Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore a conference presentation that introduces client-side encrypted access logging (CSAL) as an innovative solution to balance device attribution accuracy with privacy protection in online account security. Learn how researchers from Cornell University and Cornell Tech propose a novel approach that addresses the fundamental tension between preventing device tracking and providing trustworthy account security interfaces (ASIs). Discover how current ASIs from major service providers are vulnerable to manipulation through easily spoofed client-provided values, and understand why this creates security blind spots for users trying to monitor their account activity. Examine the technical details of the CSAL protocol, which leverages end-to-end encryption, OS support, and FIDO2-style attestations to add encrypted device identification information to account activity logs without compromising user privacy. Analyze the formal security analysis covering integrity, privacy, and unlinkability properties against honest-but-curious adversaries, while also exploring the challenges of characterizing feasible logging capabilities in this security model. Review the discussion of security considerations against active adversaries and examine the proof-of-concept implementation that demonstrates how OS vendors and service providers can collaborate to enhance account security and user safety without sacrificing privacy.
