Tuesday, October 13, 2009

Multiple Password Interference in Text Passwords and Click-Based Graphical Passwords

Sonia Chiasson et al, Carleton University. Presented by Adrian Mettler.

Tuesday, October 6, 2009

Ripley: Automatically Securing Web 2.0 Applications Through Replicated Execution

K.Vikram, Abhishek Prateek, and Ben Livshits. Presented by Joel Weinberger. The paper presents a system, Ripley, which allows for the automatic replicated execution of a client-side program. In modern web applications and AJAX frameworks, more and more computation is pushed to the client in order to reduce the amount of communication between the client and server. However, as computation is pushed to the client, malicious users can abuse this to violate the integrity of data on the server. Ripley automatically extracts client computation so it can be replicated on the server and verified.