Empiricism-Informed Secure System Design: From Improving Passwords to Helping Domestic Violence Victims is coming at 02/28/2019 - 10:00am
KEC 1007 Thu, 02/28/2019 - 10:00am Rahul Chatterjee PhD Candidate, Cornell University Abstract: Security often fails in practice due to a lack of understanding of the nuances in real-world systems. For example, users choose weak passwords to deal with the several usability issues with passwords, which in turn degrades the security of password-based authentication. I will talk about how we can build better security mechanisms by combining methodical empiricism with analytical frameworks. First, in the context of passwords, I will show how to improve the usability of passwords by allowing users to log in with typos in their passwords. I will detail in the talk how to do so without giving attackers any additional advantage to impersonate a user. In the second part of my talk, I will talk about my recent research direction on how traditional authentication mechanisms fail to properly model digital attacks by domestic abusers, and therefore are ineffective for victims. As a result, abusers can spy on, stalk, or harass victims using seemingly innocuous apps and technologies. I will finish with some recent progress that I have made in helping victims of tech abuse, and provide some future research directions. Bio: Read more: http://eecs.oregonstate.edu/colloquium/empiricism-informed-secure-system... [1] [1] http://eecs.oregonstate.edu/colloquium/empiricism-informed-secure-system-design-improving-passwords-helping-domestic-violence
_______________________________________________ Colloquium mailing list [email protected] https://secure.engr.oregonstate.edu/mailman/listinfo/colloquium
