User authentication by cognitive passwords: an empirical assessment
JCIT Proceedings of the fifth Jerusalem conference on Information technology
Photographic Authentication through Untrusted Terminals
IEEE Pervasive Computing
Personal privacy through understanding and action: five pitfalls for designers
Personal and Ubiquitous Computing
Intentional access management: making access control usable for end-users
SOUPS '06 Proceedings of the second symposium on Usable privacy and security
Personal choice and challenge questions: a security and usability assessment
Proceedings of the 5th Symposium on Usable Privacy and Security
Let Only the Right One IN: Privacy Management Scheme for Social Network
ICISS '09 Proceedings of the 5th International Conference on Information Systems Security
Personalization via friendsourcing
ACM Transactions on Computer-Human Interaction (TOCHI)
FC'10 Proceedings of the 14th international conference on Financial Cryptography and Data Security
Regroup: interactive machine learning for on-demand group creation in social networks
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
| Hi-index | 0.01 |
Controlling the privacy of online content is difficult and often confusing. We present a social access control where users devise simple questions testing shared knowledge instead of constructing authenticated accounts and explicit access control rules. We implemented a prototype and conducted studies to explore the context of photo sharing security, gauge the difficulty of creating shared knowledge questions, measure their resilience to adversarial attack, and evaluate user ability to understand and predict this resilience.