Red Button and Yellow Button: Usable Security for Lost Security Tokens

Currently, losing a security token places the user in a dilemma: reporting the loss as soon as it is discovered involves a significant burden which is usually overkill in the common case that the token is later found behind a sofa. Not reporting the loss, on the other hand, puts the security of the protected account at risk and potentially leaves the user liable. We propose a simple architectural solution with wide applicability that allows the user to reap the security benefit of reporting the loss early, but without paying the corresponding usability penalty if the event was later discovered to be a false alarm.The authors with a Cambridge affiliation are grateful to the European Research Council for funding this research through grant StG 307224 (Pico). Goldberg thanks NSERC for grant RGPIN-341529. We also thank the workshop attendees for comments

Intentionality and Agency in Security

Weiser [13] said that the best software is that which just blends in and disap- pears. Security software has been at odds with this principle as it attempts to attract user attention whenever possible—it has been largely designed to be visible to the user and ask them to take action. For example, anti-virus software proudly notifies the user how many viruses it has stopped while websites dis- play padlocks and security seals. Users are disrupted in their work by security notifications, asked to read warnings and decide whether they want to heed or ignore them.ERC 30722

Exploiting linked data to create rich human digital memories

Memories are an important aspect of a person's life and experiences. The area of human digital memories focuses on encapsulating this phenomenon, in a digital format, over a lifetime. Through the proliferation of ubiquitous devices, both people and the surrounding environment are generating a phenomenal amount of data. With all of this disjointed information available, successfully searching it and bringing it together, to form a human digital memory, is a challenge. This is especially true when a lifetime of data is being examined. Linked Data provides an ideal, and novel, solution for overcoming this challenge, where a variety of data sources can be drawn upon to capture detailed information surrounding a given event. Memories, created in this way, contain vivid structures and varied data sources, which emerge through the semantic clustering of content and other memories. This paper presents DigMem, a platform for creating human digital memories, based on device-specific services and the user's current environment. In this way, information is semantically structured to create temporal "memory boxes" for human experiences. A working prototype has been successfully developed, which demonstrates the approach. In order to evaluate the applicability of the system a number of experiments have been undertaken. These have been successful in creating human digital memories and illustrating how a user can be monitored in both indoor and outdoor environments. Furthermore, the user's heartbeat information is analysed to determine his or her heart rate. This has been achieved with the development of a QRS Complex detection algorithm and heart rate calculation method. These methods process collected electrocardiography (ECG) information to discern the heart rate of the user. This information is essential in illustrating how certain situations can make the user feel. (C) 2013 Elsevier B.V. All rights reserved.

Spin-orbit splitting of image states

We quantify the effect of the spin-orbit interaction on the Rydberg-like series of image state electrons at the (111) and (001) surface of Ir, Pt and Au. Using relativistic multiple-scattering methods we find Rashba-like dispersions with Delta E(K)=gamma K with values of gamma for n=1 states in the range 38-88 meV Angstrom. Extending the phase-accumulation model to include spin-orbit scattering we find that the splittings vary like 1/(n+a)^3 where a is the quantum defect and that they are related to the probability of spin-flip scattering at the surface. The splittings should be observable experimentally being larger in magnitude than some exchange-splittings that have been resolved by inverse photoemission, and are comparable to linewidths from inelastic lifetimes.Comment: 10 pages, 4 figure

Common etiological architecture underlying reward responsiveness, externally driven eating behaviors, and BMI in childhood: findings from the Gemini twin cohort

Background: Studies have reported that impulsivity predicts childhood BMI and that the association is mediated by eating behaviors. One aspect of impulsivity—potentially crucial in the obesity context—is reward responsiveness, which may predispose to responsiveness to palatable food cues. The behavioral susceptibility theory hypothesizes that genetic susceptibility to obesity operates partly via genetically determined differences in appetite regulation. Reward responsiveness may therefore be one of the neuro-endophenotypes that mediates genetic susceptibility to obesity. Objective: To test whether reward responsiveness, eating behaviors, and child BMI share common genetic architecture. Methods: We examined reward responsiveness, eating behaviors, and BMI in 5-year-old children from Gemini, a UK birth cohort of 2402 twin pairs born in 2007. All measures were collected by parent report. Reward responsiveness was derived from the Behavioral Approach System. Compulsion to eat and eating for pleasure was measured with the “food responsiveness” scale of the Child Eating Behavior Questionnaire. Wanting to eat in response to environmental food cues was measured with the “external eating” scale of the Dutch Eating Behavior Questionnaire. Maximum-likelihood structural equation modeling was used to establish underlying common genetic and environmental influences. Results: There were significant positive phenotypic correlations between all traits except for reward responsiveness and BMI. Genetic factors explained the majority of the association between food responsiveness and external eating (74%, 95% CI: 61, 87), whereas common shared environmental factors explained the majority of the associations between reward responsiveness with both food responsiveness (55%, 95% CI: 20, 90) and external eating (70%, 95% CI: 39, 100). Conclusions: Our study demonstrates the importance of common environmental factors in the shared etiology between reward responsiveness and childhood eating behaviors. However, the common etiology underlying both reward responsiveness and BMI is unclear, as there was no phenotypic correlation between reward responsiveness and BMI at this age. Further longitudinal research needs to detangle this complex relationship throughout development

Deploying authentication in the wild: Towards greater ecological validity in security usability studies

Abstract Pico is a token-based login method that claims to be simultaneously more usable and more secure than passwords. It does not ask users to remember any secrets, nor to type one-time passwords. We evaluate Pico’s claim with two deployments and user studies, one on a web-based service and another within an organization. Our main aim is to collect actionable intelligence on how to improve the usability and deployability of Pico. In our first study we team up with an established website, Gyazo, to offer this alternative login mechanism to users intent on performing a real task of image sharing. From the lessons of this first study, we retarget Pico’s focus from replacing web passwords to replacing desktop login passwords; and thus in our second study we engage with a government organization, Innovate UK, to offer employees the ability to lock and unlock their computer automatically based on proximity. We focus particularly on the ecological validity of the trials and we thereby gain valuable insights into the viability of Pico, not only through the actual responses from the participants but also through the many practical challenges we had to face and overcome. Reflecting on the bigger picture, from our experience we believe the security usability community would greatly benefit from pushing towards greater ecological validity in published work, despite the considerable difficulties and costs involved.This work was supported by the European Research Council (ERC) [StG 307224, Pico, to FMS] and the extended visits of Gyazo inventor and CTO Masui to Cambridge were supported by the Engineering and Physical Sciences Research Council (EPSRC) [EP/M019055/1, Future authentication systems, to FMS]

The pharmaceutical use of permethrin: Sources and behavior during municipal sewage treatment

This is the author's accepted manuscript. The final published article is available from the link below. Copyright @ 2010 Springer Science+Business Media, LLC.Permethrin entered use in the 1970s as an insecticide in a wide range of applications, including agriculture, horticultural, and forestry, and has since been restricted. In the 21st century, the presence of permethrin in the aquatic environment has been attributed to its use as a human and veterinary pharmaceutical, in particular as a pedeculicide, in addition to other uses, such as a moth-proofing agent. However, as a consequence of its toxicity to fish, sources of permethrin and its fate and behavior during wastewater treatment are topics of concern. This study has established that high overall removal of permethrin (approximately 90%) was achieved during wastewater treatment and that this was strongly dependent on the extent of biological degradation in secondary treatment, with more limited subsequent removal in tertiary treatment processes. Sources of permethrin in the catchment matched well with measured values in crude sewage and indicated that domestic use accounted for more than half of the load to the treatment works. However, removal may not be consistent enough to achieve the environmental quality standards now being derived in many countries even where tertiary treatment processes are applied.United Utilities PL

Plasma Physics

Contains reports on eight research projects.U. S. Atomic Energy Commission (Contract AT(30-1)-1842)U. S. Navy (Office of Naval Research) under Contract Nonr-1841(42