IEEE Security & Privacy’s Special Issue on the IEEE Symposium on Security and Privacy


IEEE Security & Privacy‘s readers are concerned with not only security and privacy but also safety and dependability. This issue focuses on all four aspects of the technology we use daily.

To subscribe digitally to IEEE S&P magazine, go here.

IEEE Security&Privacy

Volume 14, Issue 2

From the Editors

Reflections of an NSF Program Officer

Jeremy Epstein

DOI: 10.1109/MSP.2016.45

Abstract: Program officers direct government research funding priorities. This column gives a personal perspective on life as a program officer focused on security and privacy at the US National Science Foundation, explaining the value of such service to the community and the individual.


Silver Bullet Talks with Jamie Butler

Gary McGraw, Cigital

DOI: 10.1109/MSP.2016.38

Abstract: Gary McGraw talks to Jamie Butler, the chief technology officer and chief scientist at Endgame, about attacking back, rootkits, OS security, and more.

Guest Editor’s Introduction

The IEEE Security and Privacy Symposium Workshops

Terry Benzel, University of Southern California Information Sciences Institute

DOI: 10.1109/MSP.2016.29

Abstract: To bring some of the IEEE Symposium on Security and Privacy Workshops to a wider audience, IEEE Security & Privacy magazine’s editorial board decided to devote one special issue each year to a reprise of selected symposium papers. This year, the special issue focuses on two of the Security and Privacy Workshops held in conjunction with the symposium. Three articles discuss security in Web systems, and the fourth describes the emerging field of privacy engineering and the motivation, content, and results of the first workshop on this topic.

IEEE Security and Privacy Symposium

Bake in .onion for Tear-Free and Stronger Website Authentication

Paul Syverson, US Naval Research Laboratory
Griffin Boyce, Berkman Center for Internet & Society at Harvard University

DOI: 10.1109/MSP.2016.33 [paywall]

Abstract: Although their inherent authentication properties are generally overlooked in the shadow of the network-address hiding they provide, Tor’s .onion services might just deliver stronger website authentication than existing alternatives.

IEEE Security and Privacy Symposium

Stickler: Defending against Malicious Content Distribution Networks in an Unmodified Browser

Amit Levy, Stanford University
Henry Corrigan-Gibbs, Stanford University
Dan Boneh, Stanford University

DOI: 10.1109/MSP.2016.32 [paywall]

Abstract: Website publishers can derive enormous performance benefits and cost savings by directing traffic to their sites through content distribution networks (CDNs). However, publishers who use CDNs must trust they won’t modify the site’s JavaScript, CSS, images, or other media en route to end users. A CDN that violates this trust could inject ads into websites, downsample media to save bandwidth, or, worse, inject malicious JavaScript code to steal user secrets it couldn’t otherwise access. The authors present Stickler, a system for website publishers that guarantees the end-to-end authenticity of content served to users that simultaneously lets publishers reap the benefits of CDNs. Crucially, Stickler achieves these guarantees without requiring modifications to the browser.

IEEE Security and Privacy Symposium

Analysis and Mitigation of NoSQL Injections

Aviv Ron, IBM
Alexandra Shulman-Peleg, IBM
Anton Puzanov, IBM

DOI: 10.1109/MSP.2016.36 [paywall]

Abstract: NoSQL data storage systems have become very popular due to their scalability and ease of use. Unfortunately, they lack the security measures and awareness that are required for data protection. Although the new data models and query formats of NoSQL data stores make old attacks such as SQL injections irrelevant, they give attackers new opportunities for injecting their malicious code into the statements passed to the database. Analysis of the techniques for injecting malicious code into NoSQL data stores provides examples of new NoSQL injections as well as Cross-Site Request Forgery attacks, allowing attackers to bypass perimeter defenses such as firewalls. Analysis of the source of these vulnerabilities and present methodologies can mitigate such attacks. Because code analysis alone is insufficient to prevent attacks in today’s typical large-scale deployment, certain mitigations should be done throughout the entire software life cycle.

IEEE Security and Privacy Symposium

Privacy Engineering: Shaping an Emerging Field of Research and Practice

Seda Gurses, Princeton University
Jose M. del Alamo, Universidad Politécnica de Madrid

DOI: 10.1109/MSP.2016.37 [paywall]

Abstract: Addressing privacy and data protection systematically throughout the process of engineering information systems is a daunting task. Although the research community has made significant progress in theory and in labs, meltdowns in recent years suggest that we’re still struggling to address systemic privacy issues. Privacy engineering, an emerging field, responds to this gap between research and practice. It’s concerned with systematizing and evaluating approaches to capture and address privacy issues with engineering information systems. This article serves to illuminate this nascent field. The authors provide a definition of privacy engineering and describe encompassing activities. They expand on these with findings from the First International Workshop on Privacy Engineering (IWPE), and conclude with future challenges.

Web 2.0

Cleaning up Web 2.0’s Security Mess–at Least Partly

Benjamin Stritter, Friedrich-Alexander University of Erlangen-Nuremberg
Felix Freiling, Friedrich-Alexander University of Erlangen-Nuremberg
Hartmut Konig, Brandenburg University of Technology
Rene Rietz, Brandenburg University of Technology
Steffen Ullrich, genua gmbh
Alexander von Gernler, genua gmbh
Felix Erlacher, University of Innsbruck
Falko Dressler, University of Paderborn

DOI: 10.1109/MSP.2016.31 [paywall]

Abstract: Everyone loves Web 2.0 applications. They are easy to use and fast, and can be accessed from any computer or smartphone without installation. They let us easily communicate and share data with one another, shop simply, and access vast amounts of information. However, they’re also frequently mentioned in connection with novel exploits, data leaks, or identity theft. Active content, tight integration, and the overall complexity of the continuously evolving Web 2.0 technology create new risks that we can hardly grasp. Turning back on the technology is not a solution because we would lose many features that we’ve come to rely on. But how can we achieve both a pleasant user experience and security in a place as messy as the Web 2.0 landscape? First, we can look to understand the wide range of attacks as well as the complex security situation and attack surface of Web 2.0 applications. Second, we can study the open research challenges in this field and assess how best to approach these issues.

Federal Trade Commission

Assessing the Federal Trade Commission’s Privacy Assessments

Chris Jay Hoofnagle, University of California, Berkeley

DOI: 10.1109/MSP.2016.25 [paywall]

Abstract: Regulators worldwide need to keep tabs on companies caught violating consumer protection rules. Assessments by outside accounting firms are a key tool for regulators to detect privacy and security problems. It’s not widely known that an assessment, a term of art in accounting, is a less-intense evaluation than an audit. Also, in practice, assessments overseen by America’s top consumer protection cop, the US Federal Trade Commission, fall short of what’s needed to ensure that information-intensive companies are protecting privacy and honoring promises. This article outlines five practical steps to make company oversight more effective.

It All Depends

Dynamic Certification of Cloud Services: Trust, but Verify!

Sebastian Lins, University of Cologne
Pascal Grochol, University of Cologne
Stephan Schneider, University of Cologne
Ali Sunyaev, University of Cologne

DOI: 10.1109/MSP.2016.26 [paywall]

Abstract: Although intended to ensure cloud service providers’ security, reliability, and legal compliance, current cloud service certifications are quickly outdated. Dynamic certification, on the other hand, provides automated monitoring and auditing to verify cloud service providers’ ongoing adherence to certification requirements.


Rethinking the Role of Security in Undergraduate Education

Sarah Zatko, Cyber Independent Testing Laboratory

DOI: 10.1109/MSP.2016.40 [paywall]

Abstract: Security tends to be an afterthought in undergraduate computer science education. Given the increasing prevalence of data breaches, applied security content should be integrated throughout the curriculum. Such integration can be achieved through subtle but consistent changes to existing courses.

In Our Orbit

Security for the High-Risk User: Separate and Unequal

John Scott-Railton, Citizen Lab, Munk School of Global Affairs, University of Toronto

DOI: 10.1109/MSP.2016.22 [paywall]

Abstract: Civil society groups, which tend to use commodity tools and popular online platforms, are increasingly targeted by cyberattacks to disrupt their activities and steal their private information. Such cyberthreats deserve our attention, first, because they expose the default-insecure options in online platforms and, second, because addressing the most glaring cases will confer stronger security for the common user.

Last Word


Daniel E. Geer, In-Q-Tel

DOI: 10.1109/MSP.2016.34

This difference between digital and analog systems affects the security of digital systems, particularly the Internet of Things.