Abstract
We describe a series of security policy audits that we conducted, exposing policy flaws affecting billions of users that are often exploited by even low-tech attackers. We argue that a systematic study of security policies and processes is sorely needed, and present a research agenda.
Original language | English (US) |
---|---|
Pages (from-to) | 77-81 |
Number of pages | 5 |
Journal | IEEE Security and Privacy |
Volume | 21 |
Issue number | 2 |
DOIs | |
State | Published - Mar 1 2023 |
Externally published | Yes |
All Science Journal Classification (ASJC) codes
- Computer Networks and Communications
- Electrical and Electronic Engineering
- Law