Owner-controlled information

Proceedings New Security Paradigms Workshop

Volumn , Issue , 2004, Pages 103-111

  Gates, Carrie ^a   Slonim, Jacob ^a  

^a DALHOUSIE UNIVERSITY   (Canada)

Author keywords

Architecture; Privacy; Security

Indexed keywords

COMPUTER ARCHITECTURE; COMPUTER SOFTWARE; DATA MINING; DATABASE SYSTEMS; INTERFACES (COMPUTER); RELIABILITY; RESEARCH; SECURITY OF DATA;

ON-LINE BANKING; PRIVACY; SECURITY ISSUES; USER INFORMATION;

INFORMATION MANAGEMENT;

EID: 17644363402     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (30)

1. A. Adams and M. A. Sasse. Users are not the enemy. Communications of the ACM, 42(12):40-46, 1999.
2. M. Bellare and S. Goldwasser. Verifiable partial key escrow. In Proceedings of the 4th ACM Conference on Computer and Communications Security, pages 78 -91, Zurich, Switzerland, 1997.
3. S. A. Brands. Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy. MIT Press, Cambridge, Massachusetts, 2000.
4. D. Chaum. Security without identification: Transaction systems to make big brother obsolete. Communications of the ACM, 28(10):1030-1044, 1985.
5. L. F. Cranor, J. Reagle, and M. S. Ackerman. Beyond concern: Understanding net users' attitudes about online privacy. Technical Report TR 99.4.3, AT&T Labs, Apr. 1999.
6. W. Diffie and S. Landau. Commentary: The threat of Microsoft's.NET. kingpublishing.com, 2001. Last visited: 17 July 2003.
7. J. Dobson. Private communication between John Dobson and Steven J. Greenwald at NSPW 1996 as referenced by Greenwald, 2003.
8. Electronic Privacy Information Center. Microsoft passport investigation docket, http://www.epic.org/privacy/consumer/microsoft/passport.html, 2003. Last visited: 17 July 2003.
9. C. M. Ellison, B. Frantz, B. Lampson, R. Rivest, B. M. Thomas, and T. Ylonen. SPKI certificate theory, 1998. Internet draft, work in progress.
10. M. Fairhurst, R. Guest, F. Deravi, and J. George. Using biometrics as an enabling technology in balancing universality and selectivity for management of information access. In Universal Access. Theoretical Perspectives, Practice, and Experience: 7th ERCIM International Workshop on User Interfaces for All, pages 249-259, Paris, France, 2002. Springer-Verlag Heidelberg. Lecture Notes in Computer Science 2615. October 24-25, 2002.
11. J. Lettice. Big Brother Award nomination for WPA, Passport pains MS. The Register, 2001. 1 April 2003. Last visited: 17 July 2003.
12. Liberty Alliance. Liberty Alliance project. http://www.projectliberty. org/, 2003. Last visited: 17 July 2003.
13. P. Madsen. The Liberty Alliance, webservices.xml.com, 2003. 1 April 2003. Last visited: 17 July 2003.
14. Microsoft Corporation. MicrosoftNET passport: One easy way to sign in online. http://www.passport.net/. Last visited: 17 July 2003.
15. Microsoft Corporation. Microsoft announces "Hailstorm," a new set of xml web services designed to give users greater control. http://www.microsoft.com/presspass/features/2001/mar01/03-19hailstorm.a'/.sp, 2001. Last visited: 17 July 2003.
16. F. Monrose, M. K. Reiter, Q. Li, and S. Wetzel. Cryptographic key generation from voice. In Proceedings of the 2001 IEEE Symposium on Security and Privacy, pages 202-213, 2001.
17. National Institute for Standards and Technology. Escrowed encryption standard (EES), 1994.
18. J. S. Park, R. Sandhu, and G.-J. Ahn. Role-based access control on the web. ACM Transactions on Information and System Security, 4(1) :37-71, 2001.
19. S. Pearson. Trusted agents that enhance user privacy by self-profiling. Technical Report HPL-2002-196, HP Laboratories, 2002.
20. S. Pearson. Trusted computing platforms, the next security solution. Technical Report HPL-2002-221, HP Laboratories, 2002.
21. R. L. Rivest, M. E. Hellman, J. C. Anderson, and J. W. Lyons. Responses to NIST's proposal. Communications of the ACM, 35(7):41-54, 1992.
22. R. L. Rivest and B. Lampson. SDSI-a simple distributed security infrastructure, http://theory.lcs.mit.edu/~rivest/sdsi10.ps, 1996. Presented at CRYPTO '96. Last visited: 27 May 2002.
23. R. S. Sandhu, E. J. Coyne, H. L. Feinnstein, and C. E. Youman. Role-based access control models. IEEE Computer, 29(2) :38-47, 1996.
24. R. S. Sandhu and P. Samarati. Access control: principles and practice. IEEE Communications, 32(9):40-48, 1994.
25. M. A. Sasse. Private communication at NSPW 2003 with Carrie Gates. 20 August 2003.
26. M. A. Sasse, S. Brostoff, and D. Weirich. Transforming the 'weakest link' -a human/computer interaction approach to usable and effective security. BT Technology Journal, 19(3):122-131, 2001.
27. Secure Electronic Transactions - Devices, U.S. Army. Common access card (CAC). https://setdweb.setd.army.mil/cac/whatiscac.htm. Last visited: 17 July 2003.
28. M. Slemko. Microsoft passport to trouble. http://alive.znep.com/~marcs/ passport/, 2001. Last visited: 17 July 2003.
29. K. Toth and M. Subramanium. The persona concept: a consumer-centered identity model, http://eecs.oregonstate.edu/ktoth/other/TrustBus03-Persona- Toth&Subram%aniumV1. pdf. Last visited: 15 July 2003.
30. A. Whitten and J. Tygar. Why Johnny can't encrypt: A usability evaluation of PGP 5.0. In Proceedings of the 8th USENIX Security Symposium, pages 169-184, Washington, D.C., 1999. Usenix. August 23-26, 1999.