We spent a week in Toronto for the ISSNet Annual Workshop. We heard updates on recent work on research projects in all three themes (Network-oriented Security, Software Systems-oriented Security, Human-oriented Security) and had plenty of opportunity to catch up and discuss research with members from other Universities and industry partners. Students presented posters of their on-going research projects. Invited talks by Nart Villeneuve from Trend Micro and by N. Asokan and Valtteri Niemi from … [Read more...] about ISSNet Annual Workshop
ACM Computing Surveys
Our survey of graphical passwords has been accepted for publication in ACM Computing Surveys. … [Read more...] about ACM Computing Surveys
Back from FC’11
We just returned from Financial Cryptography '11 in St. Lucia. I was pleasantly surprised to see that several of the papers addressed human factors and usable security. Our workshop on Authentication was well-attended and generated lots of questions and discussion between attendees and panelists. And in between, I managed to get in lots of scuba diving. A great trip overall. … [Read more...] about Back from FC’11
Persuasive Cued Click-Points paper
We have a new technical report providing a systematic study of the Persuasive Cued Click-Points (PCCP) graphical password system. It is available here: Persuasive Cued Click-Points: Design, implementation, and evaluation of a knowledge-based authentication mechanism … [Read more...] about Persuasive Cued Click-Points paper
Comprehensive survey of graphical passwords
Our comprehensive survey of graphical passwords is now available as a technical report: It is available here: Graphical Passwords: Learning from the First Twelve Years … [Read more...] about Comprehensive survey of graphical passwords
MVP technical report posted
We have posted a new technical report on our MVP web-based authentication framework and the initial user studies that used it as an experimental platform. It is available here: The MVP Web-Based Authentication Framework … [Read more...] about MVP technical report posted
ACSAC 2010
We've just returned from ACSAC 2010 in Austin, Texas. What a change from the winter weather in Canada! Another highlight was the "Security blankets" that they gave us instead of the usual conference bag. Elizabeth presented our paper on the first day. It was the only usable security paper at the conference, but there was lots of audience interest and questions. Tom Longstaff's invited talk about the experimental process and the importance of gathering real data resulted in lively … [Read more...] about ACSAC 2010
10-year CRC event in Toronto
I attended the 10th-anniversary Canada Research Chair event in Toronto with Paul and other CRCs from Carleton. A lot of the CRCs from Ontario and their students/postdocs attended the 2-day event showcasing research in Canada. Everyone had posters, ours was on usable authentication. It was interesting to see the wide spectrum of research topics - humanities, technology, engineering, sciences - it was all represented. … [Read more...] about 10-year CRC event in Toronto
FC'11 Workshop on User Authentication
We are organizing a workshop on user authentication, co-located with Financial Cryptography 2011 in St. Lucia on March 4, 2011. The workshop will consist of invited talks and expert panels. A preliminary program is available and will be updated as details are finalized. Workshop on The Future of User Authentication and Authorization on the Web: Challenges in Current Practice, New Threats, and Research Directions Friday, March 4, 2011 --- St. Lucia … [Read more...] about FC'11 Workshop on User Authentication
Looking for game programmer
We are currently looking for people to work on a web-based serious game about computer security. If you think you have the required software design and programming skills, please contact me. … [Read more...] about Looking for game programmer