1.
|
The Devil is in the (Implementation) Details: An Empirical Analysis of OAuth SSO Systems
/ San-Tsai Sun ; Konstantin Beznosov
[LERSSE-RefConfPaper-2012-003]
Millions of web users today employ their Facebook accounts to sign into more than one million relying party (RP) websites. [...]
Published in San-Tsai Sun and Konstantin Beznosov. The devil is in the (implementation) details: An empirical analysis of OAuth SSO systems. In Proceedings of ACM Conference on Computer and Communications Security (CCS'12), October 2012.:
Transfer from CDS 0.99.7:  PDF;
|
2.
|
Investigating Users' Perspectives of Web Single Sign-On: Conceptual Gaps and Acceptance Model
/ San-Tsai Sun ; Eric Pospisil ; Ildar Muslukhov ; Nuray Dindar ; et al
[LERSSE-RefJnlPaper-2013-001]
OpenID and OAuth are open and simple web single sign-on (SSO) protocols that have been adopted by major service providers, and millions of supporting websites. [...]
Published in San-Tsai Sun, Eric Pospisil, Ildar Muslukhov, Nuray Dindar, Kirstie Hawkey, and Konstantin Beznosov. Investigating users' perspectives of web single sign-on: Conceptual gaps and acceptance model. Accepted for publication in ACM Transactions on Internet Technology (TOIT) on June 4th, 2013.:
Fulltext: PDF PDF (PDFA);
|
3.
|
Towards Improving the Usability and Security of Web Single Sign-On Systems
/ San-Tsai Sun
[LERSSE-THESIS-2013-001]
OpenID and OAuth are open and lightweight web single sign-on (SSO) protocols that have been adopted by high-profile identity providers (IdPs), such as Facebook, Google, Microsoft, and Yahoo, and millions of relying party (RP) websites. [...]
Published in San-Tsai Sun, "Towards Improving the Usability and Security of Web Single Sign-On Systems," PhD dissertation, Department of Electrical and Computer Engineering, THE UNIVERSITY OF BRITISH COLUMBIA, November, 2013, pp.216:
Fulltext: PDF PDF (PDFA);
|
4.
|
Retrofitting Existing Web Applications with Effective Dynamic Protection Against SQL Injection Attacks
/ San-Tsai Sun ; Konstantin Beznosov
[LERSSE-RefJnlPaper-2009-012]
This paper presents an approach for retrofitting existing web applications with run-time protection against known as well as unseen SQL injection attacks (SQLIAs) without the involvement of application developers. [...]
Published in Sun-Tsai Sun and Konstantin Beznosov. Retrofitting Existing Web Applications with Effective Dynamic Protection Against SQL Injection Attacks. In International Journal of Secure Software Engineering, pages 20-40, 1(1), January 2010.:
Transfer from CDS 0.99.7: PDF;
|
5.
|
SQLPrevent: Effective Dynamic Protection Against SQL Injection Attacks
/ San-Tsai Sun ; Konstantin Beznosov
[LERSSE-REPORT-2009-032]
This paper presents an approach for retrofitting existing web applications with run-time protection against known as well as unseen SQL injection attacks (SQLIAs). [...]
Published in San-Tsai Sun and Konstantin Beznosov, "SQLPrevent: Effective Dynamic Protection Against SQL Injection Attacks," Tech. Rep. LERSSE-TR-2009-32, Laboratory for Education and Research in Secure Systems Engineering, University of British Columbia, March 2009:
Transfer from CDS 0.99.7: PDF;
|
6.
|
Expectations, Perceptions, and Misconceptions of Personal Firewalls
/ Fahimeh Raja ; Kirstie Hawkey ; Pooya Jaferian ; Konstantin Beznosov ; et al
[LERSSE-POSTER-2010-007]
In this research, our goal is to better understand users' knowledge, expectations, perceptions, and misconceptions of personal firewalls. [...]
Published in Raja, F., Jaferian, P., Hawkey, K., Beznosov, K., Booth, K. 2009. Expectations, Perceptions, and Misconceptions of Personal Firewalls. In Proceedings of the 6th Symposium on Usable Privacy and Security (Redmond, WA, July 14 - 16, 2010). SOUPS '10. ACM, New York, NY, 1-2.:
Transfer from CDS 0.99.7: PDF;
|
7.
|
Privacy Aspects of Health Related Information Sharing in Online Social Networks
/ Sadegh Torabi ; Konstantin Beznosov
[LERSSE-RefConfPaper-2013-003]
Online social networks (OSNs) have formed virtual social networks where people meet and share information. [...]
Published in Sadegh Torabi and Konstantin Beznosov. “Privacy Aspects of Health Related Information Sharing in Online Social Networks,” USENIX Workshop on Health Information Technologies (HealthTech '13), August 2013, Washington, USA.:
Fulltext: PDF PDF (PDFA);
|
8.
|
It's Too Complicated, So I Turned It Off! Expectations, Perceptions, and Misconceptions of Personal Firewalls
/ Fahimeh Raja ; Kirstie Hawkey ; Pooya Jaferian ; Konstantin Beznosov ; et al
[LERSSE-RefConfPaper-2010-008]
Even though personal firewalls are an important aspect of security for the users of personal computers, little attention has been given to their usability. [...]
Published in Fahimeh Raja, Kirstie Hawkey, Pooya Jaferian, Konstantin Beznosov, and Kellogg S. Booth. It's Too Complicated, So I Turned It Off! Expectations, Perceptions, and Misconceptions of Personal Firewalls. In Proceedings of the Third ACM Workshop on Assurable & Usable Security Configuration (SafeConfig), October 4, 2010.:
Transfer from CDS 0.99.7: PDF;
|
9.
|
Android Rooting: Methods, Detection, and Evasion
/ San-Tsai Sun ; Andrea Cuadros ; Konstantin Beznosov
[LERSSE-RefConfPaper-2015-007]
Android rooting enables device owners to freely customize their own devices and run useful apps that require root privileges. [...]
Published in San-Tsai Sun, Andrea Cuadros and Konstantin Beznosov. Android Rooting: Methods, Detection, and Evasion. Proceedings of the 5th Annual ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices, October 2015.:
Fulltext: PDF PDF (PDFA);
|
10.
|
Security and Privacy in Online Social Networks
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2013-001]
Facebook has more monthly active users than almost any nation in the world. [...]
Published in Konstantin Beznosov, "Security and Privacy in Online Social Networks," Presentation, 2013, 81p.:
Fulltext: PDF PDF (PDFA);
|
guest ::