Presentation is loading. Please wait.

Presentation is loading. Please wait.

Class 20 Usability CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman

Published byAudrey James Modified over 9 years ago

Similar presentations

Presentation on theme: "Class 20 Usability CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman"— Presentation transcript:

1 Class 20 Usability CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman http://www.cis.ksu.edu/~eyv/CIS755_S14/

2 Administrative stuff TEVAL offered – please fill it out :) No class or office hours next week Quiz on Thursday Final project due Tuesday, May 13 th, by 2:00 PM (email) Today: – Survey – Exam II returned

3 Papers “In search of usable security”… – Practical, sysadmin-ish “Shake well before use”… – Research – ease of application of known primitive (key agreement) “Seeing-is-believing” – Research – ease of application of known primitive (public keys)

4 User is not a 4-letter word! Software is used by people! – Psychology (we all have it) HCI (human-computer interaction) Human factors Usability “Return” vs. “enter” story

5 I’m sure this is someone’s law… If a security system is too difficult to use, users will find a way to get around it – Corollary: Getting the job done is more important than security Has more immediate potentially bad outcomes

6 A bit of historical background 1999: Why Johnny can’t encrypt 2003: Humans in the loop: Human-computer interaction and security 2006: Why Johnny still can't encrypt: Evaluating the usability of email encryption software 2011: Why (special agent) Johnny (still) can't encrypt: A security analysis of the APCO project 25 two-way radio system

7 It’s more complex than you think! Non-expert users – Novice users – never used a computer? Security “signals” – Desensitization Types of mistakes

8 Real-world examples … you’d be amazed! Enterprise PKI/SSO K-State system – Password change Identity: who are you?? Demo (I hope this works!) – TrueCrypt

9 References Papers in notes fields (other slides) Assigned papers Norman’s “Design of Everyday Things” Actually, read all of Norman’s books :)

10 Back to the papers – “In search of usable security”… – “Shake well before use”… – “Seeing-is-believing” Problems? Vulnerabilities? Questions?

11 TrueCrypt – Lessons learned PROBLEM: Security software usability stinks SOLUTION: Improve it – Measurably! CONTRIBUTION: A vastly and provably improved TrueCrypt interface – Functionality-preserving

12 Old Wizard – Step 1

13 Old Wizard – Step 2

14 Old Wizard – Step 3

15 Old Wizard – Step 4

16 Old Wizard – Step 5

17 Old Wizard – Step 6

18 Browser warnings

19 Questions? Reading discussion

Download ppt "Class 20 Usability CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman"

Similar presentations

Slides will automatically advance Back to Online demo Welcome to the Safety Insite. com.

Slides will automatically advance Back to Online demo Welcome to the Safety Insite. com.
Class 9 Physical Security and DRM CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman

Class 9 Physical Security and DRM CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman
CGS 1000-SPRING 2008 Introduction to Computers and TechnologyIntroduction to Computers and Technology.

CGS 1000-SPRING 2008 Introduction to Computers and TechnologyIntroduction to Computers and Technology.
Introduction to Computer Programming I CSE 113

Introduction to Computer Programming I CSE 113
Class 1 Background, Tools, and Trust CIS 755: Advanced Computer Security Spring 2015 Eugene Vasserman

Class 1 Background, Tools, and Trust CIS 755: Advanced Computer Security Spring 2015 Eugene Vasserman
CPSC 481 Foundations and Principles of Human Computer Interaction

CPSC 481 Foundations and Principles of Human Computer Interaction
Department of Computer Science

Department of Computer Science
Saul Greenberg CPSC 481 Foundations and Principles of Human Computer Interaction James Tam.

Saul Greenberg CPSC 481 Foundations and Principles of Human Computer Interaction James Tam.
CIS101 Introduction to Computing Week 11 Spring 2004.

CIS101 Introduction to Computing Week 11 Spring 2004.
ELessons in JCSE – status report Zoran Putnik, Zoran Budimac.

ELessons in JCSE – status report Zoran Putnik, Zoran Budimac.
BA271 -- Week 10 Course overview, ideas about the IS field’s future Dave Sullivan.

BA Week 10 Course overview, ideas about the IS field’s future Dave Sullivan.
Saul Greenberg CPSC 481 Foundations and Principles of Human Computer Interaction James Tam.

Saul Greenberg CPSC 481 Foundations and Principles of Human Computer Interaction James Tam.
Graphical User Interfaces Design and usability Saul Greenberg Professor University of Calgary Slide deck by Saul Greenberg. Permission is granted to use.

Graphical User Interfaces Design and usability Saul Greenberg Professor University of Calgary Slide deck by Saul Greenberg. Permission is granted to use.
213: User Interface Design & Development Professor: Tapan Parikh TA: Eun Kyoung Choe

213: User Interface Design & Development Professor: Tapan Parikh TA: Eun Kyoung Choe
Need your MyMathLab card with your access code Need a Valid E-Mail Address Need to know Purdue’s zip code is 47907 and your course ID for your Class You.

Need your MyMathLab card with your access code Need a Valid Address Need to know Purdue’s zip code is and your course ID for your Class You.
Semester wrap-up …my final slides.. More on HCI Class on Ubiquitous Computing next spring Courses in visualization, virtual reality, gaming, etc. where.

Semester wrap-up …my final slides.. More on HCI Class on Ubiquitous Computing next spring Courses in visualization, virtual reality, gaming, etc. where.
Semester wrap-up …the final slides.. The Final  December 13, 3:30-4:45 pm  Closed book, one page of notes  Cumulative  Similar format and length to.

Semester wrap-up …the final slides.. The Final  December 13, 3:30-4:45 pm  Closed book, one page of notes  Cumulative  Similar format and length to.
Need your MyMathLab card with your access code Need a Valid E-Mail Address Need to know Purdue’s zip code is 47907 and your course ID for your Class You.

Need your MyMathLab card with your access code Need a Valid Address Need to know Purdue’s zip code is and your course ID for your Class You.
Usable Privacy and Security Course Overview Lorrie Cranor, Jason Hong, Mike Reiter Grad students and juniors and seniors –Tended to be HCI, CS, Public.

Usable Privacy and Security Course Overview Lorrie Cranor, Jason Hong, Mike Reiter Grad students and juniors and seniors –Tended to be HCI, CS, Public.
Need your MyMathLab card with your access code Need a Valid E-Mail Address Need to know Purdue’s zip code is 47907 and your course ID for your Class You.

Need your MyMathLab card with your access code Need a Valid Address Need to know Purdue’s zip code is and your course ID for your Class You.

Similar presentations

Ads by Google