Key Management for Secure Power SCADA

This thesis proposes a key management protocol for secure power SCADA systems that seeks to take advantage of the full security capacity of a given network by allowing devices to use public key cryptography for key management if they are capable of doing so and reverting to symmetric key cryptography only when such use is necessitated by the weakness of a given device. Allowing devices to obtain different levels of security permits SCADA networks to maximize their security in the decades before such networks are capable of implementing fully public key-based key management protocols. Such a system is obtained through the use of a protocol based on a modified version of SSL using X.509 certificates containing encrypted symmetric keys that allow master devices the option of using the symmetric keys for encrypting the shared secret used to create keying material, instead of using a slave device\u27s public key. This thesis presents the protocol and uses proof-of-concept code to carry out a performance evaluation of the key management scheme

The Post Anachronism: The Temporal Dimension of Facebook Privacy

This paper reports on two studies that investigate empirically how privacy preferences about the audience and emphasis of Facebook posts change over time. In a 63-participant longitudinal study, participants gave their audience and emphasis preferences for up to ten of their Facebook posts in the week they were posted, again one week later, and again one month later. In a 234-participant retrospective study, participants expressed their preferences about posts made in the past week, as well as one year prior. We found that participants did not want content to fade away wholesale with age; the audience participants wanted to be able to access posts remained relatively constant over time. However, participants did want a handful of posts to become more private over time, as well as others to become more visible. Participants ’ predictions about how their preferences would change correlated poorly with their actual changes in preferences over time, casting doubt on ideas for setting an expiration date for content. Although older posts were seen as less relevant and had often been forgotten, participants found value in these posts for reminiscence. Surprisingly, we observed few concerns about privacy or self-presentation for older posts. We discuss our findings ’ implications for retrospective privacy mechanisms

I Know Where You Live: Analyzing Privacy Protection in Public Databases (CMU-CyLab-11-015)

Policymakers struggle to determine the proper tradeoffs between data accessibility and data-subject privacy as public records move online. For example, Allegheny County, Pennsylvania recently eliminated the ability to search the county property assessment database using property owners' names. We conducted a user study to determine whether this strategy provides effective privacy protection against a non-expert adversary. We found that removing search by name provides some increased privacy protection, because some users were unable to use other means to determine the address of an individual. However, this privacy protection is limited, and interface usability problems presented a comparable barrier. Our analysis suggests that if policymakers use removal of search by name as a privacy mechanism they should attempt to mitigate usability issues that can hinder legitimate use of public records databases.</p

Improving Computer Security Dialogs

Part 1: Long and Short PapersInternational audienceSecurity dialogs warn users about security threats on their computers; however, people often ignore these important communications. This paper explores the links between warning dialog design and user understanding of, motivation to respond to, and actual response to computer security warnings. We measured these variables through a 733-participant online study that tested a set of four existing computer security warnings and two redesigned versions of each across low- and high-risk conditions. In some cases our redesigned warnings significantly increased participants’ understanding and motivation to take the safest action; however, we were not able to show that participants’ responses were differentiated between low and high risk conditions. We also observed that motivation seemed to be a more important predictor of taking the safest action than understanding. However, other factors that may contribute to this behavior warrant further investigation