Through a variety of means, including a range of browser cache methods and inspecting the color of a visited hyperlink, client-side browser state can be exploited to track users a...
Collin Jackson, Andrew Bortz, Dan Boneh, John C. M...
Spyware infections are becoming extremely pervasive, posing a grave threat to Internet users’ privacy. Control of such an epidemic is increasingly difficult for the existing def...
With Hidden Credentials Alice can send policyencrypted data to Bob in such a way that he can decrypt the data only with the right combination of credentials. Alice gains no knowle...
We describe a new attack against web authentication, which we call dynamic pharming. Dynamic pharming works by hijacking DNS and sending the victim’s browser malicious Javascrip...
Chris Karlof, Umesh Shankar, J. Doug Tygar, David ...
By shifting the burden of proofs to the user, a proof-carrying authorization (PCA) system can automatically enforce complex access control policies. Unfortunately, managing those p...