Retroactive Security

September 27, 2011

Classic security uses access control, and, essentially, that does not work. Current systems are designed to say “no” and otherwise limit access, while another reason is code bugs. Real-world security currently is retroactive, an example being the financial system, in which mistakes or breaks can be undone after they occur. Typical access controls consist of both physical and principal boundaries, isolation of an item or information, control of access into this isolation, and policies stating who can have access.

Research Area
Research Lab
- Microsoft Research Lab - New England

Watch Next

More is Less: Extra Features in Contactless Payments Break Security
August 12, 2025
Tom Chothia,

George Pavlides
zk-promises: Anonymous Moderation, Reputation, & Blocking from Anonymous Credentials with Callbacks
August 12, 2025
Maurice Shih
‘Hey mum, I dropped my phone down the toilet’: Investigating Hi Mum and Dad SMS Scams in the UK
August 12, 2025
Sharad Agarwal
A Framework for Abusability Analysis: The Case of Passkeys in Interpersonal Threat Models
August 12, 2025
Alaa Daffalla
Encrypted Access Logging for Online Accounts: Device Attributions without Device Tracking
August 12, 2025
Carolina Ortega Perez
When LLMs Go Online: The Emerging Threat of Web-Enabled LLMs
August 11, 2025
Hanna Kim
Sandi: A System for Accountability
May 29, 2025
Kim Laine
Towards Safer Augmented Reality: Identifying, Evaluating, and Mitigating Security & Privacy Threats
April 17, 2025
Kaiming Cheng
Fake It till You Make It: Enhancing Security of Bluetooth Secure Connections via Deferrable Authentication
August 26, 2024
Olga Sanina
Improving the Security of United States Elections with Robust Optimization
June 27, 2024
Brad Sturt

Retroactive Security

Research Area

Research Lab

Watch Next