We show that the time web sites take to respond to HTTP requests can leak private information, using two different types of attacks. The first, direct timing, directly measures re...
Single sign-on is critical for the usability of distributed systems. While there are several authentication mechanisms which support single sign-on (e.g. Kerberos and X.509), it m...
Private information about individuals that engage in e-commerce business transactions is of economic value to businesses for market analysis and for identifying possible future par...
Distributed programming has shifted from private networks to the Internet using heterogeneous Web APIs. This enables the creation of situational applications of composed services ...
When termination of a program is observable by an adversary, confidential information may be leaked by terminating accordingly. While this termination covert channel has limited ...
Deian Stefan, Alejandro Russo, Pablo Buiras, Amit ...