Lujo Bauer

www |
CIC 2203
(412) 268-9745
Mailing Address: ECE and ISR
Carnegie Mellon University
4720 Forbes Avenue
Pittsburgh, PA 15213-3891
Affiliated with: Cylab, Societal Computing
Associate Research Professor
See below

Research Interests

I do research on many aspects of computer security. I'm particularly interested in building usable access-control systems with sound theoretical underpinnings, and generally in narrowing the gap between a formal model and a usable system. Key terms: proof-carrying authorization, distributed access control, program monitors, security automata, languages for specifying security policies. Some of the projects I'm currently involved in are the following.

Passwords: Although they are often insecure and inconvenient, passwords aren't quite about to disappear. This project's goal is to help users create passwords that are easy for them to remember, but hard for attackers to guess. We work towards this goal by trying to deeply understand the password-creation process and the security of the resulting passwords, including by investigating the effects of password-composition policies and password meters on the security and usability of passwords, and by studying metrics for quantifying password strength.





© 2017. Last updated 25 January, 2016