October 21, 2021 

  1. Understanding How People with Upper Extremity Impairment Authenticate on their Personal Computing Devices (1:00 – 1:50 pm EST) 
  2. A User-Oriented Approach and Tool for Security and Privacy Protection on the Web (2:00 – 2:50 pm EST) 

Mark your calendars and come join your friends in the CAE community for a Tech Talk. CAE Tech Talks are free and conducted live in real-time over the Internet so no travel is required. Capitol Technology University (CTU) hosts the presentations using Zoom which employs slides, VOIP, and chat for live interaction. Just log in as “Guest” and enjoy the presentation(s). 

Below is a description of the presentations and logistics of attendance: 

PRESENTATION #1 

Topic: Understanding How People with Upper Extremity Impairment Authenticate on their Personal Computing Devices 

Presenter(s): Brittany Lewis, University of Rhode Island 

Description: Authentication has become increasingly ubiquitous for controlling access to personal computing devices (e.g., laptops, tablets, and smartphones). However, current ways of authenticating to these devices often require users to perform complex actions with their arms, hands or fingers (e.g., typing complex passwords or positioning a camera for facial recognition). This can create barriers for people with upper extremity impairment (UEI). A person with UEI lacks range of motion, strength, endurance, speed, and/or accuracy associated with arms, hands, or fingers. My research focuses on creating more accessible personal computing device authentication for people with UEI. In this talk, I will be discussing my work which explores the experiences people with UEI have when authenticating to their personal computing devices, what future research is necessary to make authentication accessible to them, and what impact the COVID-19 pandemic has had on their computing device use. 

 CAE Tech Talks are recorded; view them here: www.caecommunity.org/resources/cae-tech-talk-resources

For questions on CAE Tech Talk, please send email to CAETechTalk@nsa.gov


PRESENTATION #2 

Topic: A User-Oriented Approach and Tool for Security and Privacy Protection on the Web 

Presenter(s): Dr. Phu Phung, University of Dayton 

Description: We introduce a novel approach to protecting the privacy of web users. We propose to monitor the behaviors of JavaScript code within a web origin based on the source of the code, i.e., code origin, to detect and prevent malicious actions that would compromise users’ privacy. Our code-origin policy enforcement approach not only advances the conventional same-origin policy standard but also goes beyond the “all-or-nothing” contemporary ad-blockers and tracker-blockers. In particular, our monitoring mechanism does not rely on browsers’ network request interception and blocking as in existing blockers. In contrast, we monitor the code that reads or sends user data sent out of the browser to enforce fine-grained and context-aware policies based on the origin of the code. We implement a proof-of-concept prototype and perform practical evaluations to demonstrate the effectiveness of our approach. Our experimental results evidence that the proposed method can detect and prevent data leakage channels not captured by the leading tools such as Ghostery and uBlock Origin. We show that our prototype is compatible with major browsers and popular real-world websites with promising runtime performance. Although implemented as a browser extension, our approach is browser-agnostic and can be integrated into the core of a browser as it is based on standard JavaScript. 

CAE Tech Talks are recorded; view them here: www.caecommunity.org/resources/cae-tech-talk-resources

For questions on CAE Tech Talk, please send email to CAETechTalk@nsa.gov