Search For:

Displaying 1-21 out of 21 total
Not Reinventing PKI until We Have Something Better
Found in: IEEE Internet Computing
By Stephen Farrell
Issue Date:September 2011
pp. 95-98
Although X.509-based PKI has some well-known problems, they're being, or can be, addressed. In the past, those problems led to proposals for reinventing PKI based on other technologies. However, none of the proposals provided sufficient additional benefit ...
Applications Directly Using Cryptography
Found in: IEEE Internet Computing
By Stephen Farrell
Issue Date:May 2010
pp. 84-87
Sometimes, we need to use cryptographic protection from application layer code. Although requirements for this don't arise that often, when they do, they tend to be met in homegrown, ad hoc ways, and frequently without considering how to best use cryptogra...
Why Didn't We Spot That?
Found in: IEEE Internet Computing
By Stephen Farrell
Issue Date:January 2010
pp. 84-87
Recently, a previously unknown, and not particularly complex, man-in-the-middle attack appeared, affecting all versions of the Transport Layer Security (TLS) protocol. TLS and its predecessors have been in widespread use for more than a decade and have bee...
Delay- and Disruption-Tolerant Networking
Found in: IEEE Internet Computing
By Alex McMahon, Stephen Farrell
Issue Date:November 2009
pp. 82-87
Delay- and disruption-tolerant networking (DTN) grew out of attempts to develop an Interplanetary Internet but has evolved into an active area of networking research, with applications in space networking, military tactical networking, and networking for v...
Security in the Wild
Found in: IEEE Internet Computing
By Stephen Farrell
Issue Date:May 2011
pp. 86-91
<p>A team from Trinity College Dublin and Intel Labs Europe deployed a delay-tolerant network (DTN) in remote areas of the Swedish mountains for six weeks during the summer of 2010. The network provided Web and email access for reindeer herders worki...
Leaky or Guessable Session Identifiers
Found in: IEEE Internet Computing
By Stephen Farrell
Issue Date:January 2011
pp. 88-91
Many Internet and Web applications use session identifiers. Too often, developers of those applications make the bad assumption that all is well because session identifiers are only known to authorized users. However, in many cases, session identifiers can...
API Keys to the Kingdom
Found in: IEEE Internet Computing
By Stephen Farrell
Issue Date:September 2009
pp. 91-93
Many Web 2.0 services offer Web 2.0 APIs for developers to use. The author reviews one of the security mechanisms that's often included in such Web 2.0 APIs — the use of API keys — and some of the deployment issues associated with their use.
Keys Don't Grow in Threes
Found in: IEEE Internet Computing
By Stephen Farrell
Issue Date:May 2009
pp. 96, 94-95
Many Internet security mechanisms depend on the use of cryptographic algorithms for various forms of authentication and confidentiality. Even when well-known and standardized cryptographic algorithms are used in well-known protocols, some parameters must b...
Why Don't We Encrypt Our Email?
Found in: IEEE Internet Computing
By Stephen Farrell
Issue Date:January 2009
pp. 82-85
Today, almost all the programs we use to send and receive email include support for strong security mechanisms that we can apply end-to-end. But we generally don't use those — why is that? In this article, the author briefly reviews the security features a...
Portable Storage and Data Loss
Found in: IEEE Internet Computing
By Stephen Farrell
Issue Date:May 2008
pp. 90-93
Data loss or leakage occurs in many organizations, frequently with significant impacts, both in terms of incident-handling costs and of damage to the organization's reputation. The author briefly considers some recent incidents, describes some practical mi...
Security Boundaries
Found in: IEEE Internet Computing
By Stephen Farrell
Issue Date:January 2008
pp. 93-96
Security boundaries are usually defined by a set of systems that are under a single administrative control. These boundaries occur at various levels, and vulnerabilities can become apparent as data “crosses” each one. In his inaugural column, the author lo...
When TCP Breaks: Delay- and Disruption- Tolerant Networking
Found in: IEEE Internet Computing
By Stephen Farrell, Vinny Cahill, Dermot Geraghty, Ivor Humphreys, Paul McDonald
Issue Date:July 2006
pp. 72-78
The authors give an overview of current work on delay- and disruption-tolerant networking and review the overall architecture proposed by the Internet Research Task Force's Delay Tolerant Networking Research Group. Their approach to networking makes no ass...
Security Considerations in Space and Delay Tolerant Networks
Found in: Space Mission Challenges for Information Technology, IEEE International Conference on
By Stephen Farrell, Vinny Cahill
Issue Date:July 2006
pp. 29-38
This paper reviews the Internet-inspired security work on delay tolerant networking, in particular, as it might apply to space missions, and identifies some challenges arising, for both the Internet security community and for space missions. These challeng...
How to Teach a Fish to Swim
Found in: Human-Centric Computing Languages and Environments, IEEE CS International Symposium on
By Stephen Farrell, Paul P. Maglio, Christopher S. Campbell
Issue Date:September 2001
pp. 158
We have developed a virtual fish tank in which computer users are represented by animated fish. The actions and interactions of the fish in the tank are meant to reflect the actions of users in the real world. Our first attempt at creating a programming en...
Why Pervasive Monitoring Is Bad
Found in: IEEE Internet Computing
By Stephen Farrell
Issue Date:July 2014
pp. 4-7
Since June 2013, we've seen numerous revelations about pervasive monitoring (PM). Many consider this a serious abuse, one that doesn't just threaten users' privacy, but also affects important freedoms and public and private enterprise on the Internet. In t...
CRiSIS 2012 security standards tutorial
Found in: 2012 7th International Conference on Risks and Security of Internet and Systems (CRiSIS)
By Stephen Farrell
Issue Date:October 2012
pp. 1-4
This tutorial will introduce researchers to security related activities within some Internet standards development organisations (SDOs), mainly the Internet Engineering Task Force and the World Wide Web Consortium. Having reviewed basic sturcture and proce...
DTN trials and router updates
Found in: Proceedings of the 3rd Extreme Conference on Communication: The Amazon Expedition (ExtremeCom '11)
By Aidan Lynch, Alex McMahon, Kerry Hartnett, Stefan Weber, Stephen Farrell
Issue Date:September 2011
pp. 1-5
We describe DTN trials carried out as part of the N4C project over the last year. These trials took place in two locations, Padjelanta national park in northern Sweden between early July and late August 2010 and Galway, on the west coast of Ireland, during...
Harvesting with SONAR: the value of aggregating social network information
Found in: Proceeding of the twenty-sixth annual SIGCHI conference on Human factors in computing systems (CHI '08)
By Elad Shahar, Ido Guy, Michal Jacovi, Noga Meshulam, Stephen Farrell, Vladimir Soroka
Issue Date:April 2008
pp. 49-54
Web 2.0 gives people a substantial role in content and metadata creation. New interpersonal connections are formed and existing connections become evident through Web 2.0 services. This newly created social network (SN) spans across multiple services and a...
Relescope: an experiment in accelerating relationships
Found in: CHI '05 extended abstracts on Human factors in computing systems (CHI '05)
By Christopher Campbell, Stephen Farrell, Suvda Myagmar
Issue Date:April 2005
pp. 1363-1366
Busy academics and professionals are being called upon to manage more and more relationships. Many details of collaboration are accessible in digital libraries and other repositories. With Relationship-Oriented Computing, we posit that network information ...
Information programming for personal user interfaces
Found in: Proceedings of the 7th international conference on Intelligent user interfaces (IUI '02)
By Christopher S. Campbell, Paul P. Maglio, Stephen Farrell, Volkert Buchmann
Issue Date:January 2002
pp. 190-191
With widespread access to e-mail, the world-wide web, and other information sources, people now use computers more for managing information than for managing applications. To support how people naturally and routinely organize information, computers ought ...
Social and informational proxies in a fishtank
Found in: CHI '01 extended abstracts on Human factors in computer systems (CHI '01)
By Stephen Farrell
Issue Date:March 2001
pp. 365-366
This paper describes an interactive fishtank that displays on a large screen in a shared space in our research lab. Fish represent people and informational resources. People can interact with fish by tapping on the tank or typing. Fish can be personalized ...