Trustworthy Interfaces for Passwords and Personal Information
The following message is being forwarded at the request of Burt Kaliski, RSA Security and Dan Boneh, Stanford University. ***************************************************************** 1st TIPPI Workshop Trustworthy Interfaces for Passwords and Personal Information Sponsored by the PORTIA project Date: June 13th, 2005 Location: Stanford University, Gates Computer Science Building, Room B12 Organizers: Burt Kaliski, RSA Security Dan Boneh, Stanford University Workshop Purpose Despite tremendous advances in computer technology in general and information security in particular, users still typically provide personal information and credentials such as passwords the same way they did 30 years ago: through a text interface that they assume they can trust. Today, that trust assumption clearly can no longer be relied on. Many security protocols have been proposed to protect credentials and personal information, but few are used in practice. A major reason is that the protocols have not been implemented in a way that ensures that they are actually used. For instance, a rogue Web site can still just ask the user for her password, regardless of how sophisticated a protocol the correct site employs. The purpose of the workshop is to facilitate an effective solution to these problems by bringing together the designers of the cryptographic protocols with the implementers of the user interfaces. Ideally, a user should have confidence that when she provides a password or other personal information, she can trust the interface she interacts with to protect her data from misuse - even if an attacker happens to be the one that asked her to provide it. In short, our hope is that the workshop will motivate a trend where trustworthy interfaces for passwords and personal information - TIPPI - are the typical ones in our industry. Speakers Current confirmed speakers include: Todd Inskeep, Bank of America. Roots of Trusted Interfaces and the User Experience. Dave Jevans, Anti-Phishing Working Group Ramesh Kesanupalli, Phoenix Technologies. Solutions for Secure and Trustworthy Authentication. Steve Myers, Indiana University Delayed Password Disclosure. Submissions: We welcome additional presentations, both long (30 minutes) and short (10 minutes). If you would like to give a presentation, please send us a proposed title and abstract by May 15. There will be no proceedings, but presentations and research papers (if available) will be posted on the Web. More Information: For more information, please contact Burt Kaliski http://www.rsasecurity.com/rsalabs/node.asp?id=2017 or Dan Boneh http://crypto.stanford.edu/~dabo/ --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]