Usable SecurityReferencesCranor & Garfinkel, Security and Usability, OReillySasse & Flechais, Usable Security: Why Do We Need It? How Do We Get It?McCracken & Wolfe, User Centered Website Development: a Human-Computer Interaction Approach, Prentice Hall.Theofanos & Pfleeger, Shouldnt All Security be Usable, IEEE Security & Privacy
PeoplePeople are the weakest link in the chain of system security.Even a very usable security mechanism is likely to create extra work from the users point of view. It is human nature to look for shortcuts and workarounds, especially when they do not understand why their behavior compromises security.Usability and SecurityUsability and security are often seen as competing design goals.Security mechanisms have to be usable to be effective.Mechanisms that are not employed in practice or that are used incorrectly, provide little or no protection.Human Computer InteractionMany website, applications, and devices have complicated and confusing interfaces.HCI goal is to improve usability.
Why HCI?Competitive advantage.Reduce maintenance cost.Improve productivity.Reduce support cost.How?User-centered design methodology.User testing early and often.InterdisciplinaryPsychologyGraphic DesignTechnical WritingHighly IterativeDESIGNPROTOTYPEEVALUATEREADY TO IMPLEMENTMEET USER SPECIFICATIONS?NOYESUser AnalysisType of usersUsers are probably not like us. Not computer professionals.Design the product with user in mind.Determine who the users are may not be a trivial task.Understand user goalsDesign the product the user wants and will use.OrganizationContent OrganizationUser terminologyHow users group informationVisual OrganizationProximityAlignmentConsistencyContrastOrganizationNavigationHow can users effectively find what they need or do their task.User TestingHigh fidelity Low fidelityComputer prototypePaper prototypePaper Prototyping: A How-To VideoUser Testing with prototypeGive the user a taskHave them think out loudDo not coachRecord whether the user was successful or got confuseRedesign prototype and test on other users.Usable SecurityDo user testing of security mechanisms.Look at the usability of security messages.Incorporate usable design principles into security mechanisms. Problem #5Incorporating usability and security into the software design process.Software DevelopmentOften and security and usability are added at the end of the software development process.Human ProblemCurrent security mechanisms are too complex for many users.Users may not behave in a way for the security mechanisms to be effective.Example:Medical staff remained logged in throughout the day. Circumventing security controls allows efficient patient care.
Usability Design GoalReduce the mental workload to make a security decision.Is this easier said than done?Example:Password policiesLong passwordsMore complex passwordsChange passwords frequently
Mental WorkloadWe do not recall our passwords 100% of the time. We mistype our passwords.Given a large number of attempts, most users log in successfully.When the number of allowed attempts was increased from 3 to 9, the percentage of successful logins was increased from 53% t0 93%.Awkward BehaviorsPolicyUser should lock their computers screens when they are away from their desks.Many users in shared offices do not comply with this policy.Why?Will my colleagues think that I do not trust them?Most users prefer to have a trusting relationship with their colleagues.
Handheld fingerprint ID Device for Law EnforcementShouldnt All Security Be Usable page 12Social BehaviorPeople that follow security policies to the letter are described as paranoid and anal by their peers.If secure systems require users to behave in a manner that conflicts with their norms, values , or self-image, most users will not comply.Where a positive culture is in place, compliance can be a shared value and a source of pride.Users and securityDo users have to be security experts to use systems securely?Users must believe that their assets are under threat and that the security mechanism provides effective protection against the threat.Security is too challengingSecurity makes unreasonable demands on users, system administrators and developers.Users cannot always tell legitimate email from phishing.Security devices are difficult for system administrators to configure.Building secure applications is difficult for developersProblem #6E-Mail Fraud Hides Behind Friendly FaceStatus of Security TodayThe security perimeter has expandedMobile workforceLaptopsSmart phonesWe cannot depend upon technology to protect usFirewalls & IPS are limitedHackers are attacking users rather than network vulnerabilitiesUsers GoalsSecurity is not the primary goal of users.Security must be designed to support production tasks.Security regulations should not interfere with getting your job done.Mental Models for SecurityPsychological acceptability relies on mental models for computer constructs, such as a computer file system with files stored in folders.We need similar effective mental models for the user perception of security, trust, and risk.Complexity and UsabilityAs the security mechanisms grow more complex, they become harder to configure, to manage, to maintain, and to implement correctly.Complexity has the greatest potential to weaken not only usability but also security.Empowering the userWe need to make it easier for the user to do the right thing, hard to do the wrong thing, and easy to recover when the wrong thing happens anyway.Problem #7Netcraft Anti-Phishing Toolbarhttp://toolbar.netcraft.com/Security Messageshttp://msdn.microsoft.com/en-us/library/ms995351.aspx Problem #8Error messages
Click here to load reader