The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Ethical yet realistic evaluation of usable security mechanisms is both critical and challenging. We study a particular and important case: the security achieved by different defenses against phishing, where users play a key role in detecting the attacks. We argue that proper evaluation of such anti-phishing defenses, requires users to act `naturally??, similarly to their real-life behavior, without...
We draw an ethical analogy between Internet freedom efforts and humanitarian aid work. This parallel motivates a number of ethical questions relating to anonymity and censorship-circumvention research.
Recently, several research papers in the area of information security were published that may or may not be considered unethical. Looking at these borderline cases is relevant as today??s research papers will influence how young researchers conduct their research. In this paper we discuss fundamental ethical principles and their role in recent literature.We argue that the establishment of ethical...
We argue that a common ethical justification for computer security research reflects a na??vely utilitarian bias, and that this justification would be rejected under other ethical theories. By examining this issue, we hope to raise the ethical bar for security research and suggest some ways that this problem might be addressed using ideas from computer and information ethics.
The concept of data access and data flow control has a central role in the preservation of users?? privacy in social software. Various frameworks employ access control and accountability approaches to enable users to control who can access their data, and identify who is accountable for misconduct. The technical and legal frameworks realise these two approaches differently. This paper presents the...
Does participating in privacy research benefit the participant; if so, under what conditions? How do we measure the risk and benefit of participation of privacy and security research? In this paper we describe an experiment in which we requested anonymized information in the form of hashed contacts lists. The response to the request brought forward not only another example of the privacy paradox (people...
Accountability is a requirement to be included in the initial design phase of systems because of its strong impact on log architecture implementation. As an illustration, the logs we examine here record actions by data controllers handling personally identifiable information to deliver services to data subjects. The structures of those logs seldom consider requirements for accountability, preventing...
Usage control enforcement is currently voluntary,due to a number of technical difficulties that cannot be ad-dressed by means of purely cryptographic techniques. So, itis commonly argued that purely technical measures should becomplemented by surveillance activities and sanctions prescribedby law. The effectiveness of such measures can - and should - be formally analyzed through game theoretic techniques...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.