A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2009; you can also visit the original URL.
The file type is application/pdf.
Filters
A Case (Study) For Usability in Secure Email Communication
2007
IEEE Security and Privacy
Preserved Fulltext
Acknowledgments The author thanks Scott Rea for his insightful comments and willingness to read multiple drafts of this article. ...
Encryption and the key distribution problem Now, more than ever, the privacy of our communications is at risk. ...
www.computer.org/security/ ■ IEEE SECURITY & PRIVACY dentiality of my electronic conversations in mind, I convinced some of my research colleagues to encrypt their email conversations with me. ...
doi:10.1109/msp.2007.25
fatcat:knjkcxq5rjcshpopp2lpkhoyhy
SoK: Securing Email – A Stakeholder-Based Analysis (Extended Version)
[article]
2021
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
Other Versions
We begin by identifying a variety of stakeholders who have an interest in the current email system and in efforts to provide secure solutions. ...
While email is the most ubiquitous and interoperable form of online communication today, it was not conceived with strong security guarantees, and the ensuing security enhancements are, by contrast, lacking ...
It is not clear how email can follow the same path. Getting users to adopt secure email services may require gains in user understanding of risks and trust in solutions that mitigate those risks. ...
arXiv:1804.07706v3
fatcat:wbocbmeetve6vfkt3fzayjcelq
User-centric PKI
2008
Proceedings of the 7th symposium on Identity and trust on the Internet - IDtrust '08
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2010; you can also visit the original URL.
The file type is application/pdf.
We contrast the usability/privacy/security properties of our design with other identity management/authentication schemes deployed or being proposed today. ...
A number of solutions have been proposed -and some have even been deployed -but the capability remains unavailable to most users and the solutions deployed raise concerns for both convenience and security ...
When forgotten password recovery is to be based on the (dubious) security of email, there are two possibilities: • A site keeps the user's actual password, and emails the password to the email address ...
doi:10.1145/1373290.1373300
dblp:conf/idtrust/PerlmanK08
fatcat:lgkoof7danb3jjtnx2fvojjhm4
User-visible cryptography in email and web scenarios
2015
Information and Computer Security
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Risks Common risks with these scenarios involve the traditional security properties. ...
Risk management The risks identified in these user stories are generally low as the impact of a breach is low, for example in social websites and social email. ...
doi:10.1108/ics-07-2013-0054
fatcat:wtnxkreq3fcnlbmznig7rii5im
Secure Email Transmission Protocols – A New Architecture Design
[article]
2022
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
On top of the basic layer of SMTP, POP3, and IMAP protocols to send and retrieve emails, there are several other major security protocols used in current days to secure email transmission such as TLS/SSL ...
However, email transmission protocols were not designed with security in mind, and this has always been a challenge while trying to make email transmission more secure. ...
Instead of relying on the algorithmic complexity in Public Key Infrastructure (PKI), quantum teleportation achieves authentication and encryption based on non-locality of entanglement correlation space ...
arXiv:2208.00388v1
fatcat:gvt752un2vgu3gqm7vmcbqj2na
Email feedback
2005
Proceedings of the 2005 ACM workshop on Formal methods in security engineering - FMSE '05
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2006; you can also visit the original URL.
The file type is application/pdf.
This in turn allows downstream principals to express and enforce precise requirements as the risk of losing desirable messages is minimized. ...
Current email-control mechanisms, though highly effective, are prone to dropping desirable messages. ...
Reputation and trust based solutions are dependent on establishing identity of the sender, which is a significant problem in email. ...
doi:10.1145/1103576.1103586
dblp:conf/ccs/KaushikWWA05
fatcat:5lztlpqkpbhs5dcizig7vgd33e
Evaluating Web PKIs
[chapter]
2017
Software Architecture for Big Data and the Cloud
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Certificate authorities serve as trusted parties to help secure web communications. They are a vital component for ensuring the security of cloud infrastructures and big data repositories. ...
However, none of it has been widely adopted yet, and it is hard to judge which one is the winner. ...
To give an intuition of potential security and privacy applications of PKI in big data, we present some example scenarios. ...
doi:10.1016/b978-0-12-805467-3.00007-7
fatcat:icorbbj4wfb5plvjyrdqbhmifa
Vulnerabilities of PKI based Smartcards
2007
MILCOM 2007 - IEEE Military Communications Conference
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2012; you can also visit the original URL.
The file type is application/pdf.
PKI-enabled smartcards hold the future of personal identity management and resilience against identity theft. ...
Bluetooth of
course introduces its own set of security risks.
SSL Connections
The card could use a SSL channel to a particular
I/O device that is trusted. This is a difficult to
deploy solution. ...
Implementation and use of Secure I/O
The challenge of a secure PKI card design is to
incorporate not only PKI but also secure I/O
subsystem in a manner that does not compromise
the form factor, connectivity ...
doi:10.1109/milcom.2007.4455333
fatcat:p65xatj4xzhwvcnzwmpfhcdtcm
PKI Seeks a Trusting Relationship
[chapter]
2000
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2006; you can also visit the original URL.
The file type is application/pdf.
This paper describes public-key infrastructures in general and discusses issues related to trust management of public-key infrastructures. ...
Digital certificates and public-key infrastructures represent an attempt to mimic real-world human assessment of identity and trustworthiness in an automated and mechanical fashion, but present implementations ...
Another popular application is email encryption based on the S/MIME [8, 9] standard which consists of digitally encrypting the body (and not the head) of email messages. ...
doi:10.1007/10718964_16
fatcat:wyp7ljfrqrhhfmutfs3sr6qcj4
Privacy PreservingWeb-Based Email
[chapter]
2008
Algorithms, Architectures and Information Systems Security
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2010; you can also visit the original URL.
The file type is application/pdf.
Recent web-based applications offer users free service in exchange for access to personal communication, such as on-line email services and instant messaging. ...
In this paper, we show that it is possible to protect a user's privacy from these risks by exploiting mutually oblivious, competing communication channels. ...
Methods of securing non-web-based email have been extensively studied. ...
doi:10.1142/9789812836243_0016
fatcat:4u2peyqlurc4dgzrgdv6dappee
ABUSE: PKI for Real-World Email Trust
[chapter]
2010
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2015; you can also visit the original URL.
The file type is application/pdf.
We then built Attribute-Based, Usefully Secure Email (ABUSE), a PKI-based system to solve this problem. ...
6, 7], a secure email standard that leverages an X.509 PKI [8] to provide message integrity and nonrepudiation via digital signatures [9, 10] . ...
The problem of human trust requires large amounts of human context to decide, and computers are ill-suited for these kinds of tasks. ...
doi:10.1007/978-3-642-16441-5_10
fatcat:abbfmmajhvhmbabogyuyixs2sa
Personal PKI for the Smart Device Era
[chapter]
2013
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
However, increased connectivity raises a number of security and privacy issues, and in this paper we introduce a public key infrastructure designed to be suitable for personal computing across multiple ...
We recognize the need for our PKI to work on both mobile and home networks, use existing online user identities and take into consideration the different interaction styles found on smart devices in different ...
This motivates the need for a suitable PKI for personal networks capable of protecting user security and privacy. ...
doi:10.1007/978-3-642-40012-4_5
fatcat:kwy6qnsgwjcf7em262ti4vj5di
Beyond PKI: The Biocryptographic Key Infrastructure
[chapter]
2013
Security and Privacy in Biometrics
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Ellison and Schneier [14] specifically highlight a series of identity related PKI risks by asking the following questions: 1. Who do we trust, and what for? 2. Who is using my key? ...
More importantly, we analyze the problem of applying unprotected biometric features directly into PKI, and propose the integration of a secure, revocable biometric template protection technology that supports ...
Even at a FAR of 1 in 1,000,000, the attacker still gets four choices, on average, to compromise the matching system. network authentication, the risk of spoofing is greatly reduced by secure templates ...
doi:10.1007/978-1-4471-5230-9_3
fatcat:yuthwurbrnd3nefhdptujvc22y
Simulation of PKI-enabled communication for identity management using CyberCIEGE
2010
2010 - MILCOM 2010 MILITARY COMMUNICATIONS CONFERENCE
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2011; you can also visit the original URL.
The file type is application/pdf.
The CyberCIEGE game engine modifications include modeling of chains of trust and risks of cross certification schemes. ...
CyberCIEGE Virtual Private Network (VPN) gateways, VPN clients and email clients were then extended to incorporate the new PKI features. ...
Players also learn about potential risks associated with the use of PKI by experimenting and observing cause and effects. ...
doi:10.1109/milcom.2010.5679591
fatcat:ksvixqbfobdbvopvjdvgkyf7du
Beyond PKI: The Biocryptographic Key Infrastructure
2010
2010 IEEE International Workshop on Information Forensics and Security
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Ellison and Schneier [14] specifically highlight a series of identity related PKI risks by asking the following questions: 1. Who do we trust, and what for? 2. Who is using my key? ...
More importantly, we analyze the problem of applying unprotected biometric features directly into PKI, and propose the integration of a secure, revocable biometric template protection technology that supports ...
Even at a FAR of 1 in 1,000,000, the attacker still gets four choices, on average, to compromise the matching system. network authentication, the risk of spoofing is greatly reduced by secure templates ...
doi:10.1109/wifs.2010.5711435
dblp:conf/wifs/ScheirerBB10
fatcat:avh4vs2eobbi3nnobubs7w5bmu
« Previous
Showing results 1 — 15 out of 1,957 results