Security and Usability

(See also research at Carleton's Usable Security Group.)

• IP Geolocation and Anonymous Browsing

  • See under Web Security and Privacy

• Usability and Text Passwords

  • S. Chiasson, A. Forget, E. Stobert, P.C. van Oorschot, R. Biddle. Multiple Password Interference in Text Passwords and Click-Based Graphical Passwords. ACM CCS 2009, Chicago, Nov. 2009.
  • A. Forget, S. Chiasson, P.C. van Oorschot, R. Biddle. Improving Text Passwords Through Persuasion. Symposium on Usable Privacy and Security (SOUPS'08), July 2008, Pittsburgh, PA, USA.
  • A. Forget, S. Chiasson, P.C. van Oorschot, R. Biddle. Persuasion for Stronger Passwords: Motivation and Pilot Study. Third International Conference on Persuasive Technology, June 2008, Oulu, Finlan.
  • S. Chiasson, P.C. van Oorschot, R. Biddle. A Usability Study and Critique of Two Password Managers. USENIX Security Symposium, Aug. 2006, Vancouver, Canada.

• Usability of Online Banking Requirements

  • M. Mannan, P.C. van Oorschot. Security and Usability: The Gap in Real-World Online Banking. New Security Paradigms Workshop (NSPW'07), Sep. 2007, New Hampshire, USA.

• Security and Usability - General

  • R. Biddle, P.C. van Oorschot, A.S. Patrick, J. Sobey, T. Whalen. Browser Interfaces and Extended Validation SSL Certificates: An Empirical Study. CCSW: The ACM Cloud Computing Security Workshop. Nov. 2009.
  • J. Sobey, R. Biddle, P.C. van Oorschot, A.S. Patrick. Exploring User Reactions to Browser Cues for Extended Validation Certificates. European Symposium on Research in Computer Security (ESORICS'08). Oct. 2008, Malaga, Spain.
  • S. Chiasson, R. Biddle, A. Somayaji. Even Experts Deserve Usable Security: Design Guidelines for Security Management Systems. Workshop on Usable IT Security Management (USM'07), July 2007, Pittsburgh, PA, USA.

• Graphical Passwords

  • See under Authentication and Identity Management