Publications of the Laboratory for Education and Research in Secure Systems Engineering (LERSSE) 15 records found  1 - 10next  jump to record: Search took 0.00 seconds. 
1.
SQLPrevent: Effective Dynamic Protection Against SQL Injection Attacks / San-Tsai Sun ; Konstantin Beznosov [LERSSE-REPORT-2009-032]
This paper presents an approach for retrofitting existing web applications with run-time protection against known as well as unseen SQL injection attacks (SQLIAs). [...]
Published in San-Tsai Sun and Konstantin Beznosov, "SQLPrevent: Effective Dynamic Protection Against SQL Injection Attacks," Tech. Rep. LERSSE-TR-2009-32, Laboratory for Education and Research in Secure Systems Engineering, University of British Columbia, March 2009:
Transfer from CDS 0.99.7: Download fulltextPDF;
2.
Heuristics for Evaluating IT Security Management Tools / Pooya Jaferian ; Kirstie Hawkey ; Andreas Sotirakopoulos ; Maria Velez-Rojas ; et al [LERSSE-RefJnlPaper-2013-002]
The usability of IT security management (ITSM) tools is hard to evaluate by regular methods, making heuristic evaluation attractive. [...]
Published in Pooya Jaferian, Kirstie Hawkey, Andreas Sotirakopoulos, Maria Velez-Rojas, Konstantin Beznosov, Heuristics for Evaluating IT Security Management Tools, Accepted in Human–Computer Interaction, doi:10.1080/07370024.2013.819198.:
Fulltext: Download fulltextPDF Download fulltextPDF (PDFA);
3.
Does My Password Go up to Eleven? The Impact of Password Meters on Password Selection / Serge Egelman ; Andreas Sotirakopoulos ; Ildar Muslukhov ; Konstantin Beznosov ; et al [LERSSE-RefConfPaper-2013-001]
Password meters tell users whether their passwords are "weak" or "strong." We performed a laboratory experiment to examine whether these meters influenced users' password selections when they were forced to change their real passwords, and when they were not told that their passwords were the subject of a study. [...]
Published in Serge Egelman, Andreas Sotirakopoulos, Ildar Muslukhov, Konstantin Beznosov, and Cormac Herley. Does My Password Go up to Eleven? The Impact of Password Meters on Password Selection. In Proceedings of Computer-Human Interaction conference, April 2013.:
Transfer from CDS 0.99.7: Download fulltextPDF;
4.
Heuristics for Evaluating IT Security Management Tools / Pooya Jaferian ; Kirstie Hawkey ; Andreas Sotirakopoulos ; Maria Velez-Rojas ; et al [LERSSE-RefConfPaper-2011-006]
The usability of IT security management (ITSM) tools is hard to evaluate by regular methods, making heuristic evaluation attractive. [...]
Published in Pooya Jaferian, Kirstie Hawkey, Andreas Sotirakopoulos, Maria Velez-Rojas, Konstantin Beznosov, Heuristics for Evaluating IT Security Management Tools, in Proceedings of the Symposium on Usable Privacy and Security (SOUPS), Carnegie Mellon University, Pittsburgh, PA, USA, July 20-22, 2011. :
Transfer from CDS 0.99.7: Download fulltextPDF;
5.
Heuristics for Evaluating IT Security Management Tools / Pooya Jaferian ; Kirstie Hawkey ; Andreas Sotirakopoulos ; Konstantin Beznosov [LERSSE-RefConfPaper-2011-002]
The usability of IT security management (ITSM) tools is hard to evaluate by regular methods, making heuristic evaluation attractive [...]
Published in Pooya Jaferian, Kirstie Hawkey, Andreas Sotirakopoulos, and Konstantin Beznosov, Heuristics for Evaluating IT Security Management Tools, In Proceedings of the 29th international conference extended abstracts on Human factors in computing systems (CHI '11), Vancouver, Canada, 2011. :
Transfer from CDS 0.99.7: Download fulltextPDF;
6.
Towards Improving the Usability and Security of Web Single Sign-On Systems / San-Tsai Sun [LERSSE-THESIS-2013-001]
OpenID and OAuth are open and lightweight web single sign-on (SSO) protocols that have been adopted by high-profile identity providers (IdPs), such as Facebook, Google, Microsoft, and Yahoo, and millions of relying party (RP) websites. [...]
Published in San-Tsai Sun, "Towards Improving the Usability and Security of Web Single Sign-On Systems," PhD dissertation, Department of Electrical and Computer Engineering, THE UNIVERSITY OF BRITISH COLUMBIA, November, 2013, pp.216:
Fulltext: Download fulltextPDF Download fulltextPDF (PDFA);
7.
Attribute Function: an Enabler for Effective Inexpensive Application-specific Security Decisions / Konstantin Beznosov [LERSSE-PRESENTATION-2005-013]
Security is an essential feature and foremost concern to Internet and enterprise distributed software applications. [...]
Published in Konstantin Beznosov, "Attribute Function: an Enabler for Effective Inexpensive Application-specific Security Decisions," presentation given to the SEEDS, ECE, UBC, Vancouver, BC, Canada, ECE, UBC, 16 September, 2003. :
Transfer from CDS 0.99.7: Download fulltextPDF;
8.
On the Challenges in Usable Security Lab Studies: Lessons Learned from Replicating a Study on SSL Warnings / Andreas Sotirakopoulos ; Kirstie Hawkey ; Konstantin Beznosov [LERSSE-RefConfPaper-2011-005]
We replicated and extended a 2008 study conducted at CMU that investigated the e effectiveness of SSL warnings. [...]
Published in Andreas Sotirakopoulos, Kirstie Hawkey, and Konstantin Beznosov. On the Challenges in Usable Security Lab Studies: Lessons Learned from Replicating a Study on SSL Warnings. In Proceedings of Symposium on Usable Privacy and Security, July 2011:
Transfer from CDS 0.99.7: Download fulltextPDF;
9.
User-centered design of identity and access management systems / Pooya Jaferian [LERSSE-THESIS-2014-001]
IT security management (ITSM) technologies are important components of IT security in organizations. [...]
Published in Pooya Jaferian, "User-centered design of identity and access management systems," PhD dissertation, Department of Electrical and Computer Engineering, THE UNIVERSITY OF BRITISH COLUMBIA, December, 2014, pp.314:
Fulltext: Download fulltextPDF Download fulltextPDF (PDFA);
10.
Why (Managing) IT Security is Hard and Some Ideas for Making It Easier / Konstantin Beznosov [LERSSE-PRESENTATION-2008-072]
The way security mechanisms for distributed applications are engineered today has a number of serious drawbacks. [...]
Published in Konstantin Beznosov, “Why (Managing) IT Security is Hard and Some Ideas for Making It Easier” talk given at the St. Petersburg Institute for Informatics and Automation of the Russian Academy of Sciences, 2 June 2008.:
Transfer from CDS 0.99.7: Download fulltextPDF;