@article{obiedkov2009building,
  abstract = {The use of lattice-based access control models has been somewhat restricted by their complexity. We argue that attribute exploration from formal concept analysis can help create lattice models of manageable size, while making it possible for the system designer to better understand dependencies between different security categories in the domain and, thus, providing certain guarantees for the relevance of the constructed model to a particular application. In this paper, we introduce the method through an example.},
  author = {Obiedkov, Sergei and Kourie, Derrick G. and Eloff, J.H.P.},
  doi = {10.1016/j.cose.2008.07.011},
  interhash = {367ceb95cd5e3964aa2d7d00ad21da09},
  intrahash = {7be2b4bf0987c4d18adf7243eae690c0},
  issn = {0167-4048},
  journal = {Computers and Security},
  number = {1–2},
  pages = {2--7},
  title = {Building access control models with attribute exploration},
  url = {http://www.sciencedirect.com/science/article/pii/S0167404808000497},
  volume = 28,
  year = 2009
}

@incollection{becker2000conceptual,
  abstract = {Conceptual Information Systems are based on a formalization of the concept of ‘concept’ as it is discussed in traditional philosophical logic. This formalization supports a human-centered approach to the development of Information Systems. We discuss this approach by means of an implemented Conceptual Information System for supporting IT security management in companies and organizations.},
  address = {Berlin/Heidelberg},
  affiliation = {Entrust Technologies (Switzerland) Ltd liab. Co Glatt Tower CH-8301 Glattzentrum Switzerland},
  author = {Becker, Klaus and Stumme, Gerd and Wille, Rudolf and Wille, Uta and Zickwolff, Monika},
  booktitle = {Knowledge Engineering and Knowledge Management Methods, Models, and Tools},
  doi = {10.1007/3-540-39967-4_27},
  editor = {Dieng, Rose and Corby, Olivier},
  interhash = {dacb08013d9496d41d4f9f39bce7ecd1},
  intrahash = {283f8a780ac47746cc3031ad47bfdf9c},
  isbn = {978-3-540-41119-2},
  keyword = {Computer Science},
  pages = {352--365},
  publisher = {Springer},
  series = {Lecture Notes in Computer Science},
  title = {Conceptual Information Systems Discussed through an IT-Security Tool},
  url = {http://dx.doi.org/10.1007/3-540-39967-4_27},
  volume = 1937,
  year = 2000
}

@article{vonahn2008recaptcha,
  abstract = {CAPTCHAs (Completely Automated Public Turing test to tell Computers and Humans Apart) are widespread security measures on the World Wide Web that prevent automated programs from abusing online services. They do so by asking humans to perform a task that computers cannot yet perform, such as deciphering distorted characters. Our research explored whether such human effort can be channeled into a useful purpose: helping to digitize old printed material by asking users to decipher scanned words from books that computerized optical character recognition failed to recognize. We showed that this method can transcribe text with a word accuracy exceeding 99%, matching the guarantee of professional human transcribers. Our apparatus is deployed in more than 40,000 Web sites and has transcribed over 440 million words.},
  author = {von Ahn, Luis and Maurer, Benjamin and McMillen, Colin and Abraham, David and Blum, Manuel},
  doi = {10.1126/science.1160379},
  eprint = {http://www.sciencemag.org/content/321/5895/1465.full.pdf},
  interhash = {9444cd77ddf43b6c19bf689be5b2ef34},
  intrahash = {a20d5aa858b63fcf5d2daf908fec874f},
  journal = {Science},
  number = 5895,
  pages = {1465--1468},
  title = {reCAPTCHA: Human-Based Character Recognition via Web Security Measures},
  url = {http://www.sciencemag.org/content/321/5895/1465.abstract},
  volume = 321,
  year = 2008
}

@inproceedings{zhu2010attacks,
  abstract = {We systematically study the design of image recognition CAPTCHAs (IRCs) in this paper. We first review and examine all existing IRCs schemes and evaluate each scheme against the practical requirements in CAPTCHA applications, particularly in large-scale real-life applications such as Gmail and Hotmail. Then we present a security analysis of the representative schemes we have identified. For the schemes that remain unbroken, we present our novel attacks. For the schemes for which known attacks are available, we propose a theoretical explanation why those schemes have failed. Next, we provide a simple but novel framework for guiding the design of robust IRCs. Then we propose an innovative IRC called Cortcha that is scalable to meet the requirements of large-scale applications. It relies on recognizing objects by exploiting the surrounding context, a task that humans can perform well but computers cannot. An infinite number of types of objects can be used to generate challenges, which can effectively disable the learning process in machine learning attacks. Cortcha does not require the images in its image database to be labeled. Image collection and CAPTCHA generation can be fully automated. Our usability studies indicate that, compared with Google's text CAPTCHA, Cortcha allows a slightly higher human accuracy rate but on average takes more time to solve a challenge.},
  address = {New York, NY, USA},
  author = {Zhu, Bin B. and Yan, Jeff and Li, Qiujie and Yang, Chao and Liu, Jia and Xu, Ning and Yi, Meng and Cai, Kaiwei},
  booktitle = {CCS '10: Proceedings of the 17th ACM conference on Computer and communications security},
  doi = {10.1145/1866307.1866329},
  ee = {http://homepages.cs.ncl.ac.uk/jeff.yan/ccs10.pdf},
  interhash = {e95b041b4b155f5ff44977827e8680cd},
  intrahash = {3c8aa0e647903603ddce90c1642b89b2},
  isbn = {978-1-4503-0245-6},
  location = {Chicago, Illinois, USA},
  month = oct,
  pages = {187--200},
  publisher = {ACM},
  title = {Attacks and design of image recognition CAPTCHAs},
  url = {http://portal.acm.org/citation.cfm?id=1866307.1866329},
  year = 2010
}

@inproceedings{srinivasan2008protecting,
  abstract = {In this paper, we first present a new privacy leak in residential wireless ubiquitous computing systems, and then we propose guidelines for designing future systems to prevent this problem. We show that we can observe private activities in the home such as cooking, showering, toileting, and sleeping by eavesdropping on the wireless transmissions of sensors in a home, even when all of the transmissions are encrypted. We call this the Fingerprint and Timing-based Snooping (FATS) attack. This attack can already be carried out on millions of homes today, and may become more important as ubiquitous computing environments such as smart homes and assisted living facilities become more prevalent. In this paper, we demonstrate and evaluate the FATS attack on eight different homes containing wireless sensors. We also propose and evaluate a set of privacy preserving design guidelines for future wireless ubiquitous systems and show how these guidelines can be used in a hybrid fashion to prevent against the FATS attack with low implementation costs.},
  address = {New York, NY, USA},
  author = {Srinivasan, Vijay and Stankovic, John and Whitehouse, Kamin},
  booktitle = {UbiComp '08: Proceedings of the 10th international conference on Ubiquitous computing},
  doi = {10.1145/1409635.1409663},
  interhash = {493934da14b0afdda73bdb91c145351c},
  intrahash = {0efc5c0ef9a17c35402c654ff76247b0},
  isbn = {978-1-60558-136-1},
  location = {Seoul, Korea},
  pages = {202--211},
  publisher = {ACM},
  title = {Protecting your daily in-home activity information from a wireless snooping attack},
  url = {http://portal.acm.org/citation.cfm?id=1409663},
  year = 2008
}