Abstract-Recognition-based graphical password (RBGP) schemes are not easily compared in terms of security. Current research uses many different measures which results in confusion as to whether RBGP schemes are secure against guessing and capture attacks. If it were possible to measure all RBGP schemes in a common way it would provide an easy comparison between them, allowing selection of the most secure design. This paper presents a discussion of potential attacks against recognitionbased graphical password (RBGP) authentication schemes. As a result of this examination a preliminary measure of the security of a recognition-based scheme is presented. The security measure is a 4-tuple based on distractor selection, shoulder surfing, intersection and replay attacks. It is aimed to be an initial proposal and is designed in a way which is extensible and adjustable as further research in the area develops. Finally, an example is provided by application to the PassFaces scheme.
The aspiration of many governments around the world is to ensure all university graduates are well-versed in computing science and its related topics. This results in many graduates participating in postgraduate conversion courses. Many computing science schools favour delivering aspects of some topics, such as cyber security, simultaneously to students majoring in computing science and those converting to it. The challenge becomes integrating and understanding such a disparate student cohort. In this paper, we propose as a solution a learning design that has active, constructive and interactive elements. Student experience is reported and discussed, before considering the many benefits of the design. CCS CONCEPTS • Security and privacy → Privacy protections; • Social and professional topics → Computing education;
In preparing computer science students for industry, degree content often focuses on technical skills such as programming. Such skills are essential for a successful post-study career in industry and is popular with students. However, industry notes that students are often limited in what can be referred to as graduate attributes or transferable skills. Such skills include effective teamwork, communication, and critical thinking, among others. Computing science students can also struggle to identify the value in these skills.To address this gap, it is proposed graduate attributes are incorporated into summatively assessed coursework alongside essential technical skills. The overall aim is to develop a framework for computing science educators which will allow them to incorporate such skills more explicitly through assessment. As an initial step, this paper presents a review of graduate attributes from Russell Group Universities to identify common themes. These skills are summarised with an initial proposal for how some of the most common attributes could be incorporated into coursework assessment.
Purpose The purpose of this study was to identify to identify reasons for the lack of protest against dragnet surveillance in the UK. As part of this investigation, a study was carried out to gauge the understanding of “privacy” and “confidentiality” by the well-informed. Design/methodology/approach To perform a best-case study, the authors identified a group of well-informed participants in terms of security. To gain insights into their privacy-related mental models, they were asked first to define the three core terms and then to identify the scenarios. Then, the participants were provided with privacy-related scenarios and were asked to demonstrate their understanding by classifying the scenarios and identifying violations. Findings Although the participants were mostly able to identify privacy and confidentiality scenarios, they experienced difficulties in articulating the actual meaning of the terms privacy, confidentiality and security. Research limitations/implications There were a limited number of participants, yet the findings are interesting and justify further investigation. The implications, even of this initial study, are significant in that if citizens’ privacy rights are being violated and they did not seem to know how to protest this and if indeed they had the desire to do so. Practical implications Had the citizens understood the meaning of privacy, and their ancient right thereto, which is enshrined in law, their response to the Snowden revelations about ongoing wide-scale surveillance might well have been more strident and insistent. Originality/value People in the UK, where this study was carried out, do not seem to protest the privacy invasion effected by dragnet surveillance with any verve. The authors identify a number of possible reasons for this from the literature. One possible explanation is that people do not understand privacy. Thus, this study posits that privacy is unusual in that understanding does not seem to align with the ability to articulate the rights to privacy and their disapproval of such widespread surveillance. This seems to make protests unlikely.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.