Next: Scenario 3: Popular security
Up: Scenarios
Previous: Scenario 1: Security toolbar
Bob's research group operates
a popular web-based discussion forum. Bob writes a program which analyzes
the webserver's log file to report the number of daily password
resets. He also instruments the software to record the number of
newly chosen passwords that do not pass the website's
password complexity rules. The research plan is to see how these
numbers change as the rules become successively more restrictive over
time. To assure that no personally identifiable
information is collected, Bob configures the Apache server so that IP
addresses are not logged.
Simson L. Garfinkel
2008-03-21