[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[freehaven-cvs] switch from being a chapter to being a position paper
Update of /home/freehaven/cvsroot/doc/wupss04
In directory moria:/home/arma/work/freehaven/doc/wupss04
Modified Files:
usability.bib usability.pdf usability.tex
Log Message:
switch from being a chapter to being a position paper
Index: usability.bib
===================================================================
RCS file: /home/freehaven/cvsroot/doc/wupss04/usability.bib,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -d -r1.5 -r1.6
--- usability.bib 2 Jan 2005 04:33:15 -0000 1.5
+++ usability.bib 21 Mar 2006 02:56:58 -0000 1.6
@@ -1,3 +1,33 @@
+@Proceedings{Soups05,
+ title = {Proceedings of the Symposium on Usability Privacy and Security (SOUPS 2005)},
+ editor = {Lorrie Cranor and Mary Ellen Zurko},
+ address = {Pittsburgh, PA},
+ month = {July},
+ year = {2005},
+}
+
+@InProceedings{Serj02,
+ author = {Andrei Serjantov and George Danezis},
+ title = {Towards an Information Theoretic Metric for Anonymity},
+ booktitle = {Privacy Enhancing Technologies},
+ year = 2002,
+ editor = {Paul Syverson and Roger Dingledine},
+ series = {LNCS},
+ address = {San Francisco, CA},
+ month = {April},
+}
+
+@InProceedings{Diaz02,
+ author = {Claudia Diaz and Stefaan Seys and Joris Claessens
+ and Bart Preneel},
+ title = {Towards measuring anonymity},
+ booktitle = {Privacy Enhancing Technologies},
+ year = 2002,
+ month = {April},
+ editor = {Paul Syverson and Roger Dingledine},
+ series = {LNCS},
+}
+
@InProceedings{back01,
author = {Adam Back and Ulf M\"oller and Anton Stiglic},
title = {Traffic Analysis Attacks and Trade-Offs in Anonymity Providing Systems},
Index: usability.pdf
===================================================================
RCS file: /home/freehaven/cvsroot/doc/wupss04/usability.pdf,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -d -r1.4 -r1.5
Binary files /tmp/cvsy6ic7c and /tmp/cvs404Ou2 differ
Index: usability.tex
===================================================================
RCS file: /home/freehaven/cvsroot/doc/wupss04/usability.tex,v
retrieving revision 1.25
retrieving revision 1.26
diff -u -d -r1.25 -r1.26
--- usability.tex 2 Jan 2005 05:40:17 -0000 1.25
+++ usability.tex 21 Mar 2006 02:56:58 -0000 1.26
@@ -1,6 +1,6 @@
-\documentclass{article}
+\documentclass{llncs}
\usepackage{url}
-\pagestyle{empty}
+%\pagestyle{empty}
\newenvironment{tightlist}{\begin{list}{$\bullet$}{
\setlength{\itemsep}{0mm}
@@ -13,27 +13,31 @@
\begin{document}
\title{Anonymity Loves Company:\\ Usability and the Network Effect}
-\author{Roger Dingledine \\ The Free Haven Project \\ arma@xxxxxxxxxxxxx \and
-Nick Mathewson \\ The Free Haven Project \\ nickm@xxxxxxxxxxxxx}
+\author{Roger Dingledine\inst{1} \and Nick Mathewson\inst{2}}
+\institute{The Free Haven Project \email{(arma@xxxxxxxxxxxxx)} \and
+The Free Haven Project \email{(nickm@xxxxxxxxxxxxx)}}
\maketitle
\thispagestyle{empty}
-Other chapters in this book have talked about how usability impacts
-security. One class of security software is anonymizing networks---overlay
+\begin{abstract}
+
+A growing field of literature is studying how usability impacts
+security~\cite{soups05}. One class of security software is anonymizing
+networks---overlay
networks on the Internet that provide privacy by letting users transact (for
example, fetch a web page or send an email) without revealing their
communication partners.
-In this chapter, we'll focus on the \emph{network effects}
+In this position paper we focus on the \emph{network effects}
of usability on privacy and security: usability is a factor as before,
but the size of the user
-base also becomes a factor. As we will see, in anonymizing networks, even if
-you
-were smart enough and had enough time to use every system
+base also becomes a factor. We show that in anonymizing networks, even if
+you were smart enough and had enough time to use every system
perfectly, you would nevertheless be right to choose your system
based in part on its usability for \emph{other} users.
-%AWK
+
+\end{abstract}
\section{Usability for others impacts your security}
@@ -74,7 +78,6 @@
can't or won't use it correctly, its ideal security properties are
irrelevant.
-% As we've seen in the other chapters in this book,
Hard-to-use programs and protocols can hurt security in many ways:
% These include:
\begin{tightlist}
@@ -137,8 +140,9 @@
of course. If the attacker suspects Alice, Bob, and Carol equally, Alice is
more anonymous than if the attacker is 98\% suspicious of Alice and 1\%
suspicious of Bob and Carol, even though the anonymity sets are the same
-size. Because of this imprecision, recent research is moving beyond simple anonymity
-sets to more sophisticated measures based on the attacker's confidence.}
+size. Because of this imprecision, research is moving beyond
+simple anonymity sets to more sophisticated measures based on the
+attacker's confidence~\cite{Diaz02,Serj02}.}
When more users join the network, existing users become more
secure, even if the new users never talk to the existing
ones! \cite{econymics,back01} Thus, ``anonymity loves company.''\footnote{This
@@ -176,7 +180,7 @@
The solution is distributed trust: an infrastructure made up of many
independently controlled proxies that work together to make sure no
transaction's privacy relies on any single proxy. With distributed-trust
-anonymity networks like the ones discussed in this chapter, users build
+anonymity networks, users build
tunnels or \emph{circuits} through a series of servers. They encrypt their
traffic in multiple layers of encryption, and each server removes a single
layer of encryption. No single server knows the entire path from the
@@ -300,8 +304,7 @@
The real issue here is that
designers often end up with a situation where they need to choose between
`insecure' and `inconvenient' as the default configuration---meaning they've
-already made a mistake in designing their application. (This issue is
-discussed more in chapters X and Y.)
+already made a mistake in designing their application.
Of course, when end users {\it do} know more about their individual security
requirements than application designers, then adding options is beneficial,
@@ -447,7 +450,7 @@
had typically no idea how to solve his problem.
At the time of this writing, the most important solutions for these users have
-been improve Tor's documentation for how to configure various applications
+been to improve Tor's documentation for how to configure various applications
to use Tor; to change the warning messages to refer users to a description of
the solution (``You are insecure. See this webpage.'') instead of a
description of the problem (``Your application is sending IPs instead of
@@ -622,7 +625,7 @@
The temptation to focus on designing a perfectly usable system before
building it can be self-defeating, since obstacles to usability are often
-unforeseen. We believe that the anonymity community
+unforeseen. We believe that the security community
needs to focus on continuing experimental deployment.
\bibliographystyle{plain}
***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxx with
unsubscribe freehaven-cvs in the body. http://freehaven.net/