Showing papers by "Chris J. Mitchell published in 2010"

Attention and Associative Learning: From Brain to Behaviour

Abstract: 1. An introduction to attention and learning 2. Two theories of attention: A review and a possible integration 3. Attentional learning 4. Selective attention to conditioned stimuli in human discrimination learning: Untangling the effects of outcome prediction, valence, arousal and uncertainty 5. Latent inhibition 6. Attention and perceptual learning 7. Acquired distinctiveness and equivalence: A synthesis 8. Attention and human associative learning 9. On the use of the term 'attention' 10. Attention and memory in human learning 11. Backward blocking of relevance-indicating cues:Evidence for locally eayesian learning 12. Brain systems of attention in associative learning 13. Neural correlates of attentional set 14. Clinical studies of attention and learning

Limitations of a Bidirectional Control Procedure for the Investigation of Imitation in Rats: Odour Cues on the Manipulandum

Abstract: Magazine-trained observer rats confronted a conspecific demonstrator pushing a joystick to the right or to the left for food reward before the observers were given access to the joystick from the position previously occupied by the demonstrator and rewarded for responses in both directions. For half of the observers (group 0), the joystick was in the same position when acted upon by demonstrators and observers; for the other half (group 180) the manipulandum was rotated 180° within its mounting between observation and test. As in previous experiments using this bidirectional control procedure, rats in group 0 showed demonstratorconsistent responding—that is, they pushed the joystick in the same direction, relative to the actor's body, as had their demonstrators. However, group 180 showed a reverse effect: reliable demonstrator-inconsistent responding. These results suggest that attractive odour or taste cues deposited by demonstrators on the side of the joystick contralateral to the direction of respondin...

Do Reaction Times in the Perruchet Effect Reflect Variations in the Strength of an Associative Link

Abstract: In 3 experiments, we examined Perruchet, Cleeremans, and Destrebecqz's (2006) double dissociation of cued reaction time (RT) and target expectancy. In this design, participants receive a tone on every trial and are required to respond as quickly as possible to a square presented on 50% of those trials (a partial reinforcement schedule). Participants are faster to respond to the square following many recent tone-square pairings and slower to respond following many tone-alone presentations. Of importance, expectancy of the square is highest when performance on the RT task is poorest-following many tone-alone trials. This finding suggests that RT performance is determined by the strength of a tone-square link and that this link is the product of a non-expectancy-based learning mechanism. The present experiments, however, provide evidence that the speeded RTs are not the consequence of the strengthening and weakening of a tone-square link. Thus, the RT Perruchet effect does not provide evidence for a non-expectancy-based link-formation mechanism.

Using CardSpace as a Password Manager

Abstract: In this paper we propose a novel scheme that allows Windows CardSpace to be used as a password manager, thereby improving the usability and security of password use as well as potentially encouraging CardSpace adoption. Usernames and passwords are stored in personal cards, and these cards can be used to sign on transparently to corresponding websites. The scheme does not require any changes to login servers or to the CardSpace identity selector and, in particular, it does not require websites to support CardSpace. We describe how the scheme operates, and give details of a proof-of-concept prototype. Security and usability analyses are also provided.

CardSpace-liberty integration for CardSpace users

Abstract: Whilst the growing number of identity management systems have the potential to reduce the threat of identity attacks, major deployment problems remain because of the lack of interoperability between such systems. In this paper we propose a novel scheme to provide interoperability between two of the most widely discussed identity management systems, namely Microsoft CardSpace and Liberty. In this scheme, CardSpace users are able to obtain an assertion token from a Liberty-enabled identity provider that will satisfy the security requirements of a CardSpace-enabled relying party. We specify the operation of the integration scheme and also describe an implementation of a proof-of-concept prototype. Additionally, security and operational analyses are provided.

Enhancing user authentication in claim-based identity management

Abstract: In claim-based identity management (CBIM) systems, users identify themselves using security tokens that contain personally identifiable information, and that are signed by an identity provider. However, a malicious identity provider could readily impersonate any user by generating appropriate tokens. The growing number of identity theft techniques raises the risk of service providers being deceived by untrustworthy identity providers. We show how this vulnerability can be mitigated by adding an authentication layer, between the user and the service provider, to a CBIM system. We propose two possible implementations of this layer. The first approach requires a user to perform an additional step before the service provider completes the authentication process. That is, the user must present to the service provider certain information sent to the user by the service provider during the most recent successful use of the scheme. A proof-of-concept implementation of this scheme has been produced. The second approach involves a challenge-response exchange between the user and the service provider. This requires a minor modification to the service provider XML-based security policy declaration message.

Parsing ambiguities in authentication and key establishment protocols

Abstract: A new class of attacks against authentication and authenticated key establishment protocols is described, which we call parsing ambiguity attacks. If appropriate precautions are not deployed, these attacks apply to a very wide range of such protocols, including those specified in a number of international standards. Three example attacks are described in detail, and possible generalisations are also outlined. Finally, possible countermeasures are given, as are recommendations for modifications to the relevant standards.

Implementing PassCard | a CardSpace-based Password Manager

Abstract: The recently-proposed PassCard scheme enables CardSpace to be used as a password manager, thereby both improving the usability and security of passwords as well as encouraging CardSpace adoption. However, this scheme does not work with websites using HTTPS, seriously limiting its practicality. In this paper we extend PassCard to support sites using both HTTP and HTTPS. Usernames and passwords are stored in CardSpace personal cards, and these cards can be used to sign on transparently to corresponding websites. PassCard does not require any changes to login servers, default browser security settings or to the CardSpace identity selector and, in particular, it does not require websites to support CardSpace. We describe how this new version of PassCard operates, and present a proof-of-concept prototype. Security, usability and operational analyses are also provided.

Is security a lost cause

Abstract: We examine two key issues for future information security, namely: (a) what do current technological trends mean for future information security, and (b) what eect do conicts between security/privacy requirements and economic and technological pressures have on the future prospects for a more secure Internet? We consider the eects on security and privacy of six key emerging technology trends, namely: ubiquitous computing; third party computing; growing system and component complexity; integrated peripherals; system intelligence; and orchestrated attacks. We go on to consider a range of ways in which economic and technological pressures are making it ever more dicult to provide eective security and privacy. We conclude by considering whether there is any light at the end of the tunnel.