Check out the new USENIX Web site. next up previous
Next: Scenario 3: Popular security Up: Scenarios Previous: Scenario 1: Security toolbar

Scenario 2: Web server logfile analysis.

Bob's research group operates a popular web-based discussion forum. Bob writes a program which analyzes the webserver's log file to report the number of daily password resets. He also instruments the software to record the number of newly chosen passwords that do not pass the website's password complexity rules. The research plan is to see how these numbers change as the rules become successively more restrictive over time. To assure that no personally identifiable information is collected, Bob configures the Apache server so that IP addresses are not logged.




Simson L. Garfinkel 2008-03-21