A move in the security measurement stalemate: elo-style ratings to quantify vulnerability (DOI)
Wolter Pieters, Sanne H.G. van der Ven, Christian W. Probst
Turtles all the way down: a clean-slate, ground-up, first-principles approach to secure systems (DOI)
Sean Peisert, Ed Talbot, Matt Bishop
Point-and-shoot security design: can we build better tools for developers? (DOI)
Sven Türpe
Argumentation logic to assist in security administration (DOI)
Jeff Rowe, Karl Levitt, Simon Parsons, Elizabeth Sklar, Andrew Applebaum, Sharmin Jalal
Beyond the blacklist: modeling malware spread and the effect of interventions (DOI)
Benjamin Edwards, Tyler Moore, George Stelle, Steven Hofmeyr, Stephanie Forrest
Someone to watch over me (DOI)
Heather Richter Lipford, Mary Ellen Zurko
Pools, clubs and security: designing for a party not a person (DOI)
Zheng Dong, Vaibhav Garg, L. Jean Camp, Apu Kapadia
Privacy is a process, not a PET: a theory for effective privacy practice (DOI)
Anthony Morton, M. Angela Sasse
All your base are belong to US (DOI)
Richard Ford, Liam M. Mayron
The need for application-aware access control evaluation (DOI)
William C. Garrison, Adam J. Lee, Timothy L. Hinrichs
Video-passwords: advertising while authenticating (DOI)
Julie Thorpe, Amirali Salehi-Abari, Robert Burden
Holographic vulnerability studies: vulnerabilities as fractures in interpretation as information flows across abstraction boundaries (DOI)
Jedidiah R. Crandall, Daniela Oliveira