A Security Analysis of the Precise Time Protocol (Short Paper)
This paper reports on a security analysis of the IEEE 1588 standard, a.k.a. Precise Time Protocol (PTP). We show that attackers can use the protocol to (a) incorrectly resynchronize clocks, (b)...
View ArticleA Security Analysis of the Precise Time Protocol
This paper reports on a security analysis of the IEEE 1588 standard, a.k.a. Precise Time Protocol (PTP). We show that attackers can use the protocol to (a) incorrectly resynchronize clocks, (b)...
View ArticleA Security Analysis of the Precise Time Protocol
We present a security analysis of the IEEE 1588 standard, a.k.a. Precise Time Protocol (PTP). We show that attackers can use the protocol to (a) incorrectly resynchronize clocks, (b) illegally...
View ArticleSecurity Practitioners in Context: Their Activities and Interactions
This study develops the context of interactions of IT security practitioners. Preliminary qualitative analysis of 22 interviews (to date) and participatory observation has identified eight different...
View ArticleSecurity Practitioners in Context: Their Activities and Collaborative...
This study develops the context of interactions of IT security practitioners. Preliminary qualitative analysis of 22 interviews (to date) and participatory observation has identified eight different...
View ArticleHOT Admin Research Project: Overview and Results to Date
Security of information technology (IT) has become a critical issue for organizations as they must protect their information assets from unauthorized access and quickly resume business activities after...
View ArticleA Broad Empirical Study of IT Security Practioners
Security of information technology (IT) has become a critical issue for organizations as they must protect their information assets from unauthorized access and quickly resume business activities after...
View ArticleHuman, Organizational and Technological Challenges of Implementing IT...
Our qualitative research provides a comprehensive list of challenges to the practice of IT security within organizations, including the interplay between human, organizational, and technical factors....
View ArticleToward Understanding the Workplace of IT Security Practitioners
Security of information technology (IT) has become a critical issue for organizations as they must protect their information assets from unauthorized access and quickly resume business activities after...
View ArticleManagement of IT Security in Organizations: What Makes It Hard?
Security of information technology (IT) has become a critical issue for organizations as they must protect their information assets from unauthorized access and quickly resume business activities after...
View ArticleSecurity Practitioners in Context: Their Activities and Interactions with...
This study investigates the context of interactions of IT security practitioners, based on a qualitative analysis of 30 interviews and participatory observation. We identify nine different activities...
View ArticleTowards Understanding Diagnostic Work During the Detection and Investigation...
This study investigates how security practitioners perform diagnostic work during the identification of security incidents. Based on empirical data from 16 interviews with security practitioners, we...
View ArticlePreparation, detection, and analysis: the diagnostic work of IT security...
Purpose — The purpose of this study is to examine security incident response practices of IT security practitioners as a diagnostic work process, including the preparation phase, detection, and...
View ArticleOpenID Security Analysis and Evaluation
OpenID is a promising user-centric Web single sign-on protocol. According to the OpenID Foundation, there are currently more than one billion OpenID-enabled user accounts provided by major service...
View ArticleSystematically breaking and fixing OpenID security: Formal analysis,...
OpenID 2.0 is a user-centric Web single sign-on protocol with over one billion OpenID-enabled user accounts, and tens of thousands of supporting websites. While the security of the protocol is clearly...
View ArticleTowards Improving the Usability and Security of Web Single Sign-On Systems
OpenID and OAuth are open and lightweight web single sign-on (SSO) protocols that have been adopted by high-profile identity providers (IdPs), such as Facebook, Google, Microsoft, and Yahoo, and...
View ArticleAnalysis of Data-At-Rest Security In Smartphones
With almost two billion users worldwide, smartphones are used for almost everything – booking a hotel, ordering a cup of coffee, or paying in a shop. However, small size and high mobility makes these...
View ArticleBits Under the Mattress: Understanding Different Risk Perceptions and...
Crypto-assets are unique in tying financial wealth to the secrecy of private keys. Prior empirical work has attempted to study end-user security from both technical and organizational perspectives....
View ArticleSecurity Notifications in Static Analysis Tools: Developers’ Attitudes,...
Static analysis tools (SATs) have the potential to assist developers in finding and fixing vulnerabilities in the early stages of software development, requiring them to be able to understand and act...
View Article
More Pages to Explore .....