All Papers

M. O’Neill, S. Heidbrink, J. Whitehead, T. Perdue, L. Dickinson, T. Collett, N. Bonner, K. Seamons, and D. Zappala. The Secure Socket API: TLS as an Operating System Service. 28th USENIX Security Symposium, August 2018.

S. Ruoti, J. Andersen, T. Monson, D. Zappala, and K. Seamons. A Comparative Usability Study of Key Management in Secure Email. USENIX Symposium on Usable Privacy and Security (SOUPS 2018), August 2018.

E. Vaziripour, J. Wu, M. O’Neill, D. Metro, J. Cockrell, T. Moffett, J. Whitehead, N. Bonner, K. Seamons, and D. Zappala. Action Needed! Helping Users Find and Complete the Authentication Ceremony in Signal, USENIX Symposium on Usable Privacy and Security (SOUPS 2018), August 2018.

J. Reynolds, T. Smith, K. Reese, L. Dickinson, S. Ruoti, and K. Seamons. A Tale of Two Studies: The Best and Worst of YubiKey Usability, 39th IEEE Symposium on Security and Privacy (S&P 2018), May 2018.

T. Monson, J. Reynolds, T. Smith, S. Ruoti, D. Zappala, and K. Seamons. A Usability Study of Secure Email Deletion, European Workshop on Usable Security (EuroUSEC), April 2018.

E. Vaziripour, R. Farahbakhsh, M. O’Neill, J. Wu, K. Seamons, and D. Zappala, Private But Not Secure: A Survey Of the Privacy Preferences and Practices of Iranian Users of Telegram, Workshop on Usable Security (USEC), February 2018.

S. Ruoti, K. Seamons. End-to-End Passwords, New Security Paradigms Workshop (NSPW 2017), Islamorada, Florida, October 2017.

S. Ruoti, K. Seamons, D. Zappala. Layering Security at Global Control Points to Secure Unmodified Software, IEEE Secure Development Conference (IEEE SecDev 2017), Boston, Massachusetts, September 2017. Best Paper Award.

M. O’Neill, S. Heidbrink, S. Ruoti, J. Whitehead, D. Bunker, L. Dickinson, T. Hendershot, J. Reynolds, K. Seamons, D. Zappala. TrustBase: An Architecture to Repair and Strengthen Certificate-Based Authentication, 27th USENIX Security Symposium, August 2017.

E. Vaziripour, R. Clinton, J. Wu, M. O’Neill, J. Whitehead, S. Heidbrink, K. Seamons, and D. Zappala. Is that you, Alice? A Usability Study of the Authentication Ceremony of Secure Messaging Applications, 13th Annual Symposium on Usable Privacy and Security (SOUPS 2017), Santa Clara, California, July 2017.

S. Ruoti, T. Monson, J. Wu, D. Zappala, K. Seamons. Weighing Context and Trade-offs: How Suburban Adults Selected Their Online Security Posture, 13th Annual Symposium on Usable Privacy and Security (SOUPS 2017), Santa Clara, California, July 2017. [Presentation]

M. O’Neill, S. Ruoti, K. Seamons, D. Zappala. TLS Inspection: How Often and Who Cares? IEEE Internet Computing, May/June 2017.

M. O’Neill, S. Ruoti, K. Seamons, D. Zappala. TLS Proxies: Friend or Foe?, ACM Internet Measurement Conference (IMC 2016). ACM, 2016.

S. Ruoti, J. Andersen, T. Hendershot, D. Zappala, K. Seamons. Private Webmail 2.0: Simple and Easy-to-Use Secure Email, 29th ACM Symposium on User Interface Software and Technology (UIST 2016). ACM, 2016.

A. Afanasyev, J. Halderman, S. Ruoti, K. Seamons, Y. Yu, D. Zappala, L. Zhang. Content-based Security for the Web, New Security Paradigms Workshop (NSPW 2016). ACM, 2016.

S. Ruoti, M. O’Neill, D. Zappala, K. Seamons. User Attitudes Toward the Inspection of Encrypted Traffic, 12th Annual Symposium on Usable Privacy and Security (SOUPS 2016). USENIX, 2016. [Presentation]

S. Ruoti, K. Seamons. Standard Metrics and Scenarios for Usable Authentication, 2nd Workshop on “Who Are You?! Adventures in Authentication” at the Symposium on Usable Privacy and Security (WAY 2016). USENIX, 2016. [Presentation]

S. Ruoti, J. Andersen, K. Seamons. Strengthening Passwords-based Authentication, 2nd Workshop on “Who Are You?! Adventures in Authentication” at the Symposium on Usable Privacy and Security (WAY 2016). USENIX, 2016. [Presentation]

E. Vaziripour, M. O’Neill, J. Wu, S. Heidbrink, K. Seamons, and D. Zappala. Social Authentication for End-to-End Encryption, 2nd Workshop on “Who Are You?! Adventures in Authentication” at the Symposium on Usable Privacy and Security (WAY 2016). USENIX, 2016. [Presentation]

S. Ruoti, J. Andersen, S. Heidbrink, M. O’Neill, E. Vaziripour, J. Wu, D. Zappala, K. Seamons. “We’re on the Same Page”: A Usability Study of Secure Email Using Pairs of Novice Users, Proceedings of the 34th Annual ACM Conference on Human Factors in Computing Systems (CHI 2016). ACM, 2016. Honorable Mention Award. [Presentation]

S. Ruoti, B. Roberts, K. Seamons. Authentication Melee: A Usability Analysis of Seven Web Authentication Systems, 24th Annual International Conference on World Wide Web (WWW 2015). ACM, 2015. [Presentation]

S. Ruoti, N. Kim, B. Burgon, T.W. van der Horst, and K. Seamons. Confused Johnny: When Automatic Encryption Leads to Confusion and Mistakes 9th Annual Symposium on Usable Privacy and Security (SOUPS 2013). ACM, 2013. [Presentation]

C. Robison, S. Ruoti, T. W. van der Horst, and K. E. Seamons. Private Facebook Chat 2012 International Conference on Privacy, Security, Risk, and Trust (PASSAT 2012) and 2012 International Conference on Social Computing (SocialCom 2012). IEEE, 2013. [Presentation]

T. W. van der Horst and K. E. Seamons. pwdArmor: Protecting Conventional Password-based Authentications. 24th Annual Computer Security Applications Conference (ACSAC 2008). ACM, 2008. [Presentation]

R. S. Abbott, T. W. van der Horst, and K. E. Seamons. CPG: Closed Pseudonymous Groups. Workshop on Privacy in the Electronic Society (WPES 2008), Alexandria, VA, October 2008.

D. D. Walker, E. G. Mercer, and K. E. Seamons. Or Best Offer: A Privacy Policy Negotiation Protocol. IEEE Workshop on Policies for Distributed Systems and Networks (Policy 2008), Palisades, NY, June 2008.

A. Harding, T. W. van der Horst, and K. E. Seamons. Wireless Authentication using Remote Passwords. 1st ACM Conference on Wireless Network Security (WiSec), Alexandria, VA, March 2008.

P. L. Hellewell, T. W. van der Horst, and K. E. Seamons. Extensible Pre-Authentication in Kerberos. 23rd Annual Computer Security Applications Conference (ACSAC), Miami, FL, December 2007.

T. W. van der Horst, and K. E. Seamons. Simple Authentication for the Web. 3rd International Conference on Security and Privacy in Communication Networks, Nice, France, September, 2007. [Presentation]

R. C. Jammalamadaka, R. Gamboni, S. Mehrotra, K. Seamons, N. Venkatasubramanian. gVault: A Gmail Based Cryptographic Network File System. 21st Annual IFIP WG 11.3 Working Conference on Data and Applications Security, Redondo Beach, CA, July 2007.

A. J. Lee, K. E. Seamons, M. Winslett and T. Yu. Automated Trust Negotiation in Open Systems. In Secure Data Management in Decentralized Systems, edited by Ting Yu and Sushil Jajodia, Springer, December 2006.

R. C. Jammalamadaka, T. W. van der Horst, S. Mehrotra, K. E. Seamons, and N. Venkasubramanian. Delegate: A Proxy Based Architecture for Secure Website Access from an Untrusted Machine. 22nd Annual Computer Security Applications Conference (ACSAC), Miami, FL, December 2006.

L. Olson, M. Winslett, G. Tonti, N. Seeley, A. Uszok, and J. Bradshaw. TrustBuilder as an Authorization Service for Web Services. International Workshop on Security and Trust in Decentralized/Distributed Data Structures (STD3S) in conjuction with the 22nd International Conference on Data Engineering (ICDE’06), Atlanta, Georgia, April 2006.

J. Holt. Logcrypt: Forward Security and Public Verification for Secure Audit Logs. Australasian Information Security Workshop 2006, Hobart, Tasmania, January 2006.

T. Ryutov, L. Zhou, C. Neuman, N. Foukia, T. Leithead, and K. E. Seamons. Adaptive Trust Negotiation and Access Control for Grids. 6th IEEE/ACM International Workshop on Grid Computing, Seattle, WA, November 2005.

T. W. van der Horst and K. E. Seamons. Short Paper: Thor — The Hybrid Online Repository. First IEEE International Conference on Security and Privacy for Emerging Areas in Communications Networks, Athens, Greece, September 2005. slides

T. Ryutov, L. Zhou, C. Neuman, T. Leithead, and K. E. Seamons. Adaptive Trust Negotiation and Access Control. 10th ACM Symposium on Access Control Models and Technologies, Stockholm, Sweden, June 2005.

T. Leithead, W. Nejdl, D. Olmedilla, K. Seamons, M. Winslett, T. Yu, and C. Zhang. How to Exploit Ontologies in Trust Negotiation. Workshop on Trust, Security, and Reputation on the Semantic Web, part of the Third International Semantic Web Conference, Hiroshima, Japan, November 2004.

R. Bradshaw, J. Holt, and K. E. Seamons. Concealing Complex Policies with Hidden Credentials. Eleventh ACM Conference on Computer and Communications Security, Washington, DC, October 2004.

T. W. van der Horst, T. Sundelin, K. E. Seamons, and C. D. Knutson. Mobile Trust Negotiation: Authentication and Authorization in Dynamic Mobile Networks. Eighth IFIP Conference on Communications and Multimedia Security, Lake Windermere, England, September 2004. Slides

A. Hess, J. Holt, J. Jacobson, and K. E. Seamons. Content-Triggered Trust Negotiation. ACM Transaction on Information System Security, Vol. 7, No. 3, August 2004.

B. Smith, K. E. Seamons, and M. D. Jones. Responding to Policies at Runtime in TrustBuilder 5th International Workshop on Policies for Distributed Systems and Networks (POLICY 2004), Yorktown Heights, New York, June 2004.

R. Gavriloaie, W. Nejdl, D. Olmedilla, K. E. Seamons, and M. Winslett. No Registration Needed: How to Use Declarative Policies and Negotiation to Access Sensitive Resources on the Semantic Web. 1st European Semantic Web Symposium, Heraklion, Greece, May 2004.

J. Holt, R. Bradshaw, K. E. Seamons, and H. Orman. Hidden Credentials. 2nd ACM Workshop on Privacy in the Electronic Society, Washington, DC, October 2003. Slides

D. Vawdrey, T. Sundelin, K. E. Seamons, and C. Knutson. Trust Negotiation for Authentication and Authorization in Healthcare Information Systems. 25th Annual International Conference of the IEEE Engineering In Medicine And Biology Society, Cancun, Mexico, September 2003.

A. Hess and K. E. Seamons. An Access Control Model for Dynamic Client Content. 8th ACM Symposium on Access Control Models and Technologies, Como, Italy, June 2003. Slides

M. Winslett. An Introduction to Automated Trust Establishment. 1st International Conference on Trust Management, Crete, Greece, May 2003.

T. Yu and M. Winslett. A Unified Scheme for Resource Protection in Automated Trust Negotiation.IEEE Symposium on Security and Privacy, Berkeley, California, May 2003.

T. Yu, M. Winslett, and K. E. Seamons. Supporting Structured Credentials and Sensitive Policies through Interoperable Strategies for Automated Trust Negotiation. ACM Transactions on Information and System Security,vol. 6, no. 1, February 2003.

M. Winslett, T. Yu, K. E. Seamons, A. Hess, J. Jacobson, R. Jarvis, B. Smith, and L. Yu. Negotiating Trust on the Web. IEEE Internet Computing, vol. 6, no. 6, November/December 2002.

T. Yu, M.Winslett, and K.E. Seamons. Automated Trust Negotiation over the Internet. 6th World Multiconference on Systemics, Cybernetics and Informatics, Orlando, FL, July 14-18, 2002.

K. E. Seamons, M. Winslett, T. Yu, B. Smith, E. Child, J. Jacobson, H. Mills, and L. Yu. Requirements for Policy Languages for Trust Negotiation. 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY 2002), Monterey, CA, June 2002. Slides

K. E. Seamons, M. Winslett, T. Yu, L. Yu, and R. Jarvis. Protecting Privacy during On-line Trust Negotiation. 2nd Workshop on Privacy Enhancing Technologies, San Francisco, CA, April 2002. Slides

A. Hess, J. Jacobson, H. Mills, R. Wamsley, K. E. Seamons, and B. Smith. Advanced Client/Server Authentication in TLS. Network and Distributed System Security Symposium, San Diego, CA, February 2002. Slides

J. Holt and K. E. Seamons. Selective Disclosure Credential Sets. Cryptology ePrint Archive, Report 2002/151

T. Yu, M. Winslett, and K. E. Seamons. Interoperable Strategies in Automated Trust Negotiation. 8th ACM Conference on Computer and Communications Security, Philadelphia, Pennsylvania, November 2001.

T. Barlow, A. Hess, and K. E. Seamons. Trust Negotiation in Electronic Markets. Eighth Research Symposium in Emerging Electronic Markets, Maastricht, Netherlands, September 2001.

K. E. Seamons, M. Winslett, and T. Yu. Limiting the Disclosure of Access Control Policies During Automated Trust Negotiation. Network and Distributed System Security Symposium, San Diego, CA, February 2001. Slides

T. Yu, X. Ma, and M. Winslett. PRUNES: An Efficient and Complete Strategy for Trust Negotiation over the Internet. ACM Conference on Computer and Communications Security, Athens, November 2000.

W. H. Winsborough, K. E. Seamons, and V. E. Jones. Automated Trust Negotiation. DARPA Information Survivability Conference and Exposition, Hilton Head, SC, January 2000.

W. H. Winsborough, K. E. Seamons, and V. E. Jones. Negotiating Disclosure of Sensitive Credentials. Second Conference on Security in Communication Networks, Amalfi, Italy, September 1999.

K. E. Seamons, W. Winsborough, and M. Winslett. Internet Credential Acceptance Policies. Proceedings of the Workshop on Logic Programming for Internet Applications, Leuven, Belgium, July 1997.