Something You Have and Someone You Know—Designing for Interpersonal Security

Wednesday, January 30, 2019 - 4:00 pm4:30 pm

Periwinkle Doerfler, New York University


While a variety of strategies for threat modeling exist, they largely share two assumptions: that the attacker is remote and sophisticated. Given the military origins of the security community, it is not surprising that by default, we tend to focus on the types of threats that face an organization, instead of the types of threats that face individuals. As a result of my own work with survivors of domestic violence, as well as others' findings about individuals' security and privacy concerns, I suggest a new threat framework–The Interpersonal Threat Model–that provides a completely different set of assumptions about an attacker’s capabilities and motivations than a more traditional Organizational Threat Model. This is a call for the security and privacy communities to consider interpersonal threats–those that stem from people with whom we cohabitate or share devices–when designing consumer-facing technology. In doing so, perhaps we can begin to better address the concerns of everyday people and offer solutions for at-risk populations.

Periwinkle Doerfler, New York University

Periwinkle Doerfler is a PhD Candidate at NYU Tandon School of Engineering within the Center for Cyber Security, advised by Prof. Damon McCoy. Her research focuses on the intersection of intimate partner violence and technology. She looks at this issue with regard to abusers, and how they come to use technology to perpetuate violence, as well as with regard to survivors, and how technology can help or hinder escape from abusive situations. Her past work has also examined cryptocurrency as it relates to human trafficking, doxing communities, and authentication schemes.

@conference {226309,
author = {Periwinkle Doerfler},
title = {Something You Have and Someone You {Know{\textemdash}Designing} for Interpersonal Security},
year = {2019},
address = {Burlingame, CA},
publisher = {USENIX Association},
month = jan

Presentation Video