Single Sign-On (SSO) with OAuth 2.0 and OpenID Connect 1.0 is essential for user
authentication and autho-rization on the Internet. Billions of users rely on SSO services …

Instead of only considering technology, computer security research now strives to also take
into account the human factor by studying regular users and, to a lesser extent, experts like …

Since the General Data Protection Regulation (GDPR) went into effect in May 2018, online
services are required to obtain users' explicit consent before sharing users' personal data …

Vulnerability databases are vital sources of information on emergent software security
concerns. Security professionals, from system administrators to developers to researchers …

Geographically distributed infrastructures, such as buildings, dams, and solar power plants,
are commonly maintained via Internet-connected remote management devices. Previous …

When browsing the web, none of us want sites to infer which other sites we may have visited
before or are logged in to. However, attacker-controlled sites may infer this state through …

Open-source kernels have been adopted by massive downstream vendors on billions of
devices. However, these vendors often omit or delay the adoption of patches released in the …

Activity on social media is seen as a relevant sensor for different aspects of the society. In a
heavily digitized society, security vulnerabilities pose a significant threat that is publicly …

In recent years, we have seen an increased interest in studying the software supply chain of
user-facing applications to uncover problematic third-party dependencies. Prior work shows …

When a domain is registered, information about the registrants and other related personnel
is recorded by WHOIS databases owned by registrars or registries (called WHOIS providers …