Mary Theofanos,Simson Garfinkel,Yee-Yin Choong
Mary Theofanos
Surveys of US Defense and Commerce department employees show that using Personal Identity Verification and Common Access Cards for two-factor authentication results in improved usability and security.
Cybersecurity Advocates: Force Multipliers in Security Behavior Change [0.03%]
网络安全倡导者:安全行为改变中的放大效应参与者
Julie Haney,Wayne Lutters,Jody Jacobs
Julie Haney
Cybersecurity advocates motivate individuals and organizations to adopt positive security behaviors. Based on our research, we describe qualities of successful advocates. Our findings have practical implications for expanding the cybersecur...
Assane Gueye,Carlos E C Galhardo,Irena Bojanova et al.
Assane Gueye et al.
The Common Weakness Enumeration (CWE) community publishes an aggregate metric to calculate the 'Most Dangerous Software Errors.' However, the used equation highly biases frequency over exploitability and impact. We provide a metric to mitig...
Using Frankencerts for Automated Adversarial Testing of Certificate Validation in SSL/TLS Implementations [0.03%]
使用 Frankencerts 对 SSL/TLS 实现中的证书验证进行自动化对抗测试
Chad Brubaker,Suman Jana,Baishakhi Ray et al.
Chad Brubaker et al.
Modern network security rests on the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols. Distributed systems, mobile and desktop applications, embedded devices, and all of secure Web rely on SSL/TLS for protection again...
Denise Anthony,Andrew T Campbell,Thomas Candon et al.
Denise Anthony et al.
Dartmouth College's Institute for Security, Technology, and Society conducted three workshops on securing information technology in healthcare, attended by a diverse range of experts in the field. This article summarizes the three workshops...
Security and Interoperable Medical Device Systems, Part 2: Failures, Consequences and Classifications [0.03%]
医疗设备系统的安全与互操作性(第二部分):故障、影响及分类
Eugene Y Vasserman,Krishna K Venkatasubramanian,Oleg Sokolsky et al.
Eugene Y Vasserman et al.
Krishna K Venkatasubramanian,Eugene Y Vasserman,Oleg Sokolsky et al.
Krishna K Venkatasubramanian et al.
Experience-Based Access Management: A Life-Cycle Framework for Identity and Access Management Systems [0.03%]
基于经验的访问管理:身份和访问管理系统生命周期框架
Carl A Gunter,David Liebovitz,Bradley Malin
Carl A Gunter
Experience-based access management incorporates models, techniques, and tools to reconcile differences between the ideal access model and the enforced access control.