Learn More
We consider how an untrusted data aggregator can learn desired statistics over multiple participants’ data, without compromising each individual’s privacy. We propose a construction that allows a group of participants to periodically upload encrypted values to a data aggregator, such that the aggregator is able to compute the sum of all participants’ values(More)
Cloud computing is clearly one of today's most enticing technology areas due, at least in part, to its cost-efficiency and flexibility. However, despite the surge in activity and interest, there are significant, persistent concerns about cloud computing that are impeding momentum and will eventually compromise the vision of cloud computing as a new IT(More)
Users are increasingly dependent on mobile devices. However, current authentication methods like password entry are significantly more frustrating and difficult to perform on these devices, leading users to create and reuse shorter passwords and pins, or no authentication at all. We present implicit authentication authenticating users based on behavior(More)
We introduce the notion of implicit authentication – the ability to authenticate mobile users based on actions they would carry out anyway. We develop a model for how to perform implicit authentication, and describe experiments aimed at assessing the benefits of our techniques. Our preliminary findings support that this is a meaningful approach, whether(More)
Cloud computing is a natural fit for mobile security. Typical handsets have input constraints and practical computational and power limitations, which must be respected by mobile security technologies in order to be effective. We describe how cloud computing can address these issues. Our approach is based on a flexible framework for supporting(More)
Frequent data leak reports in the press attest to the difficulty of identifying and protecting sensitive content. Redaction is particularly challenging because it seeks to protect a document by selectively removing only the sensitive parts. The prototype system described here addresses some current technology limitations.
Detecting inferences in documents is critical for ensuring privacy when sharing information. In this paper, we propose a refined and practical model of inference detection using a reference corpus. Our model is inspired by association rule mining: inferences are based on word co-occurrences. Using the model and taking the Web as the reference corpus, we can(More)
The annual incidence of insider attacks continues to grow, and there are indications this trend will continue. While there are a number of existing tools that can accurately identify known attacks, these are reactive (as opposed to proactive) in their enforcement, and may be eluded by previously unseen, adversarial behaviors. This paper proposes an approach(More)
We show how to convert regular keyboard-entry CAPTCHAs into <i>clickable</i> CAPTCHAs. The goal of this conversion is to simplify and speed-up the entry of the CAPTCHA solution, to minimize user frustration and permit the use of CAPTCHAs on devices where they would otherwise be unsuitable. We propose a technique for producing secure clickable CAPTCHAs that(More)