memory size. [...] Published in Nima Kaviani and Kirstie Hawkey and Konstantin Beznosov, "A Two-factor Authentication Mechanism Using Mobile Phones," Tech. Rep. LERSSE-TR-2008-03, Laboratory for Education and Research in Secure Systems Engineering, University of British Columbia, August 2008: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
9.	Cooperative Secondary Authorization Recycling / Qiang Wei ; Matei Ripeanu ; Konstantin Beznosov [LERSSE-REPORT-2008-026] As enterprise systems, Grids, and other distributed applications scale up and become increasingly complex, their authorization infrastructures---based predominantly on the request-response paradigm---are facing challenges of fragility and poor scalability. [...] Published in Qiang Wei, Matei Ripeanu, and Konstantin Beznosov, "Cooperative Secondary Authorization Recycling," Tech. Rep. LERSSE-TR-2008-02, Laboratory for Education and Research in Secure Systems Engineering, University of British Columbia, April 2008.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
10.	SQLPrevent: Effective Dynamic Detection and Prevention of SQL Injection Attacks Without Access to the Application Source Code / San-Tsai Sun ; Konstantin Beznosov [LERSSE-REPORT-2008-025] This paper presents an effective approach for detecting and preventing known as well as novel SQL injection attacks. [...] Published in San-Tsai Sun and Konstantin Beznosov, "SQLPrevent: Effective dynamic detection and prevention of SQL injection attacks without access to the application source code," Tech. Rep. LERSSE-TR-2008-01, Laboratory for Education and Research in Secure Systems Engineering, University of British Columbia, February 2008.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
11.	Searching for the Right Fit: A Case Study of IT Security Management Model Tradeoffs / Kirstie Hawkey ; Kasia Muldner ; Konstantin Beznosov [LERSSE-REPORT-2007-024] The usability of security systems within an organization is impacted not only by tool interfaces but also by the security management model (SMM) of the IT security team. [...] Published in Kirstie Hawkey, Kasia Muldnery, and Konstantin Beznosov, "Searching for the Right Fit: A Case Study of IT Security Management Model Tradeoffs", Laboratory for Education and Research in Secure Systems Engineering, Vancouver, Canada, University of British Columbia, technical report LERSSE-TR-2007-03, 16 November, 2007, pp.23.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
12.	Understanding IT Security Administration through a Field Study / David Botta ; Rodrigo Werlinger ; André Gagné ; Konstantin Beznosov ; et al [LERSSE-REPORT-2007-002] [LERSSE-REPORT-2007-020] The security administration of large organizations is exceptionally challenging due to the increasingly large numbers of application instances, resources, and users; the growing complexity and dynamics of business processes; and the spiralling volume of change that results from the interaction of the first two factors. [...] Published in David Botta, Rodrigo Werlinger, André Gagné, Konstantin Beznosov, Lee Iverson, Sidney Fels and Brian Fisher, "Understanding Information Technology Security Administration through a Field Study", Laboratory for Education and Research in Secure Systems Engineering, University of British Columbia, 2007: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
13.	Support for ANSI RBAC in CORBA / Konstantin Beznosov ; Wesam Darwish [LERSSE-REPORT-2007-019] We describe access control mechanisms of the Common Ob ject Request Broker Architecture (CORBA) and define a configuration of the CORBA protection system in more precise and less ambiguous language than the CORBA Security specification (CORBASec). [...] Published in Konstantin Beznosov, Wesam Darwish "Support for ANSI RBAC in CORBA," Laboratory for Education and Research in Secure Systems Engineering, Vancouver, Canada, University of British Columbia, technical report LERSSE-TR-2007-01, 26 July, 2007, pp.42.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
14.	A Security Analysis of the Precise Time Protocol / Jeanette Tsang ; Konstantin Beznosov [LERSSE-REPORT-2006-018] This paper reports on a security analysis of the IEEE 1588 standard, a.k.a. [...] Published in Jeanette Tsang, Konstantin Beznosov, "A Security Analysis of the Precise Time Protocol" LERSSE Technical Report LERSSE-TR-2006-02, December 04, 2006.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
15.	Evaluation of SAAM_BLP / Kyle Zeeuwen ; Konstantin Beznosov [LERSSE-REPORT-2006-017] Request response access control systems that use Policy Decision Points have their reliability and latency bounded by network communication. [...] Published in Kyle Zeeuwen, Konstantin Beznosov, "Evaluation of SAAM_BLP" LERSSE Technical Report LERSSE-TR-2006-01, July 21, 2006.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
16.	Assessment of Interdependencies between Communication and Information Technology Infrastructure and other Critical Infrastructures from Public Failure Reports / Hafiz Abdur Rahman ; Konstantin Beznosov [LERSSE-REPORT-2006-015] Failure in Communication and Information Technology Infrastructure (CITI) can disrupt the effective functionalities of many of the critical infrastructures. [...] Published in Hafiz Abdur Rahman, Konstantin Beznosov, "Assessment of Interdependencies between Communication and Information Technology Infrastructure and other Critical infrastructures from Public Failure Reports," Laboratory for Education and Research in Secure Systems Engineering, Vancouver, B.C., Canada, University of British Columbia, technical report LERSSE-TR-2005-03, 24 February, 2005, pp.34.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
17.	Taxonomy of CPR Enterprise Security Concerns at Baptist Health Systems of South Florida / Konstantin Beznosov [LERSSE-REPORT-2005-013] This document categorizes security concerns of Computerized Patient Record enterprise according to federal and Florida state legal requirements, as well as to the internal security policies of Baptist Health Systems of South Florida.. Published in Konstantin Beznosov, "Taxonomy of CPR Enterprise Security Concerns at Baptist Health Systems of South Florida," Object Technology Group, Miami, FL, USA, Baptist Health Systems of South Florida.: (December, 1997) Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
18.	Recycling Authorizations: Toward Secondary and Approximate Authorizations Model (SAAM) / Konstantin Beznosov [LERSSE-REPORT-2005-012] In large and complex enterprises, obtaining authorizations could be communicationally and/or computationally expensive, and, due to infrastructure failures, some times even impossible. [...] Published in Konstantin Beznosov, "Recycling Authorizations: Toward Secondary and Approximate Authorizations Model (SAAM)," LERSSE technical report, Department of Electrical and Computer Engineering, University of British Columbia, Vancouver, Canada, LERSSE-TR-2005-01, pp.15: (March, 2005) Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
19.	Official Requirements and Recommendations from Various Organizations on Security for Baptist Health Systems of South Florida / Konstantin Beznosov [LERSSE-REPORT-2005-011] This report describes recommendations and official requirements from various organizations that guide architecture of CPR security at BHSSF.. Published in Konstantin Beznosov, "Official Requirements and Recommendations from Various Organizations on Security for Baptist Health Systems of South Florida," Object Technology Group, Miami, FL, USA, Baptist Health Systems of South Florida (BHSSF): (October, 1997) Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
20.	KOZEL: Kernel Organization Zappy Environment for Linux / Konstantin Beznosov ; Sergey Fedorishin [LERSSE-REPORT-2005-010] This report describes application domain, design and usage of Kernel Organization Zappy Environment for Linux (KOZEL, pronounced “kozz’jol”) developed during a term project for Expert Systems cource CEN5120 tought by Dr. [...] Published in KOZEL: Kernel Organization Zappy Environment for Linux," term project report for CEN 5120 course Expert Systems, School of Computer Science, Florida International University, Miami, FL, USA: (28 April, 1997) Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
21.	Design and Implementation of Resource Access Decision Server / Luis Espinal ; Konstantin Beznosov ; Yi Deng [LERSSE-REPORT-2005-009] Decoupling authorization decision logic enables implementation of complex and consistent access control policies across heterogeneous systems. [...] Published in Luis Espinal, Konstantin Beznosov, Yi. Deng, "Design and Implementation of Resource Access Decision Server," Center for Advanced Distributed Systems Engineering (CADSE). Florida International University, technical report #2000-01, pp.18: (21 January, 2000) Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
22.	CPR Security CORBA-based Security and Intranet Services / Konstantin Beznosov [LERSSE-REPORT-2005-008] Intranet information services based on such technologies as WWW will continue to grow. [...] Published in Konstantin Beznosov, "CPR Security CORBA-based Security and Intranet Services," Object Technology Group, Miami, FL, USA, Baptist Health Systems of South Florida (BHSSF): (September, 1997) Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
23.	CORBAmed Security White Paper / Wayne Wilson ; Konstantin Beznosov [LERSSE-REPORT-2005-007] The issue of security in healthcare has been discussed from a variety of perspectives at many CORBAmed meetings. [...] Published in Wayne Wilson, Konstantin Beznosov, "CORBAmed Security White Paper," Object Management Group, corbamed/97-11-03: (7 November, 1997) Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
24.	Client-Server Semantic Binary Database: Design and Development / Konstantin Beznosov [LERSSE-REPORT-2005-006] This paper describes design and implementation of client-server architecture for Semantic Binary Database Management System developed at High Performance Database Research Center, Florida International University. [...] Published in Konstantin Beznosov, "Client-Server Semantic Binary Database: Design and Development," term paper for graduate course COP 6545 \"Advanced Database Systems\", Miami, FL, School of Computer Science, Florida International University, pp.12: (9 December, 1996) Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
25.	Architecture of Information Enterprises: Problems and Perspectives / Konstantin Beznosov [LERSSE-REPORT-2005-005] Current problems, constrains, goals, and approaches in developing architecture of information enterprises are reviewed [...] Published in Konstantin Beznosov, "Architecture of Information Enterprises: Problems and Perspectives," technical report #2000-06, School of Computer Science, Florida International University, Miami, FL, pp.16: (14 June, 2000) Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
26.	Architecture of Information Enterprises: Problems and Perspectives / Konstantin Beznosov [LERSSE-REPORT-2005-004] Current problems, constrains, goals, and approaches in developing architecture of information enterprises are reviewed [...] Published in Konstantin Beznosov, "Architecture of Information Enterprises: Problems and Perspectives," term paper for graduate course in Advanced Software Engineering, Miami, FL, School of Computer Science, Florida International University, pp.25: (20 April, 1998) Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
27.	Applicability of CORBA Security to the Healthcare Problem Domain / Konstantin Beznosov [LERSSE-REPORT-2005-003] This paper suggests directions OMG Healthcare Domain Task Force (CORBAmed) could take in proposing OMG standards related to security in the healthcare vertical domain [...] Published in Konstantin Beznosov, "Applicability of CORBA Security to the Healthcare Problem Domain," Object Management Group, corbamed/97-09-11, September, 1997.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
28.	Analysis of Scalable Security – MC-SSL Savings / Johnson Lee ; Victor C.M. Leung ; Konstantin Beznosov [LERSSE-REPORT-2005-002] This paper investigates how MC-SSL can alleviate the CPU requirements of secure web transactions by using multiple channels, each with its own, different, cipher suite, and switching the channel based on the data’s security requirements [...] Published in Johnson Lee, Victor C.M. Leung, Konstantin Beznosov, "Analysis of Scalable Security . MC-SSL Savings," Laboratory for Education and Research in Secure Systems Engineering (LERSSE), Vancouver, BC, Canada, University of British Columbia, LERSSE-TR-2005-02, 1 October, 2005, pp.13.: Fulltext: PDF PDF (PDFA); Detailed record - Similar records
29.	CITI Fault Report Classification and Encoding for Vulnerability and Risk Assessment of Interconnected Infrastructures / Hafiz Abdur Rahman ; Konstantin Beznosov [TEST-REPORT-2005-001] Effective functionalities of many of the critical infrastructures depend on Communication and Information Technology Infrastructure (CITI). [...] Published in Hafiz Abdur Rahman, Konstantin Beznosov, "CITI Fault Report Classification and Encoding for Vulnerability and Risk Assessment of Interconnected Infrastructures," Laboratory for Education and Research in Secure Systems Engineering, Vancouver, B.C., Canada, University of British Columbia, technical report LERSSE-TR-2005-03, 4 October, 2005, pp.40.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records

Talks/Presentations	85 records found

1.	Integro: Leveraging Victim Prediction for Robust Fake Account Detection in OSNs / Yazan Boshmaf ; Dionysios Logothetis ; Georgos Siganos ; Jorge Leria ; et al [LERSSE-PRESENTATION-2015-001] Detecting fake accounts in online social networks (OSNs) protects OSN operators and their users from various malicious activities. [...] Published in Boshmaf et al. "Integro: Leveraging Victim Prediction for Robust Fake Account Detection in OSNs" In proceedings the 2015 Network and Distributed System Security Symposium (NDSS'15), San Diego, USA.: Fulltext: PDF PDF (PDFA); Detailed record - Similar records
2.	Thwarting fake accounts by predicting their victims / Yazan Boshmaf ; Dionysios Logothetis ; Georgos Siganos ; Matei Ripeanu ; et al [LERSSE-PRESENTATION-2014-001] Traditional fake account detection systems employed by today's online social networks rely on either features extracted from user activities, or ranks computed from the underlying social graph. [...] Published in Boshmaf et al. Thwarting fake accounts by predicting their victims. Invited talk at AAAI 2014 Spring Symposia, Social Hacking and Cognitive Security on the Internet and New Media, Stanford, CA, March, 2014.: Fulltext: PDF PDF (PDFA); Detailed record - Similar records
3.	Security and Privacy in Online Social Networks / Konstantin Beznosov [LERSSE-PRESENTATION-2013-001] Facebook has more monthly active users than almost any nation in the world. [...] Published in Konstantin Beznosov, "Security and Privacy in Online Social Networks," Presentation, 2013, 81p.: Fulltext: PDF PDF (PDFA); Detailed record - Similar records
4.	Key Challenges in Defending Against Malicious Socialbots / Yazan Boshmaf ; Ildar Muslukhov ; Konstantin Beznosov ; Matei Ripeanu [LERSSE-PRESENTATION-2012-001] The ease with which we adopt online personas and relationships has created a soft spot that cyber criminals are willing to exploit. [...] Published in Usenix 5th Workshop on Large-scale Exploits and Emerging Threats (LEET'12), San Jose, CA, USA.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
5.	Automated Social Engineering Attacks in OSNs / Yazan Boshmaf ; Konstantin Beznosov ; Matei Ripeanu [LERSSE-PRESENTATION-2011-003] In this presentation, we outline the latest automated social engineering attacks in Online Social Networks (OSNs) such as Facebook [...] Published in Yazan Boshmaf, Konstantin Beznosov, and Matei Ripeanu. Automated social engineering attacks in OSNs. The Office of the Privacy Commissioner of Canada (Ottawa), May 2010: Transfer from CDS 0.99.7: PPT; Detailed record - Similar records
6.	Password Managers, Single Sign-On, Federated ID: Have users signed up? / Konstantin Beznosov [LERSSE-PRESENTATION-2011-002] Users have not signed up for OpenId. [...] Published in Konstantin Beznosov, "Password Managers, Single Sign-On, Federated ID: Have users signed up?," panel presentation given at "Workshop on The Future of User Authentication and Authorization on the Web: Challenges in Current Practice, New Threats, and Research Directions," 4 March 2011, 23 pages.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
7.	Is OpenID too Open? Technical, Business, and Human Issues That Get in the Way of OpenID and Ways of Addressing Them / San-Tsai Sun ; Konstantin Beznosov [LERSSE-PRESENTATION-2011-001] The web is essential for business and personal activities well beyond information retrieval, such online banking, financial transactions, and payment authorization, but reliable user authentication remains a challenge. [...] Published in San-Tsai Sun and Konstantin Beznosov, "Is OpenID too Open? Technical, Business, and Human Issues That Get in the Way of OpenID and Ways of Addressing Them," presented at Eurecom, February 24, 2011. 57 pages.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
8.	OpenID Security Analysis and Evaluation / San-Tsai Sun ; Konstantin Beznosov [LERSSE-PRESENTATION-2010-002] OpenID is a promising user-centric Web single sign-on protocol. [...] Published in San-Tsai Sun and Konstantin Beznosov, "OpenID Security Analysis and Evaluation," presented at the OWASP Chapter Meeting, Vancouver, Canada, October 21th 2010: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
9.	Open problems in Web 2.0 user content sharing / San-Tsai Sun ; Konstantin Beznosov [LERSSE-PRESENTATION-2010-001] Users need useful mechanisms for sharing their Web 2.0 content with each other in a controlled manner across boundaries of content-hosting and service providers (CSPs). [...] Published in San-Tsai Sun and Konstantin Beznosov, "Open problems in Web 2.0 user content sharing," presented at the iNetSec Workshop, Zurich, Switzerland, April 23th 2009, 44 pages.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
10.	Security Research Advances in 2009 / Konstantin Beznosov [LERSSE-PRESENTATION-2009-083] This presentation reviews latest scientific conference reports on the cutting edge research in computer security. [...] Published in Konstantin Beznosov, "Security Research Advances in 2009," presented at Vancouver International Security Conference, November 30-December 1, 2009, 56 pages.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
11.	Authorization Using the Publish-Subscribe Model / Qiang Wei ; Matei Ripeanu ; Konstantin Beznosov [LERSSE-PRESENTATION-2009-080] Traditional authorization mechanisms based on the request-response model are generally supported by point-to-point communication between applications and authorization servers. [...] Published in Qei Wei, Konstantin Beznosov, and Matei Ripeanu, “Authorization Using Publish/Subscribe Models,” In Proceedings of the 2008 IEEE International Symposium on Parallel and Distributed Processing with Applications (ISPA'08), 10-12 December, 2008, Sydney, Australia. IEEE Computer Society, pp.53-62.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
12.	Authorization Recycling in RBAC Systems / Qiang Wei ; Jason Crampton ; Konstantin Beznosov ; Matei Ripeanu [LERSSE-PRESENTATION-2009-079] As distributed applications increase in size and complexity, traditional authorization mechanisms based on a single policy decision point are increasingly fragile because this decision point represents a single point of failure and a performance bottleneck. [...] Published in Qiang Wei, Jason Crampton, Konstantin Beznosov, and Matei Ripeanu, “Authorization Recycling in RBAC Systems,” in the Proceedings of the 13th ACM Symposium on Access Control Models and Technologies (SACMAT’08), Estes Park, Colorado, 11-13 June, 2008, pp.63-72.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
13.	Revealing Hidden Context: Improving Users' Mental Models of Personal Firewalls / Fahimeh Raja ; Kirstie Hawkey ; Konstantin Beznosov [LERSSE-PRESENTATION-2009-078] Windows Vista’s personal firewall provides its diverse users with a basic interface that hides many operational details. [...] Published in Talk given at Symposium On Usable Privacy and Security (SOUPS), July 2009, at Google in Mountain View, California, US.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
14.	Revealing Hidden Context: Improving Mental Models of Personal Firewall Users / Fahimeh Raja ; Kirstie Hawkey ; Konstantin Beznosov [LERSSE-PRESENTATION-2009-076] The Windows Vista personal firewall provides its diverse users with a basic interface that hides many operational details. [...] Published in Talk given at NSERC ISSNet Workshop 2009, Carleton University, Ottawa, Canada.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
15.	Towards Web 2.0 Content Sharing Beyond Walled Gardens / San-Tsai Sun ; Konstantin Beznosov [LERSSE-PRESENTATION-2009-075] Web 2.0 users need usable mechanisms for sharing their content with each other in a controlled manner across boundaries of content-hosting or application-service providers (CSPs). [...] Published in Talk given at NSERC ISSNet Workshop 2009, Carleton University, Ottawa, Canada: Transfer from CDS 0.99.7: PPT; Detailed record - Similar records
16.	Toward Improving Availability and Performance of Enterprise Authorization Services / Konstantin Beznosov [LERSSE-PRESENTATION-2009-001] In currently deployed large enterprise systems, policy enforcement points (PDPs) are commonly implemented as logically centralized authorization servers [...] Published in Talk given at the Faculty of Computer Science, Technical University of Dortmund.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
17.	Management of IT Security in Organizations: What Makes It Hard? / Konstantin Beznosov [LERSSE-PRESENTATION-2008-073] Security of information technology (IT) has become a critical issue for organizations as they must protect their information assets from unauthorized access and quickly resume business activities after security breaches. [...] Published in Konstantin Beznosov, “Management of IT Security in Organizations: What Makes It Hard?” talk given at the SAP Research, Campus-based Engineering Center, Karlsruhe, Germany, 08 July 2008.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
18.	Why (Managing) IT Security is Hard and Some Ideas for Making It Easier / Konstantin Beznosov [LERSSE-PRESENTATION-2008-072] The way security mechanisms for distributed applications are engineered today has a number of serious drawbacks. [...] Published in Konstantin Beznosov, “Why (Managing) IT Security is Hard and Some Ideas for Making It Easier” talk given at the St. Petersburg Institute for Informatics and Automation of the Russian Academy of Sciences, 2 June 2008.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
19.	The Secondary and Approximate Authorization Model and its Application to BLP and RBAC Policies / Konstantin Beznosov [LERSSE-PRESENTATION-2008-071] The request-response paradigm used for access control solutions commonly leads to point-to-point (PTP) architectures, with security enforcement logic obtaining decisions from authorization servers through remote procedure calls. [...] Published in Konstantin Beznosov, “The Secondary and Approximate Authorization Model and its Application to BLP and RBAC Policies” talk given at the Computer Science Department, IBM Research Laboratory, Rüeschlikon, Switzerland, 5 June 2008.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
20.	Toward Understanding the Workplace of IT Security Practitioners / Konstantin Beznosov [LERSSE-PRESENTATION-2008-070] Security of information technology (IT) has become a critical issue for organizations as they must protect their information assets from unauthorized access and quickly resume business activities after security breaches. [...] Published in Konstantin Beznosov, “Toward Understanding the Workplace of IT Security Practitioners” talk given at the Computer Science Department, College University London, 04 July 2008.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
21.	Responding to security incidents: are security tools everything you need? / Rodrigo Werlinger ; Kirstie Hawkey ; Konstantin Beznosov [LERSSE-PRESENTATION-2008-069] Presentation given at FIRST'08 conference [...] Published in Rodrigo Werlinger, Kirstie Hawkey, Konstantin Beznosov, "Responding to security incidents: are security tools everything you need?", presented at FIRST, Vancouver, Canada, June 23-27, 2008.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
22.	A Broad Empirical Study of IT Security Practioners / Konstantin Beznosov [LERSSE-PRESENTATION-2008-068] Security of information technology (IT) has become a critical issue for organizations as they must protect their information assets from unauthorized access and quickly resume business activities after a security breach [...] Published in Konstantin Beznosov, "A Broad Empirical Study of IT Security Practioners," talk given at the Coast to Coast Seminar Series, 2008-03-18.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
23.	HOT Admin Research Project: Overview and Results to Date / Konstantin Beznosov [LERSSE-PRESENTATION-2008-067] Security of information technology (IT) has become a critical issue for organizations as they must protect their information assets from unauthorized access and quickly resume business activities after a security breach [...] Published in Konstantin Beznosov, "HOT Admin Research Project: Overview and Results to Date," presented at the seminar series of GONDWANA (Towards Quantitative Security Metrics) research project, 41 pages, École Polytechnique de Montréal, February 21, 2008.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
24.	On the Imbalance of the Security Problem Space and its Expected Consequences / Konstantin Beznosov ; Olga Beznosova [LERSSE-PRESENTATION-2007-064] This paper considers the attacker-defender game in the field of computer security as a three-dimensional phenomenon [...] Published in Konstantin Beznosov, Olga Beznosova "On the Imbalance of the Security Problem Space and its Expected Consequences," Presented at the Symposium on Human Aspects of Information Security & Assurance (HAISA), Plymouth, UK, 10 July, 2007, pp.29.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
25.	Cooperative Secondary Authorization Recycling / Qiang Wei ; Matei Ripeanu ; Konstantin Beznosov [LERSSE-PRESENTATION-2007-063] As distributed applications such as Grid and enterprise systems scale up and become increasingly complex, their authorization infrastructures—based predominantly on the request-response paradigm—are facing challenges in terms of fragility and poor scalability [...] Published in Qiang Wei, Matei Ripeanu, and Konstantin Beznosov, "Cooperative Secondary Authorization Recycling," presented at the 16th Symposium on High Performance Distributed Computing (HPDC'07), June 27, 2007, Monterey, California, USA. pp.24. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
26.	Towards Understanding IT Security Professionals and Their Tools / David Botta ; Rodrigo Werlinger ; André Gagné ; Konstantin Beznosov ; et al [LERSSE-PRESENTATION-2007-062] It is estimated that organizations worldwide will spend around $100 Billion USD on IT Security in 2007. [...] Published in David Botta, Rodrigo Werlinger, André Gagné, Konstantin Beznosov, Sid Fels, Lee Iverson, Brian Fisher, "Towards Understanding IT Security Professionals and Their Tools," CIPS Vancouver Security SIG Meeting, Vancouver, 13 June, 2007, pp.20.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
27.	A Security Analysis of the Precise Time Protocol / Jeanette Tsang ; Konstantin Beznosov [LERSSE-PRESENTATION-2006-061] We present a security analysis of the IEEE 1588 standard, a.k.a [...] Published in Jeanette Tsang, Konstantin Beznosov, "A Security Analysis of the Precise Time Protocol", presented at the Eighth International Conference on Information and Communications Security (ICICS), Raleigh, North Carolina, USA, 5 December, 2006.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
28.	Employing Secondary and Approximate Authorizations to Improve Access Control Systems / Konstantin Beznosov [LERSSE-PRESENTATION-2006-060] The request-response paradigm used for developing access control solutions commonly leads to point-to-point (PTP) architectures, with security enforcement logic obtaining decisions from authorization servers through remote procedure calls. [...] Published in Konstantin Beznosov "Employing Secondary and Approximate Authorizations to Improve Access Control Systems," Halifax, NS, Canada, Faculty of Computer Science, Dalhousie University, 12 October, 2006, pp.43.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
29.	The Secondary and Approximate Authorization Model and its Application to BellLaPadula Policies / Konstantin Beznosov [LERSSE-PRESENTATION-2006-059] The request-response paradigm used for access control solutions commonly leads to point-to-point (PTP) architectures, with security enforcement logic obtaining decisions from authorization servers through remote procedure calls. [...] Published in Konstantin Beznosov "The Secondary and Approximate Authorization Model and its Application to BellLaPadula Policies," Marina del Rey, Clifornia, USA, Computer Networks Division, Information Sciences Institute, the University of Southern California, 6 February, 2006, pp.35.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
30.	Issues in the Security Architecture of the Computerized Patient Record Enterprise / Konstantin Beznosov [LERSSE-PRESENTATION-2006-058] We discuss issues in CPR enterprise security architecture. [...] Published in Konstantin Beznosov "Issues in the Security Architecture of the Computerized Patient Record Enterprise," presented at the Second Workshop on Distributed Object Computing Security (DOCSec), Baltimore, Maryland, USA, 7 May, 1998, pp.11.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
31.	Towards Agile Security Assurance / Konstantin Beznosov [LERSSE-PRESENTATION-2006-057] Agile development methods are promising to become the next generation replacing waterfall development. [...] Published in Konstantin Beznosov "Towards Agile Security Assurance," presentation given at the Calgary Agile Methods User Group (CAMUG), Calgary, Alberta, Canada, University of Calgary, 3 October, 2006.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
32.	Usable Security: Quo Vadis? / Konstantin Beznosov [LERSSE-PRESENTATION-2006-056] The presentation discusses the current state of HCISec and challanges for future research.. Published in Konstantin Beznosov "Usable Security: Quo Vadis?," presented at the USENIX Security panel on usability and security, Vancouver, BC, Canada, USENIX, 2 August, 2006, pp.9.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
33.	HOT Admin: Human, Organization, and Technology Centred Improvement of the IT Security Administration / Konstantin Beznosov ; Sid Fels ; Lee Iverson ; Brian Fisher [LERSSE-PRESENTATION-2006-055] While cryptography, access control, accountability, and other security technologies have received a great deal of attention, to our knowledge this is the first attempt to address systematically the interaction of security administrative models and technologies with usability within an organization [...] Published in Konstantin Beznosov, Sid Fels, Lee Iverson, Brian Fisher, "HOT Admin: Human, Organization, and Technology Centred Improvement of the IT Security Administration," CIPS Vancouver Security SIG Meeting, Vancouver, 8 March, 2006, pp.35.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
34.	Analysis of Interdependencies between CITI and other Critical Infrastructures using RISKS Forum data / Hafiz Abdur Rahman ; Konstantin Beznosov [LERSSE-PRESENTATION-2006-052] * Objectives * Information Requirement for CITI Failure Analysis * Use of Public Domain Failure Reports * Existing Classification Methods * Our Method of Classification and Analysis * Results of our Analysis * Conclusions Published in Hafiz Abdur Rahman and Konstantin Beznosov, "Analysis of Interdependencies between CITI and other Critical Infrastructures using RISKS Forum data," JIIRP Technical Meeting, University of British Columbia, ICICS, 27 January, 2006, pp.26. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
35.	Resource Access Decision Service for CORBA-based Distributed Systems / Konstantin Beznosov ; Yi Deng ; Bob Blakley ; Carol Burt ; et al [LERSSE-PRESENTATION-2006-051] Decoupling authorization logic from application logic allows applications with fine-grain access control requirements to be independent from a particular access control policy and from factors that are used in authorization decisions as well as access control models, no matter how dynamic those polices and factors are [...] Published in Barkley, "A Resource Access Decision Service for CORBA-based Distributed Systems," presented at the Annual Computer Security Applications Conference (ACSAC), Phoenix, Arizona, U.S.A., 10 December, 1999, pp.13. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
36.	Secondary and Approximate Authorization Model (SAAM) and its Application to Bell-LaPadula Policies / Konstantin Beznosov [LERSSE-PRESENTATION-2006-050] The talk defines the secondary and approximate authorization model (SAAM) [...] Published in Authorization Model (SAAM) and its Application to Bell-LaPadula Policies," Los Angeles, Information Sciences Institute, 6 February, 2006, pp.35. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
37.	Usability of Security Administration vs. Usability of End-user Security / Mary Ellen Zurko ; Steve Chan ; Greg Conti ; Konstantin Beznosov [LERSSE-PRESENTATION-2005-049] Having recently received increasing attention, usable security is implicitly all about the end user who employs a computer system to accomplish security-unrelated business or personal goals [...] Published in Mary Ellen Zurko, Steve Chan, Greg Conti, Konstantin Beznosov, "Usability of Security Administration vs. Usability of End-user Security," slides of the corresponding panel at the Symposium on Usable Privacy and Security (SOUPS), Pittsburgh, PA, USA, 8 July, 2005, pp.35.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
38.	Update on Security Domain Membership RFP Proposal / Konstantin Beznosov ; Tadashi Kaji [LERSSE-PRESENTATION-2005-048] Presentation explains structural design proposed by the SDMM proposal, as it was standing on December 2000.. Published in Konstantin Beznosov, Tadashi Kaji, "Update on Security Domain Membership RFP Proposal," presented to the OMG ORB/OS PTF, OMG docuement orbos/00-12-07, 12 December, 2000, pp.23. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
39.	Upcoming OMG HealthCare Resource Access Control Facility / Konstantin Beznosov [LERSSE-PRESENTATION-2005-047] Outline: • CORBA in 5 minutes • CORBA security model • Why HRAC • HRAC concepts • HRAC framework design • Work status Published in Konstantin Beznosov, "Upcoming OMG HealthCare Resource Access Control Facility," presentation on Resource Access Decision facility given to SIG Secure at HL7 meeting, Orlando, FL, USA, SIG Secure, HL7, 26 January, 1999, pp.14.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
40.	Towards Agile Security Assurance / Konstantin Beznosov ; Philippe Kruchten [LERSSE-PRESENTATION-2005-046] Agile development methods are promising to become the next generation replacing water-fall development. [...] Published in Konstantin Beznosov, Philippe Kruchten, "Towards Agile Security Assurance," presentation given at The New Security Paradigms Workshop (NSPW), White Point Beach Resort, Nova Scotia, Canada, 20 September, 2004. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
41.	Towards Agile Security Assurance / Konstantin Beznosov [LERSSE-PRESENTATION-2005-045] Agile development methods are promising to become the next generation replacing water-fall development. [...] Published in Konstantin Beznosov, "Towards Agile Security Assurance," presentation given at the Department of Computer Science, Waterloo, Ontario, Canada, University of Waterloo, 18 October, 2004. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
42.	Toward Usable Security Administration / Konstantin Beznosov [LERSSE-PRESENTATION-2005-044] Administration of protection mechanisms for large networked information enterprises is challenging due to large numbers of application instances resources and users, complex and dynamic business processes, and high (and always growing) volume of change because of the first two (large scale and dynamics). [...] Published in Konstantin Beznosov, "Toward Usable Security Administration," presented at the 4th Annual Advanced Networks Conference, Vancouver, Canada, 27 April, 2004.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
43.	Toward Usable Security Administration / Konstantin Beznosov [LERSSE-PRESENTATION-2005-043] Administration of protection mechanisms for large networked information enterprises is challenging due to large numbers of application instances resources and users, complex and dynamic business processes, and high (and always growing) volume of change because of the first two (large scale and dynamics). [...] Published in Konstantin Beznosov, "Toward Usable Security Administration," presentation given at the 4th Annual Advanced Networks Conference, Vancouver, BC, Canada, 27 April, 2004.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
44.	Software Engineering at ECE / Konstantin Beznosov [LERSSE-PRESENTATION-2005-042] This talk gives a brief overview of the Software Engineering teaching and research at the Department of Electrical and Computer Engineering, the University of British Columbia.. Published in Konstantin Beznosov, "Software Engineering at ECE," brief update given at the UBC\'s ECE Advisory Council meeting, Vancouver, B.C., Canada, 2 November, 2003. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
45.	Security Requirements in Healthcare / Konstantin Beznosov [LERSSE-PRESENTATION-2005-041] Presentation on requirements in US healthcare organizations to security vendors, given to the joint SecSIG/CORBAmed session [...] Published in Konstantin Beznosov, "Security Requirements in Healthcare," presentation given to the joint SecSIG/CORBAmed, OMG, OMG doc # corbamed/99-03-16, 23 March, 1999, pp.16. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
46.	Security Engineering for Large Scale Distributed Applications / Konstantin Beznosov [LERSSE-PRESENTATION-2005-040] The way security mechanisms for large-scale distributed applications are engineered today has a number of serious drawbacks. [...] Published in Konstantin Beznosov, "Security Engineering for Large Scale Distributed Applications," Talk given at the Department of Computer Science, Vrije University, Amsterdam, 17 December, 2004. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
47.	Security Engineering for Large Scale Distributed Applications / Konstantin Beznosov [LERSSE-PRESENTATION-2005-039] The way security mechanisms for large-scale distributed applications are engineered today has a number of serious drawbacks. [...] Published in Konstantin Beznosov, "Security Engineering for Large Scale Distributed Applications," Talk given at severall organizations. See the abstract for details., 2003. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
48.	Resource Names for Resource Access Decision (Facility) / Konstantin Beznosov [LERSSE-PRESENTATION-2005-038] Presentation given to the joint SecSIG/CORBAmed session on Resource Access Decision facility, as part of the presentation on the revised submission to the OMG Healthcare Resource Access Control RFP [...] Published in Konstantin Beznosov, "Resource Names for Resource Access Decision (Facility)," presentation given to the joint SecSIG/CORBAmed, OMG, OMG doc # corbamed/99-03-11, 22 March, 1999, pp.18. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
49.	Resource Access Decision Server: Design and Performance Considerations / Konstantin Beznosov ; Luis Espinal [LERSSE-PRESENTATION-2005-037] Presentation on the design and the conducted performance measurements of RAD server prototype built at CADSE [...] Published in Konstantin Beznosov, Luis Espinal, "Resource Access Decision Server: Design and Performance Considerations," presentation given at CADSE, Miami, FL, USA, CADSE, SCS, FIU, 22 October, 5 November, 1999, pp.25.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
50.	Resource Access Decision Facility: Overview / Konstantin Beznosov [LERSSE-PRESENTATION-2005-036] Outline: • Why you need Resource Access Decision Facility • Main aspects of RAD specification design • Main design decisions made by RAD submission team Published in Konstantin Beznosov, "Resource Access Decision Facility: Overview," presentation given at DOCsec Workshop, Baltimore, Maryland, USA, OMG, 15 July, 1999, pp.21.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
51.	Requirements for Access Control: US Healthcare Domain / Konstantin Beznosov [LERSSE-PRESENTATION-2005-035] Roles are important factors in authorization rules. [...] Published in Konstantin Beznosov, "Requirements for Access Control: US Healthcare Domain," panel presentation givent at the Third ACM Workshop on Role-Based Access Control, Fairfax, Virginia, USA, ACM, October, 1998.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
52.	Preview: Mastering Web Services Security / Konstantin Beznosov [LERSSE-PRESENTATION-2005-034] This presentation gives an overview of the upcoming book on Mastering Web Services Security that I co-authored with my colleagues at Quadrasis.. Published in Konstantin Beznosov, "Preview: Mastering Web Services Security," presentation given at Computer Science department, Zurich, Switzerland, IBM Research Laboratory, 16 September, 2002. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
53.	Overview of Reference Model of Open Distributed Processing (RM-ODP) / Konstantin Beznosov [LERSSE-PRESENTATION-2005-033] Outline: - Why Languages for Enterprises? - Introduction - RM-ODP goal - What it de nes - Viewpoints - Modeling in RM-ODP - Languages - Analysis of RM-ODP - Summary - Additional Information Published in Konstantin Beznosov, "Overview of Reference Model of Open Distributed Processing (RM-ODP)," presentation given at CADSE, Miami, FL, USA, School of Computer Science, FIU, 17 July, 1998, pp.25. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
54.	Overview of CORBA Security / Konstantin Beznosov [LERSSE-PRESENTATION-2005-032] Outline: • Introduction into computer security • Security in OO systems • CORBA security model overview • Application access control in CORBA • Resource Access Decision Facility • Further Information Published in Konstantin Beznosov, "Overview of CORBA Security," lecture given to he students of graduate class CEN6502, Topics in Concurrent and Distributed Systems, Miami, FL, USA, SCS, FIU, 8 March, 2000, pp.27.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
55.	On the Benefits of Decomposing Policy Engines into Components / Konstantin Beznosov [LERSSE-PRESENTATION-2005-031] In order for middleware systems to be adaptive, their properties and services need to support a wide variety of application-specific policies. [...] Published in Konstantin Beznosov, "On the Benefits of Decomposing Policy Engines into Components," talk given at The 3rd Workshop on Reflective and Adaptive Middleware, Toronto, Canada, 19 October, 2004. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
56.	Object Security Attributes: Enabling Application-specific Access Control in Middleware / Konstantin Beznosov [LERSSE-PRESENTATION-2005-030] This presentation makes two primary contributions toward establishing support for application-specific factors in middleware security mechanisms. [...] Published in Konstantin Beznosov, "Object Security Attributes: Enabling Application-specific Access Control in Middleware," presented at the 4th International Symposium on Distributed Objects Applications (DOA), Irvine, California, 29 October, 2002. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
57.	Middleware and Web Services Security Mechanisms / Konstantin Beznosov [LERSSE-PRESENTATION-2005-029] Learning objectives: Gain a working knowledge of the security mechanisms of current Middleware and Web Services technologies. [...] Published in Konstantin Beznosov, "Middleware and Web Services Security Mechanisms," lecture given at the secure application development course SecAppDev course, Brussels, Belgium, Katholieke Universiteit Leuven, 2 March, 2005, pp.65. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
58.	Middleware and Web Services Security / Konstantin Beznosov [LERSSE-PRESENTATION-2005-028] Challenges of designing secure distributed applications are due to distribution, scale and object orientation. [...] Published in Konstantin Beznosov, "Middleware and Web Services Security," tutorial given at JavaPolis University, Antwerp, Belgium, Belgium Java Users Group, 14 December, 2004. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
59.	JAMES: Junk Authorizations for Massive-scale Enterprise Services / Konstantin Beznosov [LERSSE-PRESENTATION-2005-027] The request-response paradigm used for distributed access control solutions commonly leads to point-to-point (PTP) architectures with security enforcement logic obtaining decisions from the authorization servers through remote procedure calls [...] Published in Konstantin Beznosov, "JAMES: Junk Authorizations for Massive-scale Enterprise Services," given at the School of Computing and Information Sciences, Florida International University, Miami, Florida, USA, August 15, 2005, pp.29. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
60.	Issues in the Security Architecture of the Computerized Patient Record Enterprise / Konstantin Beznosov [LERSSE-PRESENTATION-2005-026] We discuss issues in CPR enterprise security architecture. [...] Published in Konstantin Beznosov, "Issues in the Security Architecture of the Computerized Patient Record Enterprise," presentation given at Second Workshop on Distributed Object Computing Security (DOCSec), Baltimore, Maryland, USA, Object Management Group, 7 May, 1998. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
61.	Issues in the Security Architecture of the Computerized Patient Record Enterprise / Beznosov, K [LERSSE-PRESENTATION-2005-025] We discuss issues in CPR enterprise security architecture. [...] Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
62.	Introduction to Cryptography, Part II / Konstantin Beznosov [LERSSE-PRESENTATION-2005-024] Outline: - Probabilistic encryption -- Average Case Computational Di culty and the Worst Case Di culty - Identity-Based Public-Key Cryptography - Fair Coin Flipping Using Public-Key Cryptography - Fair Cryptosystems (Key Escrow) - Zero Knowledge Interactive Proof Systems Published in Konstantin Beznosov, "Introduction to Cryptography, Part II," presentation given at class COT 6421, Theory of Computation II, Miami, FL, USA, School of Computer Science, Florida International University, 7 April, 1998. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
63.	Introduction to Cryptography, Part I: Probabilistic Encryption / Konstantin Beznosov [LERSSE-PRESENTATION-2005-023] Outline: - Why do we need probabilistic encryption? - The idea behind - Optimized algorithm - Drawbacks Published in Konstantin Beznosov, "Introduction to Cryptography, Part I: Probabilistic Encryption," presentation given at the class COT 6421, Theory of Computation II, Miami, FL, USA, School of Computer Science, Florida International University, 2 April, 1998.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
64.	Improving Practical Security Engineering: Overview of the Ongoing Research / Konstantin Beznosov [LERSSE-PRESENTATION-2005-022] Security engineering is about creating viable solutions to real-world security problems-solutions that would address the requirements, be cost-effective, competitive, and yet be subject to the limitations of today security and software technologies [...] Published in Konstantin Beznosov, "Improving Practical Security Engineering: Overview of the Ongoing Research," talk given at the Department of Computer Science, Heverlee, Belgium, Catholic University of Leuven, 20 December, 2004. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
65.	Human Factor in Security Administration: Brainstorming the Research Directions / Konstantin Beznosov [LERSSE-PRESENTATION-2005-021] Although usability has been acknowledged by the security community as one of the design goals back in 1970s, there is dearth of applications of HCI methods to the domain of computer security in general and security administration in particular. [...] Published in Konstantin Beznosov, "Human Factor in Security Administration: Brainstorming the Research Directions," presentation given at SEEDS, Vancouver, BC, Canada, SEEDS, ECE, UBC, 2 December, 2003. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
66.	HIPAA and CPR Architecture / Konstantin Beznosov [LERSSE-PRESENTATION-2005-020] The presentation that describes Health Insurance Portability and Accountability Act (HIPAA) from the perspective of the Computerized Patient Record (CPR) Architecture [...] Published in Konstantin Beznosov, "HIPAA and CPR Architecture," presentation given to IT leadership of the Baptist Health Systems, Miami, FL, USA, Baptist Health Systems of South Florida, 19 April, 1999, pp.17.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
67.	Handouts: Introduction to Cryptography / Konstantin Beznosov [LERSSE-PRESENTATION-2005-019] Outline: - Probabilistic encryption - Identity-Based Public-Key Cryptography - Fair Coin Flipping Using Public-Key Cryptography - Fair Cryptosystems (Key Escrow) - Zero Knowledge Interactive Proof Systems Published in Konstantin Beznosov, "Handouts: Introduction to Cryptography," handouts for the presentation given at class COT 6421, Theory of Computation II, Miami, FL, USA, School of Computer Science, Florida International University, April, 1998. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
68.	Flooding and Recycling Authorizations / Konstantin Beznosov [LERSSE-PRESENTATION-2005-018] The request-response paradigm used for access control solutions commonly leads to point-to-point (PTP) architectures with security enforcement logic obtaining decisions from the authorization servers through remote procedure calls. [...] Published in Konstantin Beznosov, "Flooding and Recycling Authorizations," presentation given at the New Security Paradigms Workshop (NSPW), Lake Arrowhead, CA, USA, 22 September, 2005, pp.25. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
69.	Experience Report: Design and Implementation of a Component-Based Protection Architecture for ASP.NET Web Services / Konstantin Beznosov [LERSSE-PRESENTATION-2005-016] This presentation reflects, from a software engineering perspective, on the experience of designing and implementing protection mechanisms for ASP.NET Web services. [...] Published in Konstantin Beznosov, "Experience Report: Design and Implementation of a Component-Based Protection Architecture for ASP.NET Web Services," presented at the Eighth International SIGSOFT Symposium on Component-based Software Engineering (CBSE), St. Louis, Missouri, USA, 15 May, 2005. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
70.	Design / Konstantin Beznosov [LERSSE-PRESENTATION-2005-006] Learning objectives: * understand the principles of engineering secure systems. [...] Published in application development course SecAppDev course, Brussels, Belgium, Katholieke Universiteit Leuven, 2, 3 March, 2005, pp.55. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
71.	Computer and Distributed Security: Introductory Overview for Researchers / Konstantin Beznosov [LERSSE-PRESENTATION-2005-015] Outline: - What is security of computer systems - Security and usability - The main challenge for security - Threats, Vulnerabilities, and Attacks - Security Concerns - Distributed Security - Security Functionalities - Summary - References Published in Konstantin Beznosov, "Computer and Distributed Security: Introductory Overview for Researchers," presentation given at the CADSE, Miami, FL, USA, CADSE, School of Computer Science, FIU, 2 October, 1998, pp.25. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
72.	BHS Information Enterprise Architecture / Konstantin Beznosov ; Eric Butler ; Eric Navarro [LERSSE-PRESENTATION-2005-014] Published in Konstantin Beznosov, Eric Butler, Eric Navarro, "BHS Information Enterprise Architecture," presentation given at CADSE, Miami, FL, USA, CADSE, SCS, FIU, 22 January, 1999, pp.21. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
73.	Attribute Function: an Enabler for Effective Inexpensive Application-specific Security Decisions / Konstantin Beznosov [LERSSE-PRESENTATION-2005-013] Security is an essential feature and foremost concern to Internet and enterprise distributed software applications. [...] Published in Konstantin Beznosov, "Attribute Function: an Enabler for Effective Inexpensive Application-specific Security Decisions," presentation given to the SEEDS, ECE, UBC, Vancouver, BC, Canada, ECE, UBC, 16 September, 2003. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
74.	Architecture-Centered Composition of Adaptive and Dependable Enterprise Security Services / Yi Deng ; Konstantin Beznosov [LERSSE-PRESENTATION-2005-012] Security is an essential feature and foremost concern to enterprise software systems. [...] Published in Yi Deng, Konstantin Beznosov, "Architecture-Centered Composition of Adaptive and Dependable Enterprise Security Services," presented at IBM T. J. Watson Research Center, NY, USA, 14 February, 2000, pp.32. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
75.	Architecture of Information Enterprises: Problems and Perspectives / Konstantin Beznosov [LERSSE-PRESENTATION-2005-011] Current problems, constrains, goals, and approaches in developing architecture of information enterprises are reviewed [...] Published in Konstantin Beznosov, "Architecture of Information Enterprises: Problems and Perspectives," term paper for graduate course in Advanced Software Engineering, Miami, FL, School of Computer Science, Florida International University, 15 April, 1998, pp.12.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
76.	Architectural Separation of Authorization and Application Logic in Distributed Systems / Konstantin Beznosov [LERSSE-PRESENTATION-2005-010] Security is an essential feature and foremost concern to enterprise software systems [...] Published in Konstantin Beznosov, "Architectural Separation of Authorization and Application Logic in Distributed Systems," talk given at several organizations, see abstract for details, April--May, 2000. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
77.	An Overview of The Ongoing Research at LERSSE / Konstantin Beznosov [LERSSE-PRESENTATION-2005-009] This presentation provides an overview of the research projects undergoing at the Laboratory for Education and Research in Secure Systems Engineering (LERSSE) [...] Published in Konstantin Beznosov, "An Overview of The Ongoing Research at LERSSE," KTH, Stockholm, 9 June, 2005, pp.76. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
78.	Access Control Architectures: COM+ vs. EJB / Konstantin Beznosov [LERSSE-PRESENTATION-2005-008] This tutorial provides an overview of access control mechanisms in two most popular commercial middleware technologies, COM+ and EJB. [...] Published in Konstantin Beznosov, "Access Control Architectures: COM+ vs. EJB," tutorial has been given at the JavaPolis, Antwerpen, Belgium, 16 December, 2004. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
79.	Access Control / Konstantin Beznosov [LERSSE-PRESENTATION-2005-007] Learning objectives: Comprehend the principles behind access control mechanisms used in today\\\\\\\'s: * operating systems, * middleware, * virtual machines. [...] Published in Konstantin Beznosov, "Access Control," lecture given at the secure application development course SecAppDev course, Brussels, Belgium, Katholieke Universiteit Leuven, 28 February, 2005, pp.46. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
80.	A Study of Three Workstation-Server Architectures for Object Oriented Database Systems / Konstantin Beznosov [LERSSE-PRESENTATION-2005-006] It presents a paper by David DeWitt, et al \"A Study of Three Workstation-Server Architectures for Object Oriented Database Systems\" [...] Published in Architectures for Object Oriented Database Systems," presentation at graduate course COP 6545 \"Advanced Database Systems\", Miami, FL, School of Computer Science, Florida International University, 23 October, 1996, pp.11. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
81.	A Framework for Implementing Role-based Access Control Using CORBA Security Service / Konstantin Beznosov [LERSSE-PRESENTATION-2005-005] The presentation shows how role-based access control (RBAC) models could be implemented using CORBA Security service [...] Published in Konstantin Beznosov, "A Framework for Implementing Role-based Access Control Using CORBA Security Service," presentation given at CADSE, Miami, FL, USA, Center for Advanced Distributed Systems Engineering (CADSE), School of Computer Science (SCS), Florida International University (FIU), 14, 21 May, 1999, pp.53. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
82.	A Framework for Implementing Role-based Access Control Using CORBA Security Service / Konstantin Beznosov [LERSSE-PRESENTATION-2005-004] The presentation shows how role-based access control (RBAC) models could be implemented using CORBA Security service [...] Published in Konstantin Beznosov, "A Framework for Implementing Role-based Access Control Using CORBA Security Service," presented at the Fourth ACM Workshop on Role-Based Access Control (RBAC), Fairfax, Virginia, USA, ACM, 28 October, 1999, pp.29. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
83.	A Design of An Authorization Service / Konstantin Beznosov [LERSSE-PRESENTATION-2005-003] Outline: • CORBA security model • What CORBA Access Model does[ not] Cover • Healthcare Resource Access Control (H-RAC) high level view • Authorization Service framework design details Published in Konstantin Beznosov, "A Design of An Authorization Service," presentation given at CADSE, Miami, FL, USA, SCS, FIU, 12 February, 1999, pp.16. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
84.	Accountability and Availability / Konstantin Beznosov [LERSSE-PRESENTATION-2005-002] Learning objectives: Comprehend the principles of security accountability and availability. [...] Published in Konstantin Beznosov, "Accountability and Availability," lecture given at the secure application development course SecAppDev course, Brussels, Belgium, Katholieke Universiteit Leuven, 1 March, 2005, pp.43. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
85.	A Security Analysis of the IEEE 1588 Standard / Jeanette Tsang ; Konstantin Beznosov [TEST-PRESENTATION-2005-001] Published in Jeanette Tsang, Konstantin Beznosov, "A Security Analysis of the IEEE 1588 Standard", presented at the 2005 Conference on IEEE-1588 Standard for a Precision Clock Synchronization Protocol for Networked Measurement and Control Systems, October 2005.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records

Posters	20 records found

1.	Augur: Aiding Malware Detection Using Large-Scale Machine Learning / Yazan Boshmaf ; Matei Ripeanu ; Konstantin Beznosov ; Kyle Zeeuwen ; et al [LERSSE-POSTER-2012-001] We present Augur: a large-scale machine learning system that uses malware static and dynamic analyses to predict the maliciousness of new files. [...] Published in Yazan Boshmaf, Matei Ripeanu, Konstantin Beznosov, Kyle Zeeuwen, David Cornell, Dmitry Samosseiko. Augur: Aiding Malware Detection Using Large-Scale Machine Learning. At the Poster Session of the 21st Usenix Security Symposium, Bellevue, WA, 2012: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
2.	[POSTER] The Socialbot Network: When Bots Socialize for Fame and Money / Yazan Boshmaf ; Ildar Muslukhov ; Konstantin Beznosov ; Matei Ripeanu [LERSSE-POSTER-2011-002] Online Social Networks (OSNs) have become an integral part of today's Web. [...] Published in Yazan Boshmaf, Ildar Muslukhov, Konstantin Beznosov, and Matei Ripeanu. The socialbot network: when bots socialize for fame and money. In the Poster Session of the 20th USENIX Conference on Security (SEC'11), August 2011.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
3.	Promoting A Physical Security Mental Model For Personal Firewall Warnings / Fahimeh Raja ; Kirstie Hawkey ; Steven Hsu ; Kai-Le Clement Wang ; et al [LERSSE-POSTER-2011-001] We used an iterative process to design personal firewall warnings in which the functionality of a firewall is visualized based on a physical security mental model. [...] Published in Fahimeh Raja, Kirstie Hawkey, Steven Hsu, Kai-Le Clement Wang, and Konstantin Beznosov. Promoting A Physical Security Mental Model For Personal Firewall Warnings. In Proceedings of the 29th International Conference Extended Abstracts on Human Factors in Computing Systems (Vancouver, BC, Canada, 2011). ACM, New York, NY, 6 pages.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
4.	Expectations, Perceptions, and Misconceptions of Personal Firewalls / Fahimeh Raja ; Kirstie Hawkey ; Pooya Jaferian ; Konstantin Beznosov ; et al [LERSSE-POSTER-2010-007] In this research, our goal is to better understand users' knowledge, expectations, perceptions, and misconceptions of personal firewalls. [...] Published in Raja, F., Jaferian, P., Hawkey, K., Beznosov, K., Booth, K. 2009. Expectations, Perceptions, and Misconceptions of Personal Firewalls. In Proceedings of the 6th Symposium on Usable Privacy and Security (Redmond, WA, July 14 - 16, 2010). SOUPS '10. ACM, New York, NY, 1-2.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
5.	Poster: OpenIDemail Enabled Browser, Towards Fixing the Broken Web Single Sign-On Triangle / San-Tsai Sun ; Kirstie Hawkey ; Konstantin Beznosov [LERSSE-POSTER-2010-006] Current Web single sign-on (SSO) solutions impose a cognitive burden on web users and do not provide content-hosting and service providers (CSPs) with sufficient incentives to become relying parties (RPs). [...] Published in San-Tsai Sun, Kirstie Hawkey, and Konstantin Beznosov. Poster: Openidemail enabled browser, towards fixing the broken web single sign-on triangl. poster at the SOUPS 2009, July 13th 2010.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
6.	Poster: Validating and Extending a Study on the Effectiveness of SSL Warnings / Andreas Sotirakopoulos ; Kirstie Hawkey ; Konstantin Beznosov [LERSSE-POSTER-2010-005] We recently replicated and extended a 2009 study that investigated the effectiveness of SSL warnings. [...] Published in A. Sotirakopoulos, K. Hawkey, and K. Beznosov. Poster: Validating and extending a study on the effectiveness of ssl warnings. Poster at Symposium on Usable Privacy and Security, 2010.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
7.	Investigating User Account Control Practices / Sara Motiee ; Kirstie Hawkey ; Konstantin Beznosov [LERSSE-POSTER-2010-004] Non-administrator user accounts and the user account control (UAC) approach of Windows Vista are two practical solutions to limit the damage of malware infection [...] Published in Sara Motiee, Kirstie Hawkey and Konstantin Beznosov. Investigating User Account Control Practices. In Proceedings of the 28th international Conference Extended Abstracts on Human Factors in Computing Systems (Atlanta, GA, USA, April 10 - 15, 2010). ACM, New York, NY, 6 pages.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
8.	Investigating an Appropriate Design for Personal Firewalls / Fahimeh Raja ; Kirstie Hawkey ; Konstantin Beznosov ; Kellogg S. Booth [LERSSE-POSTER-2010-003] Personal firewalls are an important aspect of security for home computer users, but little attention has been given to their usability. [...] Published in Fahimeh Raja, Kirstie Hawkey, Konstantin Beznosov, and Kellogg S. Booth. Investigating an Appropriate Design for Personal Firewalls. In Proceedings of the 28th international Conference Extended Abstracts on Human Factors in Computing Systems (Atlanta, GA, USA, April 10 - 15, 2010). ACM, New York, NY, 6 pages.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
9.	Poster: OpenIDemail Enabled Browser / San-Tsai Sun ; Konstantin Beznosov [LERSSE-POSTER-2010-002] Today's Web is site-centric. [...] Published in San-Tsai Sun and Konstantin Beznosov. Poster: OpenIDemail Enabled Browser. In the poster session of the 25th Annual Computer Security Applications Conference (ACSAC), December 2009: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
10.	Towards Developing Usability Heuristics for Evaluation of IT Security Management (ITSM) Tools / Pooya Jaferian ; David Botta ; Kirstie Hawkey ; Konstantin Beznosov [LERSSE-POSTER-2009-010] Evaluating the usability of specific information technology (IT) security tools is challenging. [...] Published in Pooya Jaferian, David Botta, Kirstie Hawkey, Konstantin Beznosov, Towards Developing Usability Heuristics for Evaluation of IT Security Management (ITSM) Tools. Poster at CHIMIT 2009, Baltimore, MD, 2009.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
11.	Towards Investigating User Account Control Practices in Windows Vista / Sara Motiee, Kirstie Hawkey, Konstantin Beznosov [LERSSE-POSTER-2009-009] This poster presents the research plan for investigating user account control practices in Windows Vista. [...] Published in S. Motiee, K. Hawkey and K. Beznosov, Towards Investigating User Account Control Practices in Windows Vista. Poster in18th USENIX Security Symposium, August 2009.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
12.	A Multi-method Approach for User-centered Design of Identity Management Systems / Pooya Jaferian ; David Botta ; Kirstie Hawkey ; Konstantin Beznosov [LERSSE-POSTER-2009-006] Identity management (IdM) comprises the processes and infrastructure for the creation, maintenance, and use of digital identities. [...] Published in Pooya Jaferian, David Botta, Kirstie Hawkey, Konstantin Beznosov, A multi-method approach for user-centered design of identity management systems. Poster at SOUPS 2009, Mountain View, CA, 2009. : Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
13.	Poster: Toward Enabling Secure Web 2.0 Content Sharing Beyond Walled Gardens / San-Tsai Sun ; Konstantin Beznosov [LERSSE-POSTER-2009-005] Web 2.0 users need usable mechanisms for sharing their content with each other in a controlled manner across boundaries of content-hosting or application-service providers (CSPs). [...] Published in San-Tsai Sun and Konstantin Beznosov. "Poster: Towards enabling secure Web 2.0 user content sharing beyond walled gardens," poster at the USENIX Security 2009, August 13th 2009.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
14.	Speculative Authorizations / Pranab Kini ; Konstantin (Kosta) Beznosov [LERSSE-POSTER-2009-003] In a large-scale enterprise system, making authorization decisions is often computationally expensive due to the complexity of the policies involved and the large size of the resource and user populations [...] Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
15.	Poster: Towards Secure Web 2.0 User Content Sharing Beyond Walled Gardens / San-Tsai Sun ; Konstantin Beznosov [LERSSE-POSTER-2009-002] Web 2.0 users need usable mechanisms for sharing their content with each other in a controlled manner across boundaries of content-hosting or application-service providers (CSPs) [...] Published in San-Tsai Sun and Konstantin Beznosov. "Poster: Towards enabling secure Web 2.0 user content sharing beyond walled gardens," poster at the IEEE Security and Privacy 2009, May 17th 2009.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
16.	Towards Improving Mental Models of Personal Firewall Users / Fahimeh Raja ; Kirstie Hawkey ; Konstantin Beznosov [LERSSE-POSTER-2009-001] Windows Vista’s personal firewall provides its diverse users with a basic interface that hides many operational details. [...] Published in Fahimeh Raja, Kirstie Hawkey, and Konstantin Beznosov, "Towards Improving Mental Models of Personal Firewall Users," in Proceedings of CHI 2009 (Work in Progress), Boston, USA, 4-9 April, 2009, 6 pages.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
17.	A Two-Factor Authentication System using Mobile Phones / Nima Kaviani ; Konstantin Beznosov [LERSSE-POSTER-2008-003] The use of untrusted computers to access critical information introduces one of the main challenges in protecting the security of users’ confidential information. [...] Published in Nima Kaviani, Konstantin Beznosov, "A Two-Factor Authentication System using Mobile Phones", Poster Presentation in the National Privacy and Security Conference, Victoria, Canada, February 2008.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
18.	Security Practitioners in Context: Their Activities and Collaborative Interactions / Rodrigo Werlinger ; Kirstie Hawkey ; Konstantin Beznosov [LERSSE-POSTER-2008-002] This study develops the context of interactions of IT security practitioners [...] Published in Werlinger, R., Hawkey, K., and Beznosov, K. Poster presented at "Security and Privacy Conference", Victoria, BC, Canada, February 2008.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
19.	Searching for the Right Fit: Considerations when Balancing IT Security Management Model Tradeoffs / Kirstie Hawkey, Kasia Muldner and Konstantin Beznosov [LERSSE-POSTER-2008-004] The effectiveness of IT security professionals in an organization is influenced not only by the usability of security management tools, but also by the fit of an organization's security management model (SMM). [...] Published in Kirstie Hawkey, Kasia Muldner, Konstantin Beznosov, "Searching for the Right Fit: Considerations when Balancing IT Security Management Model Tradeoffs", Poster presented at the 7th Annual Conference & Exposition Privacy & Security Conference, Victoria, B.C., February 7-8, 2008.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records
20.	Cooperative Secondary Authorization Recycling / Qiang Wei ; Konstantin Beznosov ; Matei Ripeanu [LERSSE-POSTER-2006-001] As distributed enterprise systems scale up and become increasingly complex their authorization infrastructures are facing new challenges [...] Published in Qiang Wei, Konstantin Beznosov, Matei Ripeanu, "Cooperative Approximate Authorization Recycling", Poster, 15th USENIX Security Symposium, August 2006.: Transfer from CDS 0.99.7: PDF; Detailed record - Similar records

etc	2 records found

The Socialbot Network: Are Social Botnets Possible? / Yazan Boshmaf ; Ildar Muslukhov ; Konstantin Beznosov ; Matei Ripeanu [LERSSE-etc-2012-001]
In this invited piece at the ACM Interactions Magazine, we briefly describe our research into the use, impact, and implications of socialbots on Facebook..
Published in Article by Tim Hwang, Ian Pearce, and Max Nanis. Socialbots: voices from the fronts. In ACM Interactions 19, 2 (March 2012). Piece by Yazan Boshmaf, Ildar Muslukhov, Konstantin Beznosov, Matei Ripeanu. The Socialbot Network: Are Social Botnets Possible?:
Transfer from CDS 0.99.7:

PDF;

Detailed record - Similar records

Summary of the HOT Admin Proposal / Konstantin Beznosov ; Sidney Fels ; Brian Fisher ; Lee Iverson [LERSSE-etc-2006-001]
Published in Konstantin Beznosov, Sidney Fels, Brian Fisher, Lee Iverson, "Summary of the HOT Admin Proposal," December 2005, pp. 2.:
Transfer from CDS 0.99.7:

PDF;

Detailed record - Similar records

Interested in being notified about new results for this query?
Set up a personal email alert or subscribe to the RSS feed.

guest :: login LERSSE Digital Library
		Search		Submit		Personalize Your alerts Your baskets Your searches		Help