Security and Usability - Designing Secure Systems That People Can Use

Read more

Human factors and usability issues have traditionally played a limited role in security research and secure systems development. Security experts have largely ignored usability issues--both because they often failed to recognize the importance of human factors and because they lacked the expertise to address them.

But there is a growing recognition that today's security problems can be solved only by addressing issues of usability and human factors. Increasingly, well-publicized security breaches are attributed to human errors that might have been prevented through more usable software. Indeed, the world's future cyber-security depends upon the deployment of security technology that can be broadly used by untrained computer users.

Still, many people believe there is an inherent tradeoff between computer security and usability. It's true that a computer without passwords is usable, but not very secure. A computer that makes you authenticate every five minutes with a password and a fresh drop of blood might be very secure, but nobody would use it. Clearly, people need computers, and if they can't use one that's secure, they'll use one that isn't. Unfortunately, unsecured systems aren't usable for long, either. They get hacked, compromised, and otherwise rendered useless.

There is increasing agreement that we need to design secure systems that people can actually use, but less agreement about how to reach this goal. Security & Usability is the first book-length work describing the current state of the art in this emerging field. Edited by security experts Dr. Lorrie Faith Cranor and Dr. Simson Garfinkel, and authored by cutting-edge security and human-computerinteraction (HCI) researchers world-wide, this volume is expected to become both a classic reference and an inspiration for future research.

Security & Usability groups 34 essays into six parts:
Realigning Usability and Security---with careful attention to user-centered design principles, security and usability can be synergistic.
Authentication Mechanisms-- techniques for identifying and authenticating computer users.
Secure Systems--how system software can deliver or destroy a secure user experience.
Privacy and Anonymity Systems--methods for allowing people to control the release of personal information.
Commercializing Usability: The Vendor Perspective--specific experiences of security and software vendors (e.g.,IBM, Microsoft, Lotus, Firefox, and Zone Labs) in addressing usability.
The Classics--groundbreaking papers that sparked the field of security and usability.

This book is expected to start an avalanche of discussion, new ideas, and further advances in this important field.

List of contents

Preface;
Goals of This Book;
Audience for This Book;
Structure of This Book;
Conventions Used in This Book;
Safari Enabled;
How to Contact Us;
Acknowledgments;
Part I: Realigning Usability and Security;
Chapter One: Psychological Acceptability Revisited;
1.1 Passwords;
1.2 Patching;
1.3 Configuration;
1.4 Conclusion;
1.5 About the Author;
Chapter Two: Why Do We Need It? How Do We Get It?;
2.1 Introduction;
2.2 Product: Human Factors, Policies, and Security Mechanisms;
2.3 Process: Applying Human Factors Knowledge and User-Centered Approaches to Security Design;
2.4 Panorama: Understanding the Importance of the Environment;
2.5 Conclusion;
2.6 About the Authors;
Chapter Three: Design for Usability;
3.1 Death by Security;
3.2 Balance Security and Usability;
3.3 Balance Privacy and Security;
3.4 Build a Secure Internet;
3.5 Conclusion;
3.6 About the Author;
Chapter Four: Usability Design and Evaluation for Privacy and Security Solutions;
4.1 Usability in the Software and Hardware Life Cycle;
4.2 Case Study: Usability Involvement in a Security Application;
4.3 Case Study: Usability Involvement in the Development of a Privacy Policy Management Tool;
4.4 Conclusion;
4.5 About the Authors;
Chapter Five: Designing Systems That People Will Trust;
5.1 Introduction;
5.2 The Trust-Risk Relationship;
5.3 The Time-Course of Trust;
5.4 Models of Trust;
5.5 Trust Designs;
5.6 Future Research Directions;
5.7 About the Authors;
Part II: Authentication Mechanisms;
Chapter Six: Evaluating Authentication Mechanisms;
6.1 Authentication;
6.2 Authentication Mechanisms;
6.3 Quality Criteria;
6.4 Environmental Considerations;
6.5 Choosing a Mechanism;
6.6 Conclusion;
6.7 About the Author;
Chapter Seven: The Memorability and Security of Passwords;
7.1 Introduction;
7.2 Existing Advice on Password Selection;
7.3 Experimental Study;
7.4 Method;
7.5 Results;
7.6 Discussion;
7.7 Acknowledgments;
7.8 About the Authors;
Chapter Eight: Designing Authentication Systems with Challenge Questions;
8.1 Challenge Questions as a Form of Authentication;
8.2 Criteria for Building and Evaluating a Challenge Question System;
8.3 Types of Questions and Answers;
8.4 Designing a Challenge Question Authentication System;
8.5 Some Examples of Current Practice;
Chapter Nine: Graphical Passwords;
9.1 Introduction;
9.2 A Picture Is Worth a Thousand Words;
9.3 Picture Perfect?;
9.4 Let's Face It;
9.5 About the Authors;
Chapter Ten: Usable Biometrics;
10.1 Introduction;
10.2 Where Are Biometrics Used?;
10.3 Biometrics and Public Technology: The ATM Example;
10.4 Evaluating Biometrics;
10.5 Incorporating User Factors into Testing;
10.6 Conclusion;
10.7 About the Author;
Chapter Eleven: Identifying Users from Their Typing Patterns;
11.1 Typing Pattern Biometrics;
11.2 Applications;
11.3 Overview of Previous Research;
11.4 Evaluating Previous Research;
11.5 Privacy and Security Issues;
11.6 Conclusion;
11.7 About the Authors;
Chapter Twelve: The Usability of Security Devices;
12.1 Introduction;
12.2 Overview of Security Devices;
12.3 Usability Testing of Security Devices;
12.4 A Usability Study of Cryptographic Smart Cards;
12.5 Recommendations and Open Research Questions;
12.6 Conclusion;
12.7 Acknowledgments;
12.8 About the Authors;
Part III: Secure Systems;
Chapter Thirteen: Guidelines and Strategies for Secure Interaction Design;
13.1 Introduction;
13.2 Design Guidelines;
13.3 Design Strategies;
13.4 Conclusion;
13.5 Acknowledgments;
13.6 About the Author;
Chapter Fourteen: Fighting Phishing at the User Interface;
14.1 Introduction;
14.2 Attack Techniques;
14.3 Defenses;
14.4 Looking Ahead;
14.5 About the Authors;
Chapter Fifteen: Sanitization and Usability;
15.1 Introduction;
15.2 The Remembrance of Data Passed Study;
15.3 Related Work: Sanitization Standards, Software, and Practices;
15.4 Moving Forward: A Plan for Clean Computing;
15.5 Acknowledgments;
15.6 About the Author;
Chapter Sixteen: Making the Impossible Easy: Usable PKI;
16.1 Public Key Infrastructures;
16.2 Problems with Public Key Infrastructures;
16.3 Making PKI Usable;
16.4 About the Authors;
Chapter Seventeen: Simple Desktop Security with Chameleon;
17.1 Introduction;
17.2 Chameleon User Interface;
17.3 Chameleon Interface Development;
17.4 Chameleon Implementation;
17.5 Conclusion;
17.6 Acknowledgments;
17.7 About the Authors;
Chapter Eighteen: Security Administration Tools and Practices;
18.1 Introduction;
18.2 Attacks, Detection, and Prevention;
18.3 Security Administrators;
18.4 Security Administration: Cases from the Field;
18.5 Conclusion;
18.6 Acknowledgments;
18.7 About the Authors;
Part IV: Privacy and Anonymity Systems;
Chapter Ninteen: Privacy Issues and Human-Computer Interaction;
19.1 Introduction;
19.2 Privacy and HCI;
19.3 Relevant HCI Research Streams;
19.4 Conclusion;
19.5 About the Authors;
Chapter Twenty: A User-Centric Privacy Space Framework;
20.1 Introduction;
20.2 Security and Privacy Frameworks;
20.3 Researching the Privacy Space;
20.4 Privacy as a Process;
20.5 Conclusion;
20.6 About the Author;
Chapter Twenty One: Five Pitfalls in the Design for Privacy;
21.1 Introduction;
21.2 Faces: (Mis)Managing Ubicomp Privacy;
21.3 Five Pitfalls to Heed When Designing for Privacy;
21.4 Discussion;
21.5 Conclusion;
21.6 Acknowledgments;
21.7 About the Authors;
Chapter Twenty Two: Privacy Policies and Privacy Preferences;
22.1 Introduction;
22.2 The Platform for Privacy Preferences (P3P);
22.3 Privacy Bird Design;
22.4 Privacy Bird Evaluation;
22.5 Beyond the Browser;
22.6 About the Author;
Chapter Twenty Three: Privacy Analysis for the Casual User with Bugnosis;
23.1 Introduction;
23.2 The Audience for Bugnosis;
23.3 Cookies, Web Bugs, and User Tracking;
23.4 The Graphic Identity;
23.5 Making It Simple Is Complicated;
23.6 Looking Ahead;
23.7 Acknowledgments;
23.8 About the Author;
Chapter Twenty Four: Informed Consent by Design;
24.1 Introduction;
24.2 A Model of Informed Consent for Information Systems;
24.3 Possibilities and Limitations for Informed Consent: Redesigning Cookie Handling in a Web Browser;
24.4 Informing Through Interaction Design: What Users Understand About Secure Connections Through Their Web Browsing;
24.5 The Scope of Informed Consent: Questions Motivated by Gmail;
24.6 Acknowledgments;
24.7 About the Authors;
Chapter Twenty Five: Social Approaches to End-User Privacy Management;
25.1 A Concrete Privacy Problem;
25.2 Acumen: A Solution Using Social Processes;
25.3 Supporting Privacy Management Activities with Social Processes;
25.4 Deployment, Adoption, and Evaluation;
25.5 Gaming and Anti-gaming;
25.6 Generalizing Our Approach;
25.7 Conclusion;
25.8 About the Authors;
Chapter Twenty Six: Anonymity Loves Company: Usability and the Network Effect;
26.1 Usability for Others Impacts Your Security;
26.2 Usability Is Even More Important for Privacy;
26.3 Bootstrapping, Confidence, and Reputability;
26.4 Technical Challenges to Guessing the Number of Users in a Network;
26.5 Conclusion;
26.6 About the Authors;
Part V: Commercializing Usability: The Vendor Perspective;
Chapter Twenty Seven: ZoneAlarm: Creating Usable Security Products for Consumers;
27.1 About ZoneAlarm;
27.2 Design Principles;
27.3 Efficient Production for a Fast Market;
27.4 Conclusion;
27.5 About the Author;
Chapter Twenty Eight: Firefox and the Worry-Free Web;
28.1 Usability and Security: Bridging the Gap;
28.2 The Five Golden Rules;
28.3 Conclusion;
28.4 About the Author;
Chapter Twenty Nine: Users and Trust: A Microsoft Case Study;
29.1 Users and Trust;
29.2 Consent Dialogs;
29.3 Windows XP Service Pack 2-A Case Study;
29.4 Pop-Up Blocking;
29.5 The Ideal;
29.6 Conclusion;
29.7 About the Author;
Chapter Thirty: IBM Lotus Notes/Domino: Embedding Security in Collaborative Applications;
30.1 Usable Secure Collaboration;
30.2 Embedding and Simplifying Public Key Security;
30.3 Designing Security Displays;
30.4 User Control of Active Content Security;
30.5 Conclusion;
30.6 About the Author;
Chapter Thirty One: Achieving Usable Security in Groove Virtual Office;
31.1 About Groove Virtual Office;
31.2 Groove Virtual Office Design;
31.3 Administrators' Strengths and Weaknesses;
31.4 Security and Usability;
31.5 About the Authors;
Part VI: The Classics;
Chapter Thirty Two: Users Are Not the Enemy;
32.1 The Study;
32.2 Users Lack Security Knowledge;
32.3 Security Needs User-Centered Design;
32.4 Motivating Users;
32.5 Users and Password Behavior;
32.6 About the Authors;
Chapter Thirty Three: Usability and Privacy: A Study of KaZaA P2P File Sharing;
33.1 Introduction;
33.2 Usability Guidelines;
33.3 Results of the Cognitive Walkthrough;
33.4 A Two-Part User Study;
33.5 Conclusion;
33.6 Acknowledgments;
33.7 About the Authors;
Chapter Thirty Four: Why Johnny Can't Encrypt;
34.1 Introduction;
34.2 Understanding the Problem;
34.3 Evaluation Methods;
34.4 Cognitive Walkthrough;
34.5 User Test;
34.6 Conclusion;
34.7 Related Work;
34.8 Acknowledgments;
34.9 About the Authors;
Colophon;

About the author

Dr. Lorrie Faith Cranor is an Associate Research Professor in the School of Computer Science at Carnegie Mellon University. She is a faculty member in the Institute for Software Research, International and in the Engineering and Public Policy department. She is director of the CMU Usable Privacy and Security Laboratory (CUPS).

Summary

There is increasing agreement that we need to design secure computer systems that people can actually use, but less agreement about how to reach this goal. This work collects 34 essays from leading security and human-computer interaction researchers on authentication, privacy and anonymity, secure systems, commercialization, and more.

Report

"[F]achlich fundiert, leicht verständlich geschrieben und interessant zu lesen. [...] Dank der geschickten Verbindung von theoretischen Grundlagen und praktischen Anwendungen eignet sich das Buch meines Erachtens sowohl für Studierende an Fachhochschulen und Universitäten wie auch für Praktiker." - Dr. Udo Hönig, Europäische Fachhochschule Rhein/Erft, Dezember 2012