Usable Security Amir Houmansadr CS660: Advanced Information Assurance Spring 2015 Content may be borrowed from other resources. See the last slide for.

Slides:



Advertisements
Similar presentations
A General Framework for Developing Military Training Apps on Android Devices Presented at I/ITSEC 2012 Jeremy Ludwig Stottler Henke Associates.
Advertisements

ANNUAL SECURITY AWARENESS TRAINING – 2011 UMW Information Technology Security Program Annual Security Awareness Training for UMW Faculty and Staff.
INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
Censorship Resistance: Decoy Routing Amir Houmansadr CS660: Advanced Information Assurance Spring 2015 Content may be borrowed from other resources. See.
Network Detective Prepared For: ABC Corp Prepared By: Roger G. Best.
Information Hiding: Watermarking and Steganography
Introduction and Logistics Amir Houmansadr CS660: Advanced Information Assurance Spring 2015.
Hardware Security: Trusted Platform Module Amir Houmansadr CS660: Advanced Information Assurance Spring 2015 Content may be borrowed from other resources.
Part 2 of Evil Lurking in Websites Data Security at the University of Wisconsin Oshkosh.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
Privacy-preserving Services: Social Networks Amir Houmansadr CS660: Advanced Information Assurance Spring 2015 Content may be borrowed from other resources.
Security and Privacy of Future Internet Architectures: Named-Data Networking Amir Houmansadr CS660: Advanced Information Assurance Spring 2015 Content.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Authentication for Humans Rachna Dhamija SIMS, UC Berkeley DIMACS Workshop on Usable Privacy and Security Software July 7, 2004.
Usable Privacy and Security Carnegie Mellon University Spring 2007 Cranor/Hong 1 Course Overview January 16, 2007.
How to Login into SSA ?. Home Page Click on My Profile.
Title: The Internet LO: Security risks. Security risks Types of risks: 1.Phishing 2.Pharming 3.Spamming 4.Spyware 5.Cookies 6.Virus.
Trend Micro Deployment Kelvin Hwang IT Services University of Windsor.
Introduction to Network Defense
How It Applies In A Virtual World
September 2007 General Security Basics Your Responsibilities for Safe Computing.
Sybase Confidential Propriety.iAnywhere ConfidentialiAnywhere Confidential Proprietary.Sybase Confidential Propriety. Addressing the Challenges of Device.
Threats to I.T Internet security By Cameron Mundy.
Prepared By, Mahadir Ahmad. StopBadware makes the Web safer through the prevention, mitigation, and remediation of badware websites. partners include.
Information Security and YOU!. Information Assurance Outreach Information Security Online Security Remote Access with Demonstration The Cloud Social.
Component 4: Introduction to Information and Computer Science Unit 8: Security Lecture 2 This material was developed by Oregon Health & Science University,
Amir Houmansadr CS660: Advanced Information Assurance Spring 2015
Economics of Malware: Spam Amir Houmansadr CS660: Advanced Information Assurance Spring 2015 Content may be borrowed from other resources. See the last.
IT Security Essentials Lesley A. Bidwell, IT Security Administrator.
© Hodder Gibson 2012 Staying safe online. © Hodder Gibson 2012 Dangers on the Internet There are a number of dangers on the Internet such as: viruses.
Computer Security Preventing and Detecting Unauthorized Use of Your Computer.
 Definition  Components  Advantages  Limitations Contents  Definition Definition  Functions Functions.
 INADEQUATE SECURITY POLICIES ›Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA.
Desktop computer security policies Applies to ALL computers connecting to the PathStone network irrespective of device ownership.
HDSB Security Awareness Training. Introduction Good security standards follow the 90/10 rule: 10% of security safeguards are technical. 90% of security.
Traffic Analysis: Network Flow Watermarking Amir Houmansadr CS660: Advanced Information Assurance Spring CS660 - Advanced Information Assurance.
How can IT help you today?. Agenda Why Do You Care? What Are The Risks? What Can You Do? Questions? How can IT help you today? 2.
CCT355H5 F Presentation: Phishing November Jennifer Li.
INTERNET REVIEW. Which of the websites shown below is secure, how do you know?
INTERNET: The Good, The Bad and The Ugly
INTERNET SAFETY FOR KIDS
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Kamran Didcote.
Internet safety By Suman Nazir
Software for Cyber Hygiene © 2014 Project Lead The Way, Inc.Computer Science and Software Engineering.
Julie Latham Digital Citizenship: An Informational Guide.
Chapter 3 Pre-Incident Preparation Spring Incident Response & Computer Forensics.
Phishing Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money)
Internet safety. Dangers of a poor password How people guess your password Your partner, child, or pet's name, possibly followed by a 0 or 1 The last.
Confidentiality, Integrity, Awareness What Does It Mean To You.
Digital Security Jesline James! 9cc. Contents  The CREATORS!!!! =] The CREATORS!!!! =]  What is Digital Security? What is Digital Security?  How does.
Web 2.0 Tools. Podcasts are an audio broadcast which has been converted to an mp3 file for playback in a digital music player. Podcast can be solicited.
Safe Computing Practices. Outline Objective Safe Computing Defined Safe Computing Methods Summary List of References.
Blogs How to use the bog safely and secure? Create new username. Create a strong password to your account. Create the password to your uploaded files.
WELCOME Topic: Peoples and Machines. Definition People and machines is a concept that includes all of the issues that relate to how people interact with.
KASPERSKY INTERNET SECURITY multi-device  Average number of devices in households: 4.5  Consumer device diversity will continue to expand.
What can you do? Find information Check spelling Find out how you learn best Plan your learning and revision Get help from others Use online dictionaries,
Ransomware BISD Technology Department. Ransomware Ransomware is a type of malicious software (malware) that infects a computer and/or mobile device and.
Gmail is one of the finest service which is free, advertising-supported service developed by google. User can easily access gmail on the web.
P-Card Cardholder Training
Outlook Mobile App for Android
How to have an Espresso Espresso User Guide.
Patient access Forgotten password
Network security threats
Information Protection & Cyber Security
What is an Operating System?
Education – Partnership – Solutions
Call AVG Antivirus Support | Fix Your PC
Web Programming– UFCFB Lecture-4
This is a typical Windows user desktop
TITLE OF THE PRESENTATION
Presentation transcript:

Usable Security Amir Houmansadr CS660: Advanced Information Assurance Spring 2015 Content may be borrowed from other resources. See the last slide for acknowledgements!

Tradeoffs Between Usability and Security Continuously patch your machine, or get compromised Beware of phishing websites Frequently run CPU/memory-intensive antiviruses Deploy stringent firewall software Use different passwords for different websites, do not write them down, pick strong passwords (hard to remember) Do not store sensitive information on mobile devices prone to be lost/stolen CS660 - Advanced Information Assurance - UMassAmherst 2

Usable Security Definition: Security measures developed with attention to usability considerations (Or, to make security measures usable!) A sub-area of security – Less technical, but significantly important CS660 - Advanced Information Assurance - UMassAmherst 3

Secure, but usable? CS660 - Advanced Information Assurance - UMassAmherst 4

How Does Your Password Measure Up? The Effect of Strength Meters on Password Creation Click to see slides from the authors CS660 - Advanced Information Assurance - UMassAmherst 5

Ecological Validity The methods, materials, and setting of the study must approximate the real-world being examined Does the “memorability” results have ecological validity? – Participants likely did not care to remember passwords – Should experiment with real users as opposed to paid users CS660 - Advanced Information Assurance - UMassAmherst 6

Acknowledgement Some of the slides, content, or pictures are borrowed from the following resources, and some pictures are obtained through Google search without being referenced below: 7 CS660 - Advanced Information Assurance - UMassAmherst

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.