Skip to main content

Lujo Bauer

Associate Professor, Electrical & Computer Engineering and Computer Science (Institute for Software Research)

[Email]

Lujo Bauer

Research Areas

Mobility, Privacy Protection, Secure Home Computing

Cross Cutting Thrusts

Formal Methods, Software Security, Usable Privacy and Security

Biography

Lujo Bauer is an Associate Professor in the Electrical and Computer Engineering Department and in the Institute for Software Research at Carnegie Mellon University. 

Dr. Bauer's research interests span many areas of computer security and privacy, and include building usable access-control systems with sound theoretical underpinnings, developing languages and systems for run-time enforcement of security policies on programs, and generally narrowing the gap between a formal model and a practical, usable system. His recent work focuses on developing tools and guidance to help users stay safer online.

Dr. Bauer recently served as the program chair for the flagship computer security conferences of the IEEE (S&P 2015) and the Internet Society (NDSS 2014) and is an associate editor of ACM Transactions on Information and System Security.

Education

PhD, 2003, Computer Science, Princeton University

MA, 1999, Computer Science, Princeton University

BS, 1997, Computer Science, Yale University

 

Research Projects

Mobile Platform Security

Research Area: Mobility
Cross Cutting Thrusts: Software Security | Formal Methods
Researchers: Lujo Bauer, Limin Jia

Password-Composition Policies and the Security and Usability of Passwords

Research Area: Privacy Protection
Cross Cutting Thrusts: Usable Privacy and Security
Researchers: Lujo Bauer, Nicolas Christin, Lorrie Cranor

Passwords

Cross Cutting Thrusts: Usable Privacy and Security
Researchers: Lujo Bauer, Lorrie Cranor, Nicolas Christin

Secure digital home

Research Area: Secure Home Computing
Cross Cutting Thrusts: Usable Privacy and Security
Researchers: Lujo Bauer, Greg Ganger, Lorrie Cranor

Advancing Logic-Based Access Control

Research Area: Secure Home Computing
Cross Cutting Thrusts: Formal Methods | Usable Privacy and Security
Researcher: Lujo Bauer

Improving the Security and Usability of Text Passwords

Cross Cutting Thrusts: Usable Privacy and Security
Researchers: Lorrie Cranor, Lujo Bauer, Nicolas Christin

Secure Home Storage

Research Area: Secure Home Computing
Cross Cutting Thrusts: Usable Privacy and Security
Researchers: Lujo Bauer, Lorrie Cranor, Greg Ganger

User-Controllable Security and Privacy for Pervasive Computing

Research Area: Privacy Protection | Mobility
Cross Cutting Thrusts: Usable Privacy and Security
Researchers: Norman Sadeh, Jason Hong, Lorrie Cranor, Lujo Bauer

Grey Project: device-enabled authorization

Research Area: Mobility | Secure Home Computing
Cross Cutting Thrusts: Usable Privacy and Security
Researcher: Lujo Bauer

Securing the Digital Home

Research Area: Secure Home Computing
Cross Cutting Thrusts: Usable Privacy and Security
Researchers: Lujo Bauer, Lorrie Cranor, Greg Ganger, Adrian Perrig

Privacy and Usability in Pervasive Computing Environments

Cross Cutting Thrusts: Usable Privacy and Security
Researchers: Norman Sadeh, Lujo Bauer

Privacy, Information Disclosure, & Authorization from a Logical Perspective

Researchers: Frank Pfenning, Lujo Bauer

Publications

"Analyzing the dangers posed by Chrome extensions". L. Bauer, S. Cai, L. Jia, T. Passaro, and Y. Tian, in Proceedings of the IEEE Conference on Communications and Network Security IEEE, pp. 184-192, 2014.

"Android taint flow analysis for app sets". W. Klieber, L. Flynn, A. Bhosale, L. Jia, and L. Bauer, in Proceedings of the 3rd ACM SIGPLAN International Workshop on the State of the Art in Java Program Analysis (SOAP 2014) ACM, 2014.

"Studying the effectiveness of security images in Internet banking". J. Lee and L. Bauer, in Web 2.0 Security and Privacy (W2SP) Workshop, 2014.

"Can Long Passwords Be Secure and Usable?". R. Shay, S. Komanduri, A. Durity, P. Huh, M. Mazurek, S. Segreti, B. Ur, L. Bauer, N. Christin, and L. Cranor, CHI: Conference Proceedings, Conference on Human Factors in Computing Systems, 2014.

"Toward strong, usable access control for shared distributed data". M. L. Mazurek, Y. Liang, W. Melicher, M. Sleeper, L. Bauer, G. Ganger, N. Gupta, and M. K. Reiter,  FAST: USENIX Conference on File and Storage Technologies, 2014.

"A comparison of users' perceptions and willingness to use Google, Facebook, and Google+ single-sign-on functionality". Bauer, L., Bravo-Lillo, C., Fragkaki, E., & Melicher, W. (2013). Proceedings of the ACM Digital Identity Management Workshop. ACM.

"Measuring password guessability for an entire university". Mazurek, M. L., Komanduri, S., Vidas, T., Bauer, L., Christin, N., Cranor, L. F., Kelley, P. G., Shay, R., & Ur, B. (2013). ACM Conference on Computer and Communications Security Proceedings, 173-186.

"Run-time enforcement of information-flow properties on Android". Jia, L., Aljuraidan, J., Fragkaki, E., Bauer, L., Stroucken, M., Fukushima, K., Kiyomoto, S., & Miyake, Y. (2013). European Symposium on Research in Computer Security (ESORICS).

"The post anachronism: The temporal dimension of Facebook privacy". Bauer, L., Cranor, L., Komanduri, S., Mazurek, M. L., Reiter, M. K., Sleeper, M., & Ur, B. (2013). Proceedings of the 12th Annual Workshop on Privacy in the Electronic Society. ACM.

"What matters to users? Factors that affect users' willingness to share information with online advertisers". Leon, P. G., Ur, B., Wang, Y., Sleeper, M., Balebako, R., Shay, R., Bauer, L., & Christodorescu, M. (2013). SOUPS: Symposium On Usable Privacy and Security.