RIFLE: An Architectural Framework for User-Centric Information-Flow Security
Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture
Digital memories in an era of ubiquitous computing and abundant storage
Communications of the ACM - Personal information management
Email in personal information management
Communications of the ACM - Personal information management
Personal knowledge questions for fallback authentication: security questions in the era of Facebook
Proceedings of the 4th symposium on Usable privacy and security
Spamalytics: an empirical analysis of spam marketing conversion
Proceedings of the 15th ACM conference on Computer and communications security
Personal choice and challenge questions: a security and usability assessment
Proceedings of the 5th Symposium on Usable Privacy and Security
1 + 1 = you: measuring the comprehensibility of metaphors for configuring backup authentication
Proceedings of the 5th Symposium on Usable Privacy and Security
CLAMP: Practical Prevention of Large-Scale Data Leaks
SP '09 Proceedings of the 2009 30th IEEE Symposium on Security and Privacy
It's No Secret. Measuring the Security and Reliability of Authentication via "Secret Questions
SP '09 Proceedings of the 2009 30th IEEE Symposium on Security and Privacy
Vanish: increasing data privacy with self-destructing data
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
Keypad: an auditing file system for theft-prone devices
Proceedings of the sixth conference on Computer systems
Tightlip: keeping applications from spilling the beans
NSDI'07 Proceedings of the 4th USENIX conference on Networked systems design & implementation
Click Trajectories: End-to-End Analysis of the Spam Value Chain
SP '11 Proceedings of the 2011 IEEE Symposium on Security and Privacy
"I regretted the minute I pressed share": a qualitative study of regrets on Facebook
Proceedings of the Seventh Symposium on Usable Privacy and Security
Home is safer than the cloud!: privacy concerns for consumer cloud storage
Proceedings of the Seventh Symposium on Usable Privacy and Security
SWIPE: eager erasure of sensitive data in large scale systems software
Proceedings of the second ACM conference on Data and Application Security and Privacy
Keeping Found Things Found: The Study and Practice of Personal Information Management: The Study and Practice of Personal Information Management
FC'10 Proceedings of the 14th international conference on Financial Cryptography and Data Security
CleanOS: limiting mobile data exposure with idle eviction
OSDI'12 Proceedings of the 10th USENIX conference on Operating Systems Design and Implementation
| Hi-index | 0.00 |
Cloud based storage accounts like web email are compromised on a daily basis. At the same time, billions of Internet users store private information in these accounts. As the Internet matures and these accounts accrue more information, these accounts become a single point of failure for both users' online identities and large amounts of their private information. This paper presents two contributions: the first, the heterogeneous documents abstraction, is a data-centric strategy for protecting high value information stored in globally accessible storage. Secondly, we present drano, an implementation of the heterogeneous documents strategy as a cloud-based email protection system. drano gives users the opportunity to remove or "lock up" sensitive, unexpected, and rarely used information to mitigate the risks of cloud storage accounts without sacrificing the benefits of cloud storage or computation. We show that drano can efficiently assist users in pinpointing and protecting passwords emailed to them in cleartext. We present performance measurements showing that the system can rewrite past emails stored at cloud providers quickly, along with initial results regarding user preferences for redacted cloud storage.