Paul Dourish
David Redmiles
ABSTRACT
The thorny problem of usability has been recognized in the security community for many years, but has, so far, eluded systematic solution. We characterize the problem as a gap between theoretical and effective levels of security, and consider the characteristics of the problem. The approach we are taking focuses on visibility -- how can we make relevant features of the security context apparent to users, in order to allow them to make informed decisions about their actions and the potential implications of those actions?
- Ackerman, M. and Cranor, L. 1999. Privacy Critics: UI Components to Safeguard Users' Privacy. Adjunct Proceedings of CHI'99 (Short Papers), 258--259.]] Google Scholar
Digital Library
- Ackerman, M., Cranor, L., and Reagle, J. 1999. Privacy in E-Commerce: Examining User Scenarios and Privacy Preferences. ACM Conf. on Electronic Commerce, 1--8. ACM.]] Google ScholarDigital Library
- Adams, A. and Sasse, M. A. 1999. Users Are Not The Enemy: Why users compromise security mechanisms and how to take remedial measures. Comm. ACM, 42(12), 40--46.]] Google ScholarDigital Library
- Adams, A., Sasse, M. A., and Lunt, P. 1997. Making Passwords Secure and Usable. In Thimbleby, H. O'Connaill, B., and Thomas, P. (eds), People and Computers XII: Proceedings of HCI'97, 1--19. Springer.]] Google ScholarDigital Library
- Ames, S., Gasser, M., and Schell, R. 1983. Security Kernel Design and Implementation: An Introduction. IEEE Computer, 16, 7, 14--22.]]Google ScholarDigital Library
- Anderson, R. 1993. Why Cryptosystems Fail. Proc. ACM Conf. Computer and Communication Security CCS'93, 215--227. ACM.]] Google ScholarDigital Library
- Bellotti, V. and Sellen, A. 1993. Design for Privacy in Ubiquitous Computing Environments. Proc. European Conf. Computer-Supported Cooperative Work ECSCW'93, 77--92. Kluwer.]] Google ScholarDigital Library
- Bernaschi, M., Gabrielli, E., and Mancini, L. 2000. Operating System Enhancements to Prevent the Misuse of System Calls. Proc. ACM Conf. Computer and Communication Security, 174--183. New York: ACM.]] Google ScholarDigital Library
- Blumenthal, M. and Clark, D. 2001. Rethinking the Design of the Internet: the end-to-end arguments vs. the brave new world. ACM Trans. Internet Technology, l(1), 70--109.]] Google ScholarDigital Library
- Brostoff, S. and Sasse, M. A. 2000. Are Passfaces more usable than passwords? A field trial investigation. In S. McDonald, Y. Waern & G. Cockton (Eds.): People and Computers XIV - Usability or Else! Proceedings of HCI 2000, 405--424. Springer.]]Google Scholar
- Carzaniga, A., Rosenblum, D., and Wolf, A. 2001. Design and Evaluation of a Wide-Area Notification Service. ACM Trans. Computer Systems, 19(3), 332--383.]] Google ScholarDigital Library
- Cohen, D., Feather, M., Narayanaswamy, K., Fickas, S. 1997. Automatic monitoring of software requirements. Proceedings of the 1997 International Conference on Software Engineering, ICSE 97 (Boston, MA), 602--603.]] Google ScholarDigital Library
- Denning, D. 1987. An Intrusion-Detection Model. IEEE Trans. Software Engineering, 13(2), 222--232.]] Google ScholarDigital Library
- Dewan, P. and Shen, H. 1998. Flexible Meta Access-Control for Collaborative Applications Primitives for Building Flexibile Groupware Systems. Proceedings of ACM Conference on Computer-Supported Cooperative Work CSCW'98, 247--256. ACM.]] Google ScholarDigital Library
- Dhamija, R. and Perrig, A. 2000. Deja Vu: A User Study. Using Images for Authentication. In Proceedings of the 9th USENIX Security Symposium, Denver, Colorado.]] Google ScholarDigital Library
- Dourish, P. 1993. Culture and Control in a Media Space. Proc. European Conf. Computer-Supported Cooperative Work ECSCW'93, 125--137. Kluwer.]] Google ScholarDigital Library
- Dourish, P. and Bellotti, V. 1992. Awareness and Coordination in Shared Workspaces. Proc. ACM Conf. Computer-Supported Cooperative Work CSCW'92, 107--114. New York: ACM.]] Google ScholarDigital Library
- Dourish, P., Swinehart, D., and Theimer, M. 2000. The Doctor is In: Helping End-Users Understand the Health of Distributed Systems. Proc. 11th IEEE/IFIP Workshop on Distributed Systems Operation and Management DSOM 2000. IEEE.]] Google ScholarDigital Library
- Dourish, P. and Byttner, J. 2002. A Visual Virtual Machine for Java Programs: Exploration and Early Experiences. Proc. ICDMS Workshop on Visual Computing (San Francisco, CA.)]]Google Scholar
- Finkel, R. 1997. Pulsar: An Extensible Tool for Monitoring Large UNIX Sites. Software Practice and Experience, 27(10). 1163--1176.]] Google ScholarDigital Library
- Fitzpatrick, G., T. Mansfield, et al. 1999. Augmenting the workaday world with Elvin, Proceedings of 6th European Conference on Computer Supported Cooperative Work ECSCW'99, 431--450. Kluwer.]] Google ScholarDigital Library
- Greenberg, S and Marwood, D. 1994. Real-Time Groupware as a Distributed System: Concurrency Control and its Effect on the Interface. Proc. ACM Conf. Computer-Supported Cooperative Work CSCW'94, 207--218. ACM.]] Google ScholarDigital Library
- Henning, R. 2000. Security Service Level Agreements: Quantifiable Security for the Enterprise? Proc. New Security Paradigm Workshop (Ontario, Canada), 54--60. ACM.]] Google ScholarDigital Library
- Hilbert, D. and Redmiles, D. 1998. An Approach to Large- Scale Collection of Application Usage Data Over the Internet, Proceedings of the Twentieth International Conference on Software Engineering (ICSE '98), Kyoto, Japan), IEEE Computer Society Press, 136--145.]] Google ScholarDigital Library
- Hilbert, D. and Redmiles, D. 2001. Large-Scale Collection of Usage Data to Inform Design, Eighth IFIP TC 13 Conference on Human-Computer Interaction INTERACT 2001 (Tokyo, Japan), 569--576.]]Google Scholar
- Irvine, C. and Levin, T. 1999. Towards a Taxonomy and Costing Method for Security Services. Proc. 15th Annual Computer Security Applications Conference. IEEE.]] Google ScholarDigital Library
- Irvine, C. and Levin, T. 2001. Quality of Security Service. Proc. ACM New Security Paradigms Workshop, 91--99.]] Google ScholarDigital Library
- Kahn, D. 1967. The Codebreakers. Macmillan.]]Google Scholar
- Kantor, M., Redmiles, D. 2001. Creating an Infrastructure for Ubiquitous Awareness, Eighth IFIP TC 13 Conference on Human-Computer Interaction INTERACT 2001 (Tokyo, Japan), 431--438.]]Google Scholar
- Kelsey, J., Schneier, B., Wagner, D., and Hall, C. 1998. Cryptanalytic Attacks on Pseudorandom Number Generators. Proc. Intl. Workshop on Fast Software Encryption, 168--188. Springer-Verlag.]] Google ScholarDigital Library
- Kemmerer, R., Meadows, C., and Millen, J. 1994. Three Systems for Cryptographic Protocol Analysis. Journal of Cryptology, 7(2), 79--130.]]Google ScholarDigital Library
- Lakoff, G. 1992. The Contemporary Theory of Metaphor. In Ortony (ed), Metaphor and Thought (2nd Edition). Cambridge University Press.]]Google Scholar
- Lunt, T. and Jagannathan. 1988. A Prototype Real-Time Intrusion-Detection Export System. Proc. IEEE Symposium on Security and Privacy, 59--66. New York: IEEE.]]Google Scholar
- Luckham, D. 1998. Rapide: a language and toolset for causal event modeling of distributed system architectures. Proc. Second International Conference Proceedings Worldwide Computing and Its Applications - WWCA'98 (Tsukuba, Japan), 88--96.]] Google ScholarDigital Library
- Maglio, P. and Matlock, T. 1999. The Conceptual Structure of Information Space. In Mundo, Benyon, and Hook (eds), Social Nagivation of Information Space, 155--173. Springer.]]Google Scholar
- Munzer, T., Hoffman, E., Claffy, K., and Fenner, B. 1996. Visualizing the Global Topology of the MBone. Proc. of the Symposium on Information Visualization (San Francisco, CA). New York: IEEE.]] Google ScholarDigital Library
- Rimmer, J., Wakeman, I., Sheeran, L., and Sasse, M. A. 1999. Examining Users' Repertaoir of Internet Applications. In Sasse and Johnson (eds), Human-Computer Interaction: Proceedings of Interact'99.]]Google Scholar
- Saltzer, J. and Schroeder, M. 1975. The Protection of Information in Computer Systems. Proceedings of the IEEE, 63(9), 1278--1308.]]Google ScholarCross Ref
- Saltzer, J., Reed, D., and Clark, D. 1981. End-to-End Arguments in System Design. ACM Trans. Computer Systems, 2(4), 277--288.]] Google ScholarDigital Library
- Schneier, B. 2000. Secrets and Lies: Digital Security in a Networked Word. Wiley.]] Google ScholarDigital Library
- Schneier, B. and Mudge. 1998. Cryptanalysis of Microsoft's Point-to-Point Tunnelling Protocol (PPTP). Proc. ACM Conf. Computer and Communication Security, 132--141. New York: ACM.]] Google ScholarDigital Library
- di Sessa, A. 1983. Phenomenology and the Evolution of Intuition. In Gentner and Stevens (eds), Mental Models. Hillsdale, NJ: Laurence Erlbaum.]]Google Scholar
- Shen, H. and Dewan, P. 1992. Access Control for Collaborative Environments. Proc. ACM Conf. Computer-Supported Cooperative Work CSCW'92, 51--58. ACM.]] Google ScholarDigital Library
- Smaha, S. 1988. Haystack: An Intrusion Detection System. Proc. Aerospace Computer Security Applications Conference, 37--44.]]Google ScholarCross Ref
- de Souza, C., Basaveswara, S., Redmiles, D. 2002. Lessons Learned Using with Notification Servers to Support Application Awareness, Department of Information and Computer Science, University of California, Irvine, Technical Report #02-11.]]Google Scholar
- Spyropoulou, E., Levin, T., and Irvine, C. 2000. Calculating Costs for Quality of Security Service. Proc. 16th Computer Security Applications Conference. IEEE.]] Google ScholarDigital Library
- Thomsen, D. and Denz, M. 1997. Incremental Assurance for Multilevel Applications. Proc. 13th Annual Computer Security Applications Conference. IEEE.]] Google ScholarDigital Library
- Wagner, D., Foster, J., Brewer, E., and Aiken, A. 2000. A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities. Proc. Networked and Distributed Systems Security Symposium. Internet Society.]]Google Scholar
- Weirich, D. and Sasse, M. A. 2001. Pretty Good Persuasion: A first step towards effective password security for the Real World. Proceedings of the New Security Paradigms Workshop 2001 (Sept. 10--13, Cloudcroft, NM), 137--143. ACM Press.]] Google ScholarDigital Library
- Whitten, A. and Tygar, J. D. 1999. Why Johnny Can't Encrypt: A Usability Evaluation of PGP 5.0. Proc. Ninth USENIX Security Symposium.]] Google ScholarDigital Library
- Zurko, M. E. and Simon, R. 1996. User-Centered Security. Proc. New Security Paradigms Workshop. ACM.]] Google ScholarDigital Library
Index Terms
- An approach to usable security based on event monitoring and visualization
Recommendations
Refining the Understanding of Usable Security
HCI for Cybersecurity, Privacy and TrustAbstractCybersecurity technologies and processes must be usable if users are to make effective use of protection. Many security practitioners accept the value of usable security, but few can precisely define it in practice and in terms of how it ...
Making security usable: Are things improving?
Given the increased focus on the need for usable security, it is now to be hoped that the issue will receive greater attention in new software releases. Unfortunately, however, there is still evidence to suggest that usable security receives ...
USEable security: interface design strategies for improving security
VizSEC '06: Proceedings of the 3rd international workshop on Visualization for computer securityAs people start depending more on technology and the internet they are opening themselves up to new risks. In this project, we specifically investigated wireless router interfaces to understand the needs of users when they configure security. Two ...
Reviews
Gordon B. Davis
This is essentially a progress report on a project investigating a different approach to usable security in networked systems. The report focuses on the underlying concepts of the approach being developed and tested. The approach separates effective security (that which can practically be achieved) from theoretically or technically feasible security. Recognizing that security is achieved in both the application and the infrastructure, a user needs to understand whether end-to-end security is sufficient for the current tasks. The research is based on visual depictions of the system that allow the user to understand what the system is doing, and to develop accurate intuitions about the behavior of the system, with respect to security. This short paper presents interesting concepts and ideas for creating the system; it will be interesting to read about the results in future papers. Online Computing Reviews Service
Access critical reviews of Computing literature here
Become a reviewer for Computing Reviews.
Comments