Due to inherent privacy concerns, online personalization services such as those offered through toolbars and desktop widgets are characterized by "no-free-disposal" (NFD...
We propose a scheme that exploits scale to prevent phishing. We show that while stopping phishers from obtaining passwords is very hard, detecting the fact that a password has bee...
Role engineering, the task of defining roles and associating permissions to them, is essential to realize the full benefits of the role-based access control paradigm. Essentially,...
Cross-Site Request Forgery (CSRF) is a widely exploited web site vulnerability. In this paper, we present a new variation on CSRF attacks, login CSRF, in which the attacker forges...
In the Horn theory based approach for cryptographic protocol analysis, cryptographic protocols and (Dolev-Yao) intruders are modeled by Horn theories and security analysis boils d...