Besides the work on Web authentication described in the Internet identity page we have conducted research on file-sharing security and password security for user-administered collaborative applications.
We have also written a response to the Cybersecurity Green Paper.
File sharing often refers to the exchange of files (such as MP3 files) over peer-to-peer networks, but our concern is with the sharing of files through a central Web repository, e.g. for the purpose of online collaboration. Centralized file-sharing may seem easier to secure than peer-to-peer file sharing, but it is exposed to a security threat that is often overlooked.
Malicious code may of course be found anywhere on the Web, but malicious code in shared files poses a special problem because, if no precautions are taken, it may execute in a trusted context. The problem is similar to the threat posed by cross-site scripting, but more difficult to address. Providers of Web applications that have a file-sharing feature often take no precautions against attacks through HTML shared files.
The white paper
describes a range of attacks through shared files, including cross-user attacks, attacks by former users, and cross-instance attacks. Then it proposes a technique for defending against such attacks by serving shared files from URLs having hostnames specific to the user files of a particular application instance.
We have been granted US patent 8,341,200 on this technique.
Password security for user-administered collaborative applications
It may be hard to believe that anything remains to be investigated regarding password security. But traditional passwords are now being used in a new setting where new countermeasures are needed for protection against various attacks.
The new setting is that of a collaborative Web application that allows a user to create an application instance and provide subaccounts for users who do not register with the application provider. The application instance is administered by the user who created it, possibly aided by users to whom he or she delegates administrative duties and privileges.
We have invented two techniques for improving the security provided by traditional passwords in this setting.
The first technique addresses the threat of anonymous password-guessing attacks over the Internet, by enforcing a hard limit on the total number of guesses against a password. It is described in the white paper:
We have been granted US patent 8,046,827 on this technique.
The second technique allows an administrator to reset a user’s password and send a temporary password to a user, securely, over a channel that does not provide confidentiality, as long as the administrator has a way of authenticating a user as the sender of a subsequent message. It is described in the white paper:
We have been granted US patent 7,975,292 on this technique.