We just returned from Financial Cryptography '11 in St. Lucia. I was pleasantly surprised to see that several of the papers addressed human factors and usable security. Our workshop on Authentication was well-attended and generated lots of questions and discussion between attendees and panelists. And in between, I managed to get in lots of scuba diving. A great trip overall. … [Read more...] about Back from FC’11
Conference
ACSAC 2010
We've just returned from ACSAC 2010 in Austin, Texas. What a change from the winter weather in Canada! Another highlight was the "Security blankets" that they gave us instead of the usual conference bag. Elizabeth presented our paper on the first day. It was the only usable security paper at the conference, but there was lots of audience interest and questions. Tom Longstaff's invited talk about the experimental process and the importance of gathering real data resulted in lively … [Read more...] about ACSAC 2010
FC'11 Workshop on User Authentication
We are organizing a workshop on user authentication, co-located with Financial Cryptography 2011 in St. Lucia on March 4, 2011. The workshop will consist of invited talks and expert panels. A preliminary program is available and will be updated as details are finalized. Workshop on The Future of User Authentication and Authorization on the Web: Challenges in Current Practice, New Threats, and Research Directions Friday, March 4, 2011 --- St. Lucia … [Read more...] about FC'11 Workshop on User Authentication
ACSAC paper now available
The camera-ready version of our upcoming ACSAC 2010 paper is now available. … [Read more...] about ACSAC paper now available
ACSAC 2010 paper
We recently received the good news that our paper on "Exploring Usability Effects of Increasing Security in Click-based Graphical Passwords" was accepted at ACSAC 2010. Elizabeth will be presenting it in Texas in December. A copy of the final ACSAC version of the paper will be posted shortly. … [Read more...] about ACSAC 2010 paper
PST 2010
Last week, IEEE's Privacy, Security, Trust conference (PST) was held here in Ottawa. The talks were an interesting mix ranging from very technical to public policy topics. I taught a half-day tutorial introducing usable security and how to run usability evaluations. We had a paper on using eye-gaze as a tool to predict likely click-based graphical password click-points: Guessing Click-Based Graphical Passwords by Eye Tracking (2010). Daniel LeBlanc, Alain Forget, Robert Biddle. … [Read more...] about PST 2010
ISSNet Summer School
After SOUPS, we went directly to Vancouver for the 2nd annual ISSNet Summer School held at UBC. We had a week of tutorials on different security topics, with lots of opportunity to get to know the other members of ISSNet. Our UBC hosts were great, and organized lots of social events around the technical program. … [Read more...] about ISSNet Summer School
SOUPS and USER at Microsoft
SOUPS and USER were hosted at Microsoft in Redmond, WA this week. It was great to see everyone again and meet new people working in usable security. Our workshop went well, we were lucky to have several interesting papers/talks and great experts for the panel. I like SOUPS, authors of papers seem to really engage in trying to balance or increase both usability and security. We had a couple of posters, Alain presented one about our recent CHI paper, and I presented one about our MVP framework … [Read more...] about SOUPS and USER at Microsoft
SOUPS and USER next week
We're heading to Redmond, WA for SOUPS and the USER workshop in a few days. Come say hello if you're there too! … [Read more...] about SOUPS and USER next week
USER workshop deadline
The deadline for submissions to both SOUPS workshops has been extended to May 17. The USER workshop focuses on methodology and analysis issues in running usable security studies. If you have experiences with user studies that you'd like to share, consider submitting a short paper. Details of the USER workshop are available on the SOUPS website. … [Read more...] about USER workshop deadline