DOCSLIB.ORG

Human Factors and Usability Issues Have Traditionally Played a Limited Role in Security Research and Secure Systems Development

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Human Factors and Usability Issues Have Traditionally Played a Limited Role in Security Research and Secure Systems Development Security and Usability By Lorrie Faith Cranor, Simson Garfinkel ............................................... Publisher: O'Reilly Pub Date: August 2005 ISBN: 0-596-00827-9 Pages: 738 Table of Contents | Index Human factors and usability issues have traditionally played a limited role in security research and secure systems development. Security experts have largely ignored usability issues--both because they often failed to recognize the importance of human factors and because they lacked the expertise to address them. But there is a growing recognition that today's security problems can be solved only by addressing issues of usability and human factors. Increasingly, well-publicized security breaches are attributed to human errors that might have been prevented through more usable software. Indeed, the world's future cyber-security depends upon the deployment of security technology that can be broadly used by untrained computer users. Still, many people believe there is an inherent tradeoff between computer security and usability. It's true that a computer without passwords is usable, but not very secure. A computer that makes you authenticate every five minutes with a password and a fresh drop of blood might be very secure, but nobody would use it. Clearly, people need computers, and if they can't use one that's secure, they'll use one that isn't. Unfortunately, unsecured systems aren't usable for long, either. They get hacked, compromised, and otherwise rendered useless. There is increasing agreement that we need to design secure systems that people can actually use, but less agreement about how to reach this goal. Security & Usability is the first book-length work describing the current state of the art in this emerging field. Edited by security experts Dr. Lorrie Faith Cranor and Dr. Simson Garfinkel, and authored by cutting-edge security and human-computer interaction (HCI) researchers world-wide, this volume is expected to become both a classic reference and an inspiration for future research. Security & Usability groups 34 essays into six parts: Realigning Usability and Security---with careful attention to user-centered design principles, security and usability can be synergistic. Authentication Mechanisms-- techniques for identifying and authenticating computer users. Secure Systems--how system software can deliver or destroy a secure user experience. Privacy and Anonymity Systems--methods for allowing people to control the release of personal information. Commercializing Usability: The Vendor Perspective--specific experiences of security and software vendors (e.g., IBM, Microsoft, Lotus, Firefox, and Zone Labs) in addressing usability. The Classics--groundbreaking papers that sparked the field of security and usability. This book is expected to start an avalanche of discussion, new ideas, and further advances in this important field. Security and Usability By Lorrie Faith Cranor, Simson Garfinkel ............................................... Publisher: O'Reilly Pub Date: August 2005 ISBN: 0-596-00827-9 Pages: 738 Table of Contents | Index Copyright Preface Goals of This Book Audience for This Book Structure of This Book Conventions Used in This Book Safari Enabled How to Contact Us Acknowledgments Part I: Realigning Usability and Security Chapter One. Psychological Acceptability Revisited Section 1.1. Passwords Section 1.2. Patching Section 1.3. Configuration Section 1.4. Conclusion Section 1.5. About the Author Chapter Two. Why Do We Need It? How Do We Get It? Section 2.1. Introduction Section 2.2. Product: Human Factors, Policies, and Security Mechanisms Section 2.3. Process: Applying Human Factors Knowledge and User-Centered Approaches to Security Design Section 2.4. Panorama: Understanding the Importance of the Environment Section 2.5. Conclusion Section 2.6. About the Authors Chapter Three. Design for Usability Section 3.1. Death by Security Section 3.2. Balance Security and Usability Section 3.3. Balance Privacy and Security Section 3.4. Build a Secure Internet Section 3.5. Conclusion Section 3.6. About the Author Chapter Four. Usability Design and Evaluation for Privacy and Security Solutions Section 4.1. Usability in the Software and Hardware Life Cycle Section 4.2. Case Study: Usability Involvement in a Security Application Section 4.3. Case Study: Usability Involvement in the Development of a Privacy Policy Management Tool Section 4.4. Conclusion Section 4.5. About the Authors Chapter Five. Designing Systems That People Will Trust Section 5.1. Introduction Section 5.2. The Trust-Risk Relationship Section 5.3. The Time-Course of Trust Section 5.4. Models of Trust Section 5.5. Trust Designs Section 5.6. Future Research Directions Section 5.7. About the Authors Part II: Authentication Mechanisms Chapter Six. Evaluating Authentication Mechanisms Section 6.1. Authentication Section 6.2. Authentication Mechanisms Section 6.3. Quality Criteria Section 6.4. Environmental Considerations Section 6.5. Choosing a Mechanism Section 6.6. Conclusion Section 6.7. About the Author Chapter Seven. The Memorability and Security of Passwords Section 7.1. Introduction Section 7.2. Existing Advice on Password Selection Section 7.3. Experimental Study Section 7.4. Method Section 7.5. Results Section 7.6. Discussion Section 7.7. Acknowledgments Section 7.8. About the Authors Chapter Eight. Designing Authentication Systems with Challenge Questions Section 8.1. Challenge Questions as a Form of Authentication Section 8.2. Criteria for Building and Evaluating a Challenge Question System Section 8.3. Types of Questions and Answers Section 8.4. Designing a Challenge Question Authentication System Section 8.5. Some Examples of Current Practice Chapter Nine. Graphical Passwords Section 9.1. Introduction Section 9.2. A Picture Is Worth a Thousand Words Section 9.3. Picture Perfect? Section 9.4. Let's Face It Section 9.5. About the Authors Chapter Ten. Usable Biometrics Section 10.1. Introduction Section 10.2. Where Are Biometrics Used? Section 10.3. Biometrics and Public Technology: The ATM Example Section 10.4. Evaluating Biometrics Section 10.5. Incorporating User Factors into Testing Section 10.6. Conclusion Section 10.7. About the Author Chapter Eleven. Identifying Users from Their Typing Patterns Section 11.1. Typing Pattern Biometrics Section 11.2. Applications Section 11.3. Overview of Previous Research Section 11.4. Evaluating Previous Research Section 11.5. Privacy and Security Issues Section 11.6. Conclusion Section 11.7. About the Authors Chapter Twelve. The Usability of Security Devices Section 12.1. Introduction Section 12.2. Overview of Security Devices Section 12.3. Usability Testing of Security Devices Section 12.4. A Usability Study of Cryptographic Smart Cards Section 12.5. Recommendations and Open Research Questions Section 12.6. Conclusion Section 12.7. Acknowledgments Section 12.8. About the Authors Part III: Secure Systems Chapter Thirteen. Guidelines and Strategies for Secure Interaction Design Section 13.1. Introduction Section 13.2. Design Guidelines Section 13.3. Design Strategies Section 13.4. Conclusion Section 13.5. Acknowledgments Section 13.6. About the Author Chapter Fourteen. Fighting Phishing at the User Interface Section 14.1. Introduction Section 14.2. Attack Techniques Section 14.3. Defenses Section 14.4. Looking Ahead Section 14.5. About the Authors Chapter Fifteen. Sanitization and Usability Section 15.1. Introduction Section 15.2. The Remembrance of Data Passed Study Section 15.3. Related Work: Sanitization Standards, Software, and Practices Section 15.4. Moving Forward: A Plan for Clean Computing Section 15.5. Acknowledgments Section 15.6. About the Author Chapter Sixteen. Making the Impossible Easy: Usable PKI Section 16.1. Public Key Infrastructures Section 16.2. Problems with Public Key Infrastructures Section 16.3. Making PKI Usable Section 16.4. About the Authors Chapter Seventeen. Simple Desktop Security with Chameleon Section 17.1. Introduction Section 17.2. Chameleon User Interface Section 17.3. Chameleon Interface Development Section 17.4. Chameleon Implementation Section 17.5. Conclusion Section 17.6. Acknowledgments Section 17.7. About the Authors Chapter Eighteen. Security Administration Tools and Practices Section 18.1. Introduction Section 18.2. Attacks, Detection, and Prevention Section 18.3. Security Administrators Section 18.4. Security Administration: Cases from the Field Section 18.5. Conclusion Section 18.6. Acknowledgments Section 18.7. About the Authors Part IV: Privacy and Anonymity Systems Chapter Ninteen. Privacy Issues and Human-Computer Interaction Section 19.1. Introduction Section 19.2. Privacy and HCI Section 19.3. Relevant HCI Research Streams Section 19.4. Conclusion Section 19.5. About the Authors Chapter Twenty. A User-Centric Privacy Space Framework Section 20.1. Introduction Section 20.2. Security and Privacy Frameworks Section 20.3. Researching the Privacy Space Section 20.4. Privacy as a Process Section 20.5. Conclusion Section 20.6. About the Author Chapter Twenty One. Five Pitfalls in the Design for Privacy Section 21.1. Introduction Section 21.2. Faces: (Mis)Managing Ubicomp Privacy Section 21.3. Five Pitfalls to Heed When Designing for Privacy Section 21.4. Discussion Section 21.5. Conclusion Section 21.6. Acknowledgments Section 21.7. About the Authors Chapter Twenty Two. Privacy Policies and Privacy Preferences Section 22.1. Introduction Section 22.2. The Platform for Privacy Preferences (P3P) Section 22.3. Privacy Bird Design Section 22.4. Privacy
Load more

Recommended publications
  • Guidelines and Strategies for Secure Interaction Design
    ,ch13.10831 Page 253 Friday, August 5, 2005 10:12 PM Chapter 13 CHAPTER THIRTEEN Guidelines and Strategies for Secure Interaction Design KA-PING YEE ALTHOUGH A RELIABLE, USABLE AUTHENTICATION METHOD IS ESSENTIAL, it is far from the only human interface concern. After a user signs in to a system, the system has to carry out the user’s wishes correctly in order to be considered secure. The question of secure inter- action design, addressed in this and the other chapters in this part of the book, is: How can we design a computer system to protect the interests of its legitimate user? To give you a sense of how important it is to look beyond authentication, consider some of today’s most serious security problems. Viruses are a leading contender, with email viruses making up a large part. Spyware is growing into a nightmare for home users and IT staff. Identity theft is becoming widespread, perpetrated in part through “phishing” scams in which forged email messages entice people to give away private information. None of these problems is caused by defeating a login mechanism. They would be better described as failures of computers to behave as their users expect. This chapter suggests some guidelines for designing and evaluating usable secure software and proposes two strategies for getting security and usability to work in harmony: security by designation and user-assigned identifiers. I’ll begin by providing a little background for our discussion, then present the guidelines and strategies, and finally look at real design problems to show how these strategies can be applied in practice.
    [Show full text]
  • Robust Composition: Towards a Unified Approach To
    Robust Composition: Towards a Uni¯ed Approach to Access Control and Concurrency Control by Mark Samuel Miller A dissertation submitted to Johns Hopkins University in conformity with the requirements for the degree of Doctor of Philosophy. Baltimore, Maryland May, 2006 Copyright °c 2006, Mark Samuel Miller. All rights reserved. Permission is hereby granted to make and distribute verbatim copies of this document without royalty or fee. Permission is granted to quote excerpts from this documented provided the original source is properly cited. ii Abstract When separately written programs are composed so that they may cooperate, they may instead destructively interfere in unanticipated ways. These hazards limit the scale and functionality of the software systems we can successfully compose. This dissertation presents a framework for enabling those interactions between components needed for the cooperation we intend, while minimizing the hazards of destructive interference. Great progress on the composition problem has been made within the object paradigm, chiefly in the context of sequential, single-machine programming among benign components. We show how to extend this success to support robust composi- tion of concurrent and potentially malicious components distributed over potentially malicious machines. We present E, a distributed, persistent, secure programming language, and CapDesk, a virus-safe desktop built in E, as embodiments of the tech- niques we explain. Advisor: Jonathan S. Shapiro, Ph.D. Readers: Scott Smith, Ph.D., Yair Amir, Ph.D. iii iv This dissertation is dedicated to the number \3469" and the letter \E". v vi Acknowledgements Jonathan Shapiro, my advisor, for encouraging me to continue this work in an aca- demic setting, and for providing insight, encouragement, and support way beyond the call of any duty.
    [Show full text]
  • Tahoe-LAFS Documentation Release 1.X
    Tahoe-LAFS Documentation Release 1.x The Tahoe-LAFS Developers Sep 22, 2021 Contents 1 Welcome to Tahoe-LAFS! 3 1.1 What is Tahoe-LAFS?..........................................3 1.2 What is “provider-independent security”?................................3 1.3 Access Control..............................................4 1.4 Get Started................................................4 1.5 License..................................................5 2 Installing Tahoe-LAFS 7 2.1 Microsoft Windows...........................................7 2.2 Linux, BSD, or MacOS.........................................8 3 Building Tahoe-LAFS on Windows9 4 Building Tahoe-LAFS on Linux 11 4.1 Prerequisites............................................... 11 4.2 Install the Latest Tahoe-LAFS Release................................. 12 5 Building Tahoe-LAFS On A Desert Island 13 5.1 How This Works............................................. 14 6 How To Run Tahoe-LAFS 17 6.1 Introduction............................................... 17 6.2 Do Stuff With It............................................. 19 6.3 Socialize................................................. 20 6.4 Complain................................................. 20 7 Magic Wormhole Invites 21 7.1 Magic Wormhole............................................. 21 7.2 Invites and Joins............................................. 21 7.3 Tahoe-LAFS Secret Exchange...................................... 21 8 Configuring a Tahoe-LAFS node 23 8.1 Node Types...............................................
    [Show full text]
  • Mickaël Salaün Intégration De L'utilisateur Au Contrôle D'accès
    THÈSE DE DOCTORAT DE TÉLÉCOM SUDPARIS Spécialité Informatique École doctorale Informatique, Télécommunications et Électronique (Paris) Présentée par Mickaël Salaün Pour obtenir le grade de DOCTEUR de TÉLÉCOM SUDPARIS Sujet de la thèse : Intégration de l’utilisateur au contrôle d’accès : du processus cloisonné à l’interface homme-machine de confiance Soutenue le 2 mars 2018 devant le jury composé de : Président : Gaël Thomas Télécom SudParis Rapporteurs : Michaël Hauspie Université Lille 1, Sciences et Technologies Valérie Viet Triem Tong CentraleSupélec Examinateur : Roland Groz Grenoble INP, Ensimag Directeur de thèse : Hervé Debar Télécom SudParis Co-encadrante : Marion Daubignard ANSSI Invités : Mathieu Blanc CEA Benjamin Morin ANSSI NNT : 2018TELE0006 c 2018 Mickaël Salaün Ce document est placé sous la « Licence Ouverte » publiée par la mission Etalab. Mise à jour du 6 avril 2018 Résumé Cette thèse souhaite fournir des outils pour qu’un utilisateur puisse contribuer activement à la sécurité de son usage d’un système informatique. Les activités de sensibilités différentes d’un utilisateur nécessitent tout d’abord d’être cloisonnées dans des domaines dédiés, par un contrôle d’accès s’ajustant aux besoins de l’utilisateur. Afin de conserver ce cloisonnement, celui-ci doit être en mesure d’identifier de manière fiable les domaines avec lesquels il interagit, à partir de l’interface de sa machine. Dans une première partie, nous proposons un nouveau mécanisme de cloisonnement qui peut s’adapter de manière transparente aux changements d’activité de l’utilisateur, sans altérer le fonctionnement des contrôles d’accès existants, ni dégrader la sécurité du système. Nous en décrivons une première implémentation, nommée StemJail, basée sur les espaces de noms de Linux.
    [Show full text]
  • Tahoe-Lafs-1.13.0.Tar.Bz2 Collecting
    Tahoe-LAFS Documentation Release 1.x The Tahoe-LAFS Developers Mar 03, 2021 Contents 1 Welcome to Tahoe-LAFS! 3 1.1 What is Tahoe-LAFS?..........................................3 1.2 What is “provider-independent security”?................................3 1.3 Access Control..............................................4 1.4 Get Started................................................4 1.5 License..................................................5 2 Installing Tahoe-LAFS 7 2.1 First: In Case Of Trouble.........................................7 2.2 Pre-Packaged Versions..........................................7 2.3 Preliminaries...............................................7 2.4 Install the Latest Tahoe-LAFS Release.................................9 2.5 Running the tahoe executable..................................... 10 2.6 Running the Self-Tests.......................................... 10 2.7 Common Problems............................................ 11 2.8 Using Tahoe-LAFS............................................ 11 3 How To Run Tahoe-LAFS 13 3.1 Introduction............................................... 13 3.2 Do Stuff With It............................................. 15 3.3 Socialize................................................. 16 3.4 Complain................................................. 16 4 Magic Wormhole Invites 17 4.1 Magic Wormhole............................................. 17 4.2 Invites and Joins............................................. 17 4.3 Tahoe-LAFS Secret Exchange.....................................
    [Show full text]