OS Security Rethinking Permission Granting in Modern Operating Systems
|
|
|
- Maximilian Lindsey
- 6 years ago
- Views:
Transcription
1 Rethinking Permission Granting in Modern Operating Systems Joe Miner Nicholas Fouche Department of Electrical & Computer Engineering Missouri University of Science and Technology 28 November 2016 rev Nicholas Fouche
2 Introduction Overview Outline State of the Art in Permission Granting Goals and Context User-Driven Access Control Implementation Evaluation Conclusion
3 Introduction Overview Introduction State of the Art in Permission Granting Goals and Context User-Driven Access Control Implementation Evaluation Conclusion
4 Overview Modern platforms such as ios, Android, Windows 8, and web browsers use user-owned resources. This is inefficient and ineffective in producing a secure environment. To improve the security of platforms, the use of userdriven access control is proposed; user intent would be captured via access control gadgets.
5 Overview State of the Art in Permission Granting Introduction State of the Art in Permission Granting Goals and Context User-Driven Access Control Implementation Evaluation Conclusion
6 State of the Art in Permission Granting The existing permission granting methods are: Global Resources Manifests Prompts No Access
7 State of the Art in Permission Granting Global Resources Globalizing resources for applications User-Friendly Allows unintended accesses with least amount of priviledges Contradicts user expectations of privacy
8 State of the Art in Permission Granting Manifests Are install-time agreements Allow Permanent Access to resources once user agrees Applications can access resources at any time Many applications ask for excessive permissions than needed Very little security here
9 Prompts State of the Art in Permission Granting Closest to verifying user intent Little effectiveness Teaches users to ignore other prompts
10 State of the Art in Permission Granting No Access System that does not allow applications to access userowned resources (i.e. Web Applications) Browser plugins are an exception since they have access to all user-owned resources
11 Introduction Overview Goals and Context State of the Art in Permission Granting Goals and Context User-Driven Access Control Implementation Evaluation Conclusion
12 Goals and Context Goals of Permission Granting are: They are in-context (unlike manifests) They are non-disruptive (unlike prompts) They are least-privileged (unlike current systems)
13 System Model Goals and Context Ref: RKM+2012
14 Goals and Context User-Owned Resources are defined as: Devices and sensors (physical and virtual) User-Controlled capabilities and settings Content (i.e. documents, photos, etc.)
15 User-Driven Access Control Introduction State of the Art in Permission Granting Goals and Context User-Driven Access Control Implementation Evaluation Conclusion
16 User-Driven Access Control Designing a non-intrusive Access Control Gadget (ACG) Ref: [RKM+2012]
17 User-Driven Access Control In order to have a useful ACG we need: Built-in permission granting in applications UI A way to obtain the user s authentic permission granting intent from interaction with the application UI Ref: [RKM+2012]
18 Ensuring integrity with ACGs Display isolation Complete Visibility Sufficient Display Duration User-Driven Access Control Disallow Customization, Limit Dynamic Customization, or Review Process of Customization Joe Miner
19 Implementation Introduction State of the Art in Permission Granting Goals and Context User-Driven Access Control Implementation Evaluation Conclusion
20 Implementation In order to implement the new ACG style we must: Build the kernel such that it captures user intent via ACGs Joe Miner Appropriate the Resource Monitor (RM) to act on the user s intent Type Call Name Description syscall upcall upcall upcall upcall InitContentTransfer (push or pull, dest or src) StartUp (gadgetid, appid, apphandle) InputEvent (gadgetid or inputsequence, appid, apphandle) LostFocus (gadgetid, appid, apphandle) EmbeddingAppExit (gadgetid, appid, apphandle) Triggers the kernel to push or pull content from a principal Notifies monitor of a new embedded ACG Notifies monitor of an ACG input event or a recognized sequence Notifies monitor when an ACG loses focus Notifies monitor when application embedding an ACG exits Ref: [RKM+2012] Table 1: System Calls and UpCalls for Resource Monitor
21 Implementation Joe Miner Type Call Name Description syscall EmbedACG (location, resource, type, duration) Embeds an ACG in the calling application s UI upcall upcall upcall PullContent (windowid, eventname, eventargs) PushContent (windowid, eventname, eventargs) IntermediateEvent (windowid, eventname, eventargs) Pulls content from a principal based on user intent Pushes content to a principal based on user intent Issues a DragEnter, DragOver, or DragLeave to a principal upcall IsDraggable (windowid, x, y) Determines if the object under the cursor is draggable upcall Ref: [RKM+2012] Table 2: System Calls and UpCalls for Applications CheckNestedPermission (windowid, nestedapp, acgtype) Determines if a nested application may embed an ACG
22 Evaluation Introduction State of the Art in Permission Granting Goals and Context User-Driven Access Control Implementation Evaluation Conclusion
23 Evaluation showed that: Evaluation Joe Miner Illegitimate access to user-owned resources is a real problem today and will likely become the dominant source of vulnerabilities in the future User-Driven Access control best matches the user s expectations Significantly Reduced Privacy threats Attackers have a very limited means of exploiting Developers can easily incorporate user-driven access control measures User-Driven access control methods don t severely limit customization The Performance impact is negligible
24 Conclusion Introduction State of the Art in Permission Granting Goals and Context User-Driven Access Control Implementation Evaluation Conclusion
25 Conclusion User-driven access control is more secure and more efficient Increasing the privacy of users Non-disruptive to users, in-context to users, and uses the least-privileged permission system Evaluations confirm these facts
26 References [RKM+2012] Franziska Roesner, Tadayoshi Kohno, Alexander Moshchuk, Bryan Parno, Helen J. Wang, and Crispin Cowan, User-Driven Access Control: Rethinking Permission Granting in Modern Operating Systems, in Proceedings of the IEEE Symposium on Security and Privacy (SP), San Francisco, CA, May 2012, pp
27 End of Foils Joe Miner
Security, Privacy, & User Expectations:
Security, Privacy, & User Expectations: Case Studies in Web Tracking and Application Permissions Franziska Roesner Assistant Professor Computer Science & Engineering University of Washington Security,
Securing Embedded User Interfaces: Android and Beyond. Franziska Roesner and Tadayoshi Kohno University of Washington
Securing Embedded User Interfaces: Android and Beyond Franziska Roesner and Tadayoshi Kohno University of Washington Embedded User Interfaces Embedded third- party UIs are common on websites and in smartphone
Security Analysis of modern Automobile
Security Analysis of modern Automobile Dixit Verma Department of Electrical & Computer Engineering Missouri University of Science and Technology dv6cb@mst.edu 20 Apr 2017 Outline Introduction Attack Surfaces
The Activity Platform
The Activity Platform Helen J. Wang, Alexander Moshchuk, Michael Gamon, Mona Haraty, Shamsi Iqbal, Eli T. Brown, Ashish Kapoor, Chris Meek, Eric Chen, Yuan Tian, Jaime Teevan, Mary Czerwinski, and Susan
CSE 484 / CSE M 584: Computer Security and Privacy. Anonymity Mobile. Autumn Tadayoshi (Yoshi) Kohno
CSE 484 / CSE M 584: Computer Security and Privacy Anonymity Mobile Autumn 2018 Tadayoshi (Yoshi) Kohno yoshi@cs.washington.edu Thanks to Dan Boneh, Dieter Gollmann, Dan Halperin, Ada Lerner, John Manferdelli,
Mobile Android Guide for Users
Mobile Android Guide for Users Version 19.01 SP-WX-MBLAND-UG-201706--R019.01 Sage 2017. All rights reserved. This document contains information proprietary to Sage and may not be reproduced, disclosed,
Chrome Extension Security Architecture
Chrome Extension Security Architecture Presenter: Jienan Liu Network, Intelligence & security Lab outline Chrome extension introduction Threats towards extension Chrome extension s security architecture
Static Verification of Android Security
Static Verification of Android Security Michele Bugliesi based on work with Stefano Calzavara and Alvise Spanò appeared at FORTE/FMOODS Int. Conf. 2013 Università Ca Foscari Venezia Dipartimento di Scienze
Finding and Exploiting Access Control Vulnerabilities in Graphical User Interfaces
Northeastern University Systems Security Lab Finding and Exploiting Access Control Vulnerabilities in Graphical User Interfaces Black Hat USA 2014 Collin Mulliner crm[at]ccs.neu.edu About Researcher at
Heartbleed Bug. Anthony Postiglione. Department of Electrical & Computer Engineering Missouri University of Science and Technology
Heartbleed Bug Anthony Postiglione Department of Electrical & Computer Engineering Missouri University of Science and Technology avp275@mst.edu rev. 14.0 Introduction What is Heartbleed? Discovery Presentation
MFA Instructions. Getting Started. 1. Go to Apps, select Play Store 2. Search for Microsoft Authenticator 3. Click Install
MFA Instructions Getting Started You will need the following: Your smartphone, a computer, and Internet access. Before using MFA your computer will need to be running Office 2016 if you use the full version
ANDROID APPS (NOW WITH JELLY BEANS!) Jordan Jozwiak November 11, 2012
ANDROID APPS (NOW WITH JELLY BEANS!) Jordan Jozwiak November 11, 2012 AGENDA Android v. ios Design Paradigms Setup Application Framework Demo Libraries Distribution ANDROID V. IOS Android $25 one-time
Centricity 2.0 Section Editor Help Card
Centricity 2.0 Section Editor Help Card Accessing Section Workspace In order to edit your section, you must first be assigned Section Editor privileges. This is done by the Director of your Site, Subsite,
Comodo LoginPro Software Version 1.0
Comodo LoginPro Software Version 1.0 User Guide Guide Version 1.0.102512 Comodo Security Solutions 1255 Broad Street STE 100 Clifton, NJ 07013 Table of Contents 1.Introduction to Comodo LoginPro... 3 1.1.System
Experimental Security Analysis of a Modern Automobile
Experimental Security Analysis of a Modern Automobile Matthias Lange TU Berlin June 29th, 2010 Matthias Lange (TU Berlin) Experimental Security Analysis of a Modern Automobile June 29th, 2010 1 / 16 Paper
Android System Architecture. Android Application Fundamentals. Applications in Android. Apps in the Android OS. Program Model 8/31/2015
Android System Architecture Android Application Fundamentals Applications in Android All source code, resources, and data are compiled into a single archive file. The file uses the.apk suffix and is used
CSE 484 / CSE M 584: Computer Security and Privacy. Web Security. Autumn Tadayoshi (Yoshi) Kohno
CSE 484 / CSE M 584: Computer Security and Privacy Web Security Autumn 2018 Tadayoshi (Yoshi) Kohno yoshi@cs.washington.edu Thanks to Dan Boneh, Dieter Gollmann, Dan Halperin, Ada Lerner, John Manferdelli,
CS 356 Operating System Security. Fall 2013
CS 356 Operating System Security Fall 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists Chapter 5 Database
The Kernel Abstraction. Chapter 2 OSPP Part I
The Kernel Abstraction Chapter 2 OSPP Part I Kernel The software component that controls the hardware directly, and implements the core privileged OS functions. Modern hardware has features that allow
The Most Dangerous Code in the Browser. Stefan Heule, Devon Rifkin, Alejandro Russo, Deian Stefan
The Most Dangerous Code in the Browser Stefan Heule, Devon Rifkin, Alejandro Russo, Deian Stefan Modern web experience Modern web experience Modern web experience Web apps Extensions NYTimes Chase AdBlock
McAfee MVISION Mobile Threat Detection Android App Product Guide
McAfee MVISION Mobile Threat Detection Android App 1809.4.7.0 Product Guide September 11, 2018 COPYRIGHT Copyright 2018 McAfee, LLC TRADEMARK ATTRIBUTIONS McAfee and the McAfee logo, McAfee Active Protection,
CSE 484 / CSE M 584: Computer Security and Privacy. Web Security. Autumn Tadayoshi (Yoshi) Kohno
CSE 484 / CSE M 584: Computer Security and Privacy Web Security Autumn 2018 Tadayoshi (Yoshi) Kohno yoshi@cs.washington.edu Thanks to Dan Boneh, Dieter Gollmann, Dan Halperin, Ada Lerner, John Manferdelli,
1 Introduction Requirements Architecture Feature List... 4
Contents 1 Introduction... 2 1.1 Requirements... 2 1.2 Architecture... 3 1.3 Feature List... 4 1.3.1 Device Compliance status... 4 1.3.2 Auto grouping for devices... 5 1.3.3 Auto grouping for applications...
VNC Connect security whitepaper. VNC Connect. Instant support FAQs
VNC Connect security whitepaper VNC Connect Instant support FAQs September 2017 Contents General FAQs... 3 Technician and end user FAQs... 5 Administration and audit FAQs... 7 General FAQs Note: For more
STONELOCK NETWORK USER MANUAL Version
STONELOCK NETWORK USER MANUAL Version 17.2.1 Table of Contents About StoneLock Pro...4 1.0 Overview 1.01...System Introduction...4 1.02...System Components...4 1.03...Installation...5-6 1.04...Uninstall...6
Introduction to Security and User Authentication
Introduction to Security and User Authentication Brad Karp UCL Computer Science CS GZ03 / M030 14 th November 2016 Topics We ll Cover User login authentication (local and remote) Cryptographic primitives,
Lecture 1: Buffer Overflows
CS5431 Computer Security Practicum Spring 2017 January 27, 2017 1 Conficker Lecture 1: Buffer Overflows Instructor: Eleanor Birrell In November 2008, a new piece of malware was observed in the wild. This
Modern Buffer Overflow Prevention Techniques: How they work and why they don t
Modern Buffer Overflow Prevention Techniques: How they work and why they don t Russ Osborn CS182 JT 4/13/2006 1 In the past 10 years, computer viruses have been a growing problem. In 1995, there were approximately
Dooblo SurveyToGo: Security Overview
Dooblo SurveyToGo: Security Overview November, 2013 Written by: Dooblo Page 1 of 11 1 Table of Contents 1 INTRODUCTION... 3 1.1 OVERVIEW... 3 1.2 PURPOSE... 3 2 PHYSICAL DATA CENTER SECURITY... 4 2.1 OVERVIEW...
CS261 Scribe Notes: Secure Computation 1
CS261 Scribe Notes: Secure Computation 1 Scriber: Cameron Rasmussen October 24, 2018 1 Introduction It is often the case that code is being run locally on our system that isn t completely trusted, a prime
MANUAL ACCORDION TOOL
MANUAL ACCORDION TOOL Accordion Tool Manual INTRODUCTION... 2 LOGGING IN TO ICREATE... 3 USING THE ACCORDION TOOL... 3 Adding an Accordion... 3 Adding Content... 4 Nested Accordions... 5 Adding Additional
Computer Security and the Internet of Things
Computer Security and the Internet of Things Tadayoshi Kohno Computer Science & Engineering University of Washington At USENIX Enigma, January 2016 The Internet of Things Door Locks Thermostats Furnaces
Secureworks Security Advisory Incorrect access control in AMAG Technologies Symmetry Edge Network Door Controllers
Secureworks Security Advisory 2017-001 Incorrect access control in AMAG Technologies Symmetry Edge Network Door Controllers Release date: December 9, 2017 Summary Incorrect access control in AMAG Technology
Software Security: Buffer Overflow Attacks
CSE 484 / CSE M 584: Computer Security and Privacy Software Security: Buffer Overflow Attacks (continued) Autumn 2018 Tadayoshi (Yoshi) Kohno yoshi@cs.washington.edu Thanks to Dan Boneh, Dieter Gollmann,
Xerox Connect App for Blackboard
Xerox Connect App for Blackboard Information Assurance Disclosure Additional information, if needed, on one or more lines Month 00, 0000 2018 Xerox Corporation. All rights reserved. Xerox,
GfK Digital Trends for Android. GfK Digital Trends Version 1.21
GfK Digital Trends for Android GfK Digital Trends Version 1.21 Effective Date: 15 th September 2015 Table of Contents 1 System Requirements... 1 2 Download and Installation... 2 2.1 Downloading from the
Dear Beckman Coulter Customer, AutoMate 2500 Family System Security Update
Dear Beckman Coulter Customer, AutoMate 2500 Family System Security Update WannaCry ransomware first appeared on Friday, May 12, 2017. Since then, WannaCry has attacked computers worldwide, spreading itself
McAfee MVISION Mobile epo Extension Product Guide
McAfee MVISION Mobile epo Extension 1809 Product Guide September 11, 2018 COPYRIGHT Copyright 2018 McAfee, LLC TRADEMARK ATTRIBUTIONS McAfee and the McAfee logo, McAfee Active Protection, epolicy Orchestrator,
Combatting Browser Fingerprinting with ChromeDust
Combatting Browser Fingerprinting with ChromeDust Ram Bhaskar Rishikesh Tirumala Timmy Galvin 6.858 Final Project (Lab 7) December 12, 2013 Introduction
Actionable User Intentions for Real-Time Mobile Assistant Applications
Actionable User Intentions for Real-Time Mobile Assistant Applications Thimios Panagos, Shoshana Loeb, Ben Falchuk Applied Research, Telcordia Technologies One Telcordia Drive, Piscataway, New Jersey,
Cambium Wireless Manager
Cambium Wireless Manager Client Setup Guide System Release 4.2 and Later Issue 1 November 2014 2014 Cambium Networks. All Rights Reserved. Accuracy While reasonable efforts have been made to assure the
ForeScout Extended Module for Carbon Black
ForeScout Extended Module for Carbon Black Version 1.0 Table of Contents About the Carbon Black Integration... 4 Advanced Threat Detection with the IOC Scanner Plugin... 4 Use Cases... 5 Carbon Black Agent
Kathleen Fisher Program Manager, Information Innovation Office
Kathleen Fisher Program Manager, Information Innovation Office High Assurance Systems DARPA Cyber Colloquium Arlington, VA November 7, 2011 Report Documentation Page Form Approved OMB No. 0704-0188 Public
SP Project 2 Basic SMACK features
SP Project 2 Basic SMACK features 1 Tizen project flow Project 0 Tizen Porting to Odroid-U3 Project 1 Tizen web application development Tizen dev. environment build Tizen application development Tizen
Login with Amazon. Customer Experience Overview for Android/Fire apps
Login with Amazon Customer Experience Overview for Android/Fire apps Customer Experience Overview for Android/Fire apps Copyright 2017 Amazon Services, LLC or its affiliates. All rights reserved. Amazon
MFA Pilot Instructions
MFA Pilot Instructions Getting Started You will need the following: Your smartphone, a computer, and Internet access. Before using MFA your computer will need to be running Office 2016. If you are still
The essential guide to creating a School Bring Your Own Device Policy. (BYOD)
The essential guide to creating a School Bring Your Own Device Policy. (BYOD) Contents Introduction.... 3 Considerations when creating a BYOD policy.... 3 General Guidelines for use (Acceptable Use Policy)....
MANAGING ANDROID DEVICES: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL VMware Workspace ONE
GUIDE APRIL 2019 PRINTED 17 APRIL 2019 MANAGING ANDROID DEVICES: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL VMware Workspace ONE Table of Contents Overview Introduction Audience Getting Started with Android
VAM. ADFS 2FA Value-Added Module (VAM) Deployment Guide
VAM ADFS 2FA Value-Added Module (VAM) Deployment Guide Copyright Information 2018. SecureAuth is a registered trademark of SecureAuth Corporation. SecureAuth s IdP software, appliances, and other products
Midterm Exam CPS 210: Operating Systems Spring 2013
Your name: Sign for your honor: Midterm Exam CPS 210: Operating Systems Spring 2013 The last page of this exam is a list of terms used in this class, and whose meanings you should know. You may detach
LightUp Studio. Evaluation Guide CONTENTS. Introduction Creating Integrated App Launcher Tiles and Help Desk Links to the Training Portal...
LightUp Studio Evaluation Guide CONTENTS Introduction... 2 Creating Integrated App Launcher Tiles and Help Desk Links to the Training Portal... 3 Controlling the Visibility of Libraries in the Training
The Multi-Principal OS Construction of the Gazelle Web Browser. Helen J. Wang, Chris Grier, Alex Moshchuk, Sam King, Piali Choudhury, Herman Venter
The Multi-Principal OS Construction of the Gazelle Web Browser Helen J. Wang, Chris Grier, Alex Moshchuk, Sam King, Piali Choudhury, Herman Venter Browser as an application platform Single stop for many
Getting started with UCC VirtualApp
UNIVERSITY COLLEGE CORK Getting started with UCC VirtualApp Information Services Procedure Version 1.1 Killian Cholbi The following document outlines the procedure that members of staff will follow to
Adversary Models. CPEN 442 Introduction to Computer Security. Konstantin Beznosov
Adversary Models CPEN 442 Introduction to Computer Security Konstantin Beznosov why we need adversary models? attacks and countermeasures are meaningless without 2 elements of an adversary model objectives
Comodo SecureBox Management Console Software Version 1.9
np2 Comodo SecureBox Management Console Software Version 1.9 End User Guide Guide Version 1.9.032817 Comodo Security Solutions 1255 Broad Street Clifton, NJ 07013 Table of Contents 1.Comodo Secure Box
Some example UW security lab projects, related to emerging technologies. Tadayoshi Kohno CSE 484, University of Washington
Some example UW security lab projects, related to emerging technologies Tadayoshi Kohno CSE 484, University of Washington Wireless Implantable Medical Devices Computation and wireless capabilities lead
MC Android Programming
MC1921 - Android Programming Duration: 5 days Course Price: $3,395 Course Description Android is an open source platform for mobile computing. Applications are developed using familiar Java and Eclipse
SALTO GRAPHICAL MAPPING MANUAL. Version 1.0
SALTO GRAPHICAL MAPPING MANUAL Version 1.0 Historic of changes Version Status Date Author Change description 1.0 Official 28/11/2012 Aitor Apalategi First version of the manual 2 INDEX 1. Introduction...
LET S TALK MONEY. Fahad Pervaiz. Sam Castle, Galen Weld, Franziska Roesner, Richard Anderson
LET S TALK MONEY Fahad Pervaiz Sam Castle, Galen Weld, Franziska Roesner, Richard Anderson Unbanked Population Branchless Banking Bank/Financial Institute Bank of America, Standard Chartered Bank Telecommunication
Mobility meets Web. Al Johri & David Elutilo
Mobility meets Web Al Johri & David Elutilo Origin-Based Access Control in Hybrid Application Frameworks Outline 1. Introduction Hybrid Apps & Frameworks 2. Security Models 3. Bridges 4. Fracking 5. Existing
Security and privacy in the smartphone ecosystem: Final progress report
Security and privacy in the smartphone ecosystem: Final progress report Alexios Mylonas Athens University of Economics & Business Overview 2 Research Motivation Related work Objective Approach Methodology
Firefox OS App Days. Overview and High Level Architecture. Author: José M. Cantera Last update: March 2013 TELEFÓNICA I+D
Firefox OS App Days Overview and High Level Architecture Author: José M. Cantera (@jmcantera) Last update: March 2013 TELEFÓNICA I+D 1 Introduction What is Firefox OS? A new mobile open OS fully based
Securing the Smart Grid. Understanding the BIG Picture 11/1/2011. Proprietary Information of Corporate Risk Solutions, Inc. 1.
Securing the Smart Grid Understanding the BIG Picture The Power Grid The electric power system is the most capital-intensive infrastructure in North America. The system is undergoing tremendous change
Blockchain-based Firmware Update Framework for Internet-of-Things Environment
Int'l Conf. Information and Knowledge Engineering IKE'18 151 Blockchain-based Firmware Update Framework for Internet-of-Things Environment Alexander Yohan 1, Nai-Wei Lo 2, Suttawee Achawapong 3 Department
UTM Firewall Registration & Activation Manual DFL-260/ 860. Ver 1.00 Network Security Solution
UTM Firewall Registration & Activation Manual DFL-260/ 860 Ver 1.00 curitycu Network Security Solution http://security.dlink.com.tw 1.Introduction...02 2.Apply for a D-Link Membership...03 3.D-Link NetDefend
Android Application Development Course Code: AND-401 Version 7 Duration: 05 days
Let s Reach For Excellence! TAN DUC INFORMATION TECHNOLOGY SCHOOL JSC Address: 103 Pasteur, Dist.1, HCMC Tel: 08 38245819; 38239761 Email: traincert@tdt-tanduc.com Website: www.tdt-tanduc.com; www.tanducits.com
/ tel: / tel:
nsteptoe@dcccd.edu / tel: 972-669-6464 jchi@dcccd.edu / tel: 214-576-0919 Table of Contents Introduction... 3 Anonymous Grading... 4 Delegated Grading... 6 Reconcile Grades... 7 SafeAssign Integration...
Honours/Master/PhD Thesis Projects Supervised by Dr. Yulei Sui
Honours/Master/PhD Thesis Projects Supervised by Dr. Yulei Sui Projects 1 Information flow analysis for mobile applications 2 2 Machine-learning-guide typestate analysis for UAF vulnerabilities 3 3 Preventing
Liferay Portal 4 - Portal Administration Guide. Joseph Shum Alexander Chow Redmond Mar Jorge Ferrer
Liferay Portal 4 - Portal Administration Guide Joseph Shum Alexander Chow Redmond Mar Jorge Ferrer Liferay Portal 4 - Portal Administration Guide Joseph Shum Alexander Chow Redmond Mar Jorge Ferrer 1.1
Mobile development initiation
Mobile development initiation Outline Mobile development: o Why? o How? o New issues Android ios 2 Mobile growth ¼ Internet access Sales of smartphones and tablets increase o + 70% tab Community 3 Why
Panaboard Overlayer User's Guide. Image Capture Software for Electronic Whiteboard (Panaboard)
Panaboard Overlayer User's Guide Image Capture Software for Electronic Whiteboard (Panaboard) Contents Introduction... 3 Functional Overview... 3 Operation Flow... 3 Abbreviations... 4 Trademarks... 4
Push Security Requirements
Push Security Requirements Candidate Version 1.0 25 Jan 2005 Open Mobile Alliance OMA-RD-PushSecurity-V1_0-20050125-C OMA-RD-PushSecurity-V1_0-20050125-C Page 2 (22) Use of this document is subject to
Multi-NVR Manager. Quick Start Configuration Usage
Multi-NVR Manager Quick Start Configuration Usage 2014. All rights are reserved. No portion of this document may be reproduced without permission. All trademarks and brand names mentioned in this publication
Customize Your Application
Customize Your Application Pega Customer Service 7.4 April 2018 Core features for initial implementation (approximately 8-10 weeks) Stated durations are estimates, and assume that installation tasks are
C1: Define Security Requirements
OWASP Top 10 Proactive Controls IEEE Top 10 Software Security Design Flaws OWASP Top 10 Vulnerabilities Mitigated OWASP Mobile Top 10 Vulnerabilities Mitigated C1: Define Security Requirements A security
Trend Micro Incorporated reserves the right to make changes to this document and to the product described herein without notice. Before installing and using the product, review the readme files, release
FinalCode Viewer User Manual
FinalCode Viewer User Manual Edition 2.3 Target: FinalCode Viewer Ver.4.30 January 7th, 2015 1 Introduction Thank you for choosing FinalCode. This manual describes how to install, and operate FinalCode
Staff Workstation Model 795
Staff Workstation Model 795 Administrator s Guide 3M Library Systems 3M Center, Building 225-4N-14 St. Paul, Minnesota 55144-1000 www.3m.com/library Copyright 2002, 2005 3M. All rights reserved. 78-8123-9059-5
Workspace ONE UEM Certificate Authentication for EAS with ADCS. VMware Workspace ONE UEM 1902
Workspace ONE UEM Certificate Authentication for EAS with ADCS VMware Workspace ONE UEM 1902 You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/
Printer Software Installation Manual Metapace T-25
Printer Software Metapace T-25 Thermal Printer Rev. 1.00 www.metapace.com Table of Contents 1. Introduction... 3 1.1. Operating Environment... 3 2. Installation... 4 3. Uninstallation... 9 4. Printer Utility...11
Settings & Notifications
Settings & Notifications CMS Settings Content Requirements Distributor Access Customs Folders DAL Settings Media Gallery Notifications NOTE: Some functions may not be available to all users depending on
The Invisible Trail: Third- Party Tracking on the Web
The Invisible Trail: Third- Party Tracking on the Web Franziska Roesner Assistant Professor Computer Science & Engineering University of Washington The Invisible Trail: Third- Party Tracking on the Web
Choosing the Right Security Assessment
A Red Team Whitepaper Choosing the Right Security Navigating the various types of Security s and selecting an IT security service provider can be a daunting task; however, it does not have to be. Understanding
Hassle-free banking in the DIGITAL AGE through NEXT-GEN. Technologies W H I T E PA P E R
Hassle-free banking in the DIGITAL AGE through NEXT-GEN Technologies W H I T E PA P E R Experience smooth transactions with the new generation of banking and payments using facial recognition. Financial
MWR InfoSecurity Security Advisory. Oracle Enterprise Manager SQL Injection Advisory. 1 st February 2010
MWR InfoSecurity Security Advisory Oracle Enterprise Manager SQL Injection Advisory 1 st February 2010 2010-11-12 Page 1 of 8 CONTENTS CONTENTS 1 Detailed Vulnerability Description... 4 1.1 Introduction...
CSE 484 / CSE M 584: Computer Security and Privacy. Usable Security. Fall Franziska (Franzi) Roesner
CSE 484 / CSE M 584: Computer Security and Privacy Usable Security Fall 2017 Franziska (Franzi) Roesner franzi@cs.washington.edu Thanks to Dan Boneh, Dieter Gollmann, Dan Halperin, Yoshi Kohno, Ada Lerner,
Pass, No Record: An Android Password Manager
Pass, No Record: An Android Password Manager Alex Konradi, Samuel Yeom December 4, 2015 Abstract Pass, No Record is an Android password manager that allows users to securely retrieve passwords from a server
AN EVALUATION OF THE GOOGLE CHROME EXTENSION SECURITY ARCHITECTURE
AN EVALUATION OF THE GOOGLE CHROME EXTENSION SECURITY ARCHITECTURE Nicholas Carlini, Adrienne Porter Felt, David Wagner University of California, Berkeley CHROME EXTENSIONS CHROME EXTENSIONS servers servers
Receiver Updater for Windows 3.0
Receiver Updater for Windows 3.0 2012 Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement Contents Receiver Updater for Windows 3.0 3 About this Release 4 System Requirements
UnCovert: Evaluating thermal covert channels on Android systems. Pascal Wild
UnCovert: Evaluating thermal covert channels on Android systems Pascal Wild August 5, 2016 Contents Introduction v 1: Framework 1 1.1 Source...................................... 1 1.2 Sink.......................................
Defend Against the Unknown
Defend Against the Unknown Stay ahead of new threats with McAfee Endpoint Threat Defense solutions Targeted exploits. Ransomware. Explosive growth in zero-day malware. Organizations are locked in an ongoing
Sheila Warren, VP of Alliances and General Counsel. Independent Sector Preparing to Be Hacked October 2015
Sheila Warren, VP of Alliances and General Counsel Independent Sector Preparing to Be Hacked October 2015 TechSoup San Francisco, CA Our mission is to build a dynamic bridge that enables design and implementation
Jaringan Komputer (CCNA-1)
Jaringan Komputer (CCNA-1) #2 Configuring a Network Operating System Susmini I. Lestariningati, M.T Introduction (1) Home networks typically interconnect a wide variety of end devices including PCs, laptops,
HP Sure Start Gen3. Table of contents. Available on HP Elite products equipped with 7th generation Intel Core TM processors September 2017
Technical white paper Gen3 7th generation Intel Core TM processors September 2017 Table of contents 1 Gen3... 2 1.1 Background... 2 1.2 Gen3 overview... 2 1.3 Runtime Intrusion Detection (RTID)... 2 1.3.1
Spark Quick Reference Guide
Spark Quick Reference Guide Making Teamwork Simpler Spark simplifies teamwork by making communication seamless. Send messages, share files, and meet with different teams, all in one place. Easily pull
GFI EventsManager 8 ReportPack. Manual. By GFI Software Ltd.
GFI EventsManager 8 ReportPack Manual By GFI Software Ltd. http://www.gfi.com E-Mail: info@gfi.com Information in this document is subject to change without notice. Companies, names, and data used in examples
Using Threat Analytics to Protect Privileged Access and Prevent Breaches
Using Threat Analytics to Protect Privileged Access and Prevent Breaches Under Attack Protecting privileged access and preventing breaches remains an urgent concern for companies of all sizes. Attackers
RMU-IT-SEC-01 Acceptable Use Policy
1.0 Purpose 2.0 Scope 2.1 Your Rights and Responsibilities 3.0 Policy 3.1 Acceptable Use 3.2 Fair Share of Resources 3.3 Adherence with Federal, State, and Local Laws 3.4 Other Inappropriate Activities
McAfee Embedded Control
McAfee Embedded Control System integrity, change control, and policy compliance in one solution McAfee Embedded Control maintains the integrity of your system by only allowing authorized code to run and
Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation
Defense-in-Depth Against Malicious Software Speaker name Title Group Microsoft Corporation Agenda Understanding the Characteristics of Malicious Software Malware Defense-in-Depth Malware Defense for Client