{"id":51,"date":"2008-12-21T16:05:08","date_gmt":"2008-12-21T20:05:08","guid":{"rendered":"http:\/\/hotsoft.carleton.ca\/hotsoft\/?p=51"},"modified":"2008-12-21T16:07:04","modified_gmt":"2008-12-21T20:07:04","slug":"sonia-chiasson-phd","status":"publish","type":"post","link":"https:\/\/hotsoft.carleton.ca\/hotsoft\/sonia-chiasson-phd\/","title":{"rendered":"Sonia Chiasson, PhD"},"content":{"rendered":"<p><img decoding=\"async\" class=\"alignright\" style=\"float: right;\" src=\"https:\/\/hotsoft.carleton.ca\/hotsoft\/wp-content\/uploads\/2008\/12\/img_2795-275x300.jpg\" alt=\"\" width=\"150\" \/><\/p>\n<p>Sonia Chiasson successfully defended her PhD thesis on Wednesday<br \/>\nDecember 17th: congratulations Sonia! She will be staying at Carleton<br \/>\nUniversity for a little while longer, beginning a post-doctoral<br \/>\nfellowship on January 1st, 2009.<\/p>\n<p><!--more--><\/p>\n<p>Sonia&#8217;s thesis was entitled &#8220;Usable Authentication<br \/>\nand Click-Based Graphical Passwords&#8221;, and the abstract is as follows:<\/p>\n<p>Security experts often refer to humans as the \u201cweakest link\u201d (Sasse, Brostoff, and<br \/>\nWeirich, 2001) in the security chain, asserting that the problem lies not with the<br \/>\nsecurity systems themselves, but with users who are unable or unwilling to comply<br \/>\nwith security protocols. The shift towards usable security and including human factors<br \/>\nin system design is an important one that has a direct impact on system security.<br \/>\nIn this thesis, we focus on knowledge-based authentication. We examine the<br \/>\npassword problem, where passwords are either weak-and-memorable or secure-but-<br \/>\ndifficult-to-remember, despite the need for secure and memorable passwords. We<br \/>\nconcentrate on graphical passwords due to the human ability to accurately recognize<br \/>\nand recall images. We began by cataloguing existing graphical passwords, focusing<br \/>\nequally on usability and security characteristics, and identi\ufb01ed PassPoints, a click-<br \/>\nbased graphical password scheme, as the scheme that appeared most promising and<br \/>\nthat we believed warranted closer evaluation. Our overall research question, therefore,<br \/>\nasks: \u201cCan click-based graphical passwords simultaneously support both memorability<br \/>\nand security, while maintaining usability?\u201d.<br \/>\nWe conducted lab and \ufb01eld studies of PassPoints, and identi\ufb01ed areas for usabil-<br \/>\nity and security improvements. We next designed Cued Click-Points and Persuasive<br \/>\nCued-Click-Points, schemes with several novel design features: one-to-one cueing to<br \/>\nhelp with the memorability, implicit feedback meaningful only to legitimate users, and<br \/>\na safe-path-of-least-resistance in\ufb02uencing users to select stronger memorable pass-<br \/>\nwords. Empirical studies of both schemes provide evidence of increased usability,<br \/>\nmemorability, and security. Additionally, we propose a new discretization method for<br \/>\nsuch systems that improves usability by making the system more predictable from<br \/>\nthe user\u2019s perspective and improves security by allowing for smaller tolerance regions<br \/>\nwithout sacri\ufb01cing usability. From this empirical work, we identi\ufb01ed the underlying<br \/>\ndesign characteristics of our systems that led to success and generalized our \ufb01ndings<br \/>\nas design strategies that may be applicable to other knowledge-based authentication<br \/>\nschemes.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Sonia Chiasson successfully defended her PhD thesis on Wednesday December 17th: congratulations Sonia! She will be staying at Carleton University for a little while longer, beginning a post-doctoral fellowship on January 1st, 2009.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-51","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/hotsoft.carleton.ca\/hotsoft\/wp-json\/wp\/v2\/posts\/51","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hotsoft.carleton.ca\/hotsoft\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hotsoft.carleton.ca\/hotsoft\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hotsoft.carleton.ca\/hotsoft\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/hotsoft.carleton.ca\/hotsoft\/wp-json\/wp\/v2\/comments?post=51"}],"version-history":[{"count":0,"href":"https:\/\/hotsoft.carleton.ca\/hotsoft\/wp-json\/wp\/v2\/posts\/51\/revisions"}],"wp:attachment":[{"href":"https:\/\/hotsoft.carleton.ca\/hotsoft\/wp-json\/wp\/v2\/media?parent=51"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hotsoft.carleton.ca\/hotsoft\/wp-json\/wp\/v2\/categories?post=51"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hotsoft.carleton.ca\/hotsoft\/wp-json\/wp\/v2\/tags?post=51"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}