Tuesday, October 13, 2009

Multiple Password Interference in Text Passwords and Click-Based Graphical Passwords

Sonia Chiasson et al, Carleton University. Presented by Adrian Mettler.

Tuesday, October 6, 2009

Ripley: Automatically Securing Web 2.0 Applications Through Replicated Execution

K.Vikram, Abhishek Prateek, and Ben Livshits. Presented by Joel Weinberger. The paper presents a system, Ripley, which allows for the automatic replicated execution of a client-side program. In modern web applications and AJAX frameworks, more and more computation is pushed to the client in order to reduce the amount of communication between the client and server. However, as computation is pushed to the client, malicious users can abuse this to violate the integrity of data on the server. Ripley automatically extracts client computation so it can be replicated on the server and verified.

Tuesday, September 29, 2009

Static Enforcement of Web Application Integrity Through Strong Typing

Wil Robertson and Giovanni Vigna of UCSB. Presented by Matthew Finifter.

Tuesday, September 22, 2009

Tuesday, September 8, 2009

Crying Wolf: An Empirical Study of SSL Warning Effectiveness

Joshua Sunshine, Serge Egelman, Hazim Almuhimedi, Neha Atri, and Lorrie Faith Cranor, Carnegie Mellon University. Presented by Erika Chin.