Category Archives: web security

August 19, 2011

Towards Usable Web Single Sign-On

OpenID is an open and promising Web single sign-on (SSO) solution. The research led by my Ph.D. student San-Tsai Sun investigates the challenges and concerns web users face when using OpenID for authentication, and identifies what changes in the login … Continue reading →

Leave a Comment

Filed under distributed systems security, mental models of security, usable security, web security, web single sign on

March 6, 2011

Have users signed up?

I participated in a panel “Password Managers, Single Sign-On, Federated ID: Have users signed up?” at Workshop on The Future of User Authentication and Authorization on the Web: Challenges in Current Practice, New Threats, and Research Directions, which was collocated … Continue reading →

Leave a Comment

Filed under human factos in security, mental models of security, usable security, web single sign on

February 25, 2011

Is OpenID too Open? Technical, Business, and Human Issues That Get in the Way of OpenID and Ways of Addressing Them

The web is essential for business and personal activities well beyond information retrieval, such online banking, financial transactions, and payment authorization, but reliable user authentication remains a challenge. OpenID is a mainstream Web single sign-on (SSO) solution intended for Internet-scale … Continue reading →

Leave a Comment

Filed under business factors in security, human factos in security, usable security, web security, web single sign on

February 20, 2011

CHI Work in Progress to Feature LERSSE Research

This year, in Vancouver, Work In Progress Posters session of SIG CHI Conference will feature three research projects of my graduate students.

Leave a Comment

Filed under IT security management, mental models of security, usable security, web security, web single sign on

February 13, 2011

Undergrad Security Course Features Cool Projects

Students in my undergraduate computer security course had done several excellent projects. You can watch video clips of the projects or read reports.

Leave a Comment

Filed under human factos in security, other, usable security, web security

February 8, 2011

Lessons learned from studying users’ mental models of security

I gave a talk at Microsoft Research on user mental models of security. Continue reading →

Leave a Comment

Filed under mental models of security, usable security, web security

January 11, 2011

Single Sign On on the Web: What’s broken and What can be fixed?

With Ph.D. student San-Tsai Sun, we have been investigating single-sign-on for Web.

Leave a Comment

Filed under mental models of security, usable security, web security

July 16, 2010

SOUPS Features LERSSE Research

LERSSE graduate students presented their research at the Symposium on Usable Security Privacy and Security (SOUPS). Here is a summary of the presented research: Continue reading →

Leave a Comment

Filed under usable security, web security

Category Archives: web security

Towards Usable Web Single Sign-On

Have users signed up?

Is OpenID too Open? Technical, Business, and Human Issues That Get in the Way of OpenID and Ways of Addressing Them

CHI Work in Progress to Feature LERSSE Research

Undergrad Security Course Features Cool Projects

Lessons learned from studying users’ mental models of security

Single Sign On on the Web: What’s broken and What can be fixed?

SOUPS Features LERSSE Research

LERSSE founder and director

Associate Professor, Ph.D., P.Eng.
Electrical and Computer Engineering
University of British Columbia

latest news

projects

misc

recent papers

Category Archives: web security

LERSSE founder and director

Associate Professor, Ph.D., P.Eng. Electrical and Computer Engineering University of British Columbia

latest news

research interests

projects

misc

Associate Professor, Ph.D., P.Eng.
Electrical and Computer Engineering
University of British Columbia