Learn More
Most comparisons of wireless ad hoc routing algorithms involve simulated or <i>indoor</i> trial runs, or outdoor runs with only a small number of nodes, potentially leading to an incorrect picture of algorithm performance. In this paper, we report on an outdoor comparison of four different routing algorithms, APRL, AODV, ODMRP, and STARA, running on top of(More)
— When users' mental models don't match the way the underlying systems work, problems can arise. For human-based security systems to be effective, we believe that is important to identify the tasks involved at which humans excel (and at which computers do not), and then design the system accordingly. To demonstrate this principle, we are building(More)
Distributed systems typically support processes that involve humans separated by space and by organizational boundaries. Because of its ability to enable secure communications between parties that do not share keys a priori, public key cryptography is a natural building block for the elements of these computing systems to establish trust with each other.(More)
In this paper, we present the design and prototype of a new approach to cookie management: if a server deposits a cookie only after authenticating itself via the SSL handshake, the browser will return the cookie only to a server that can authenticate itself, via SSL, to the same keypair. This approach can enable usable but secure client authentica-tion.(More)
The systems we worry about securing include the people who use them. In everyday offline life, an average person's "security policy" consists of a few simple, intuitive rules. We believe that the majority of users continuously employ risk analysis heuristics to plan both their online and offline actions; the overwhelming problem of online security is that(More)
The ease with which a malicious third party can obtain a user's password when he or she logs into Internet sites (such as bank or email accounts) from an insecure computer creates a substantial security risk to private information and transactions. For example, a malicious administrator at a cybercafe, or a malicious user with sufficient access to install(More)
As wireless networks become more prevalent, a widening array of computational resources becomes available to the mobile user. Since not all users should have unrestricted access to these resources, a method of access control must be devised. In a context-aware environment, context information can be used to supplement more conventional password-based access(More)
Current PKI-based email systems (such as X.509 S/MIME and PGP/ MIME) potentially enable a recipient to determine a name and organizational affiliation of the sender. This information can suffice for a trust decision when the recipient already knows the sender—but how can a recipient decide whether or not trust email from a new correspondent? Current systems(More)
  • 1