Paul
Van
Oorschot
Carleton
University
Learning
about
Human-Computer
Authentication
through
Graphical
Passwords
We provide a selective review of research in this area over the past five years, including security and usability analysis of existing proposals, design and analysis of new proposals, and the value of user studies. Our goal is to design better password systems in general, including text password systems, through principles learned from experience with graphical password systems; and more broadly, to extract principles of general use in the emerging field of security and usability, as it becomes an important sub-discipline of computer security.
Biography: Paul Van Oorschot is a Professor of Computer Science at Carleton University, where he is Canada Research Chair in Network and Software Security, and founding director of Carletons Computer Security Lab. He previously held positions in network security R&D and senior management at Bell-Northern Research (Ottawa), Entrust Technologies (Ottawa), and Cloakware Corp. (Ottawa). He completed his PhD in Computer Science at the University of Waterloo in 1988.
He is co-author of the standard reference Handbook of Applied Cryptography, and regularly serves on program committees of major international computer security conferences, including ACM CCS, NDSS, USENIX Security, and IEEE Security and Privacy. He is on the editorial board of ACM TISSEC, and was Program Chair of USENIX Security 2008, and of the Internet Societys NDSS 2002 and 2001. He is Scientific Director of NSERC ISSNet, a pan-Canadian research network exploring Internetworked Systems Security. His current research focus includes computer security and usability, software security, authentication and identity management, and Internet security.