140 likes | 430 Views
Security & Usability. Charles Frank. Convenience is the Antithesis to Security. Computer systems must employ mechanisms that are difficult to use!. Complex Mechanisms. Hard to configure Hard to implement correctly This weakens security. Principle of Psychology Acceptability.
E N D
Security & Usability Charles Frank
Convenience is the Antithesis to Security • Computer systems must employ mechanisms that are difficult to use!
Complex Mechanisms • Hard to configure • Hard to implement correctly • This weakens security
Principle of Psychology Acceptability • “It is essential that the human interface be designed for ease of use, so that users routinely and automatically apply the protection mechanism correctly. Also, to the extent that the user’s mental image of his protection goals matches the mechanism he must use, mistakes will be minimized. If he must translate his image of his protection into a radically different specification language, he will make errors.” Jerome Saltzer & Michael Schroeder (1975)
Home Users • No anti-virus • No firewall • Run as administrator • No password • Wireless access point without a password or with the vendor default password and without encryption • Why? • Principle of Psychology Acceptability
Patching • Update functionality or enhance security • Patches can interfere with programs running on a system • XP SP2 • IIS & FTP clients & servers did not work correctly • Games did not work correctly • Principle of Psychology Acceptability
Principle of Psychology Acceptability • Complex configurations lead to errors, and the less computer-savvy the users are, the worse the security problems will be. • “How can one create mechanisms that are easy to install, provide the protection mechanism necessary, and are unobtrusive to use, for people ranging from novice home computer users to system administrators?” – an open question
Humans & Security • Are usability and security competing goals? • Humans are the weakest link in the security chain. • Security systems are social as well as technical. • Security mechanisms require extra work. Humans find shortcuts and workarounds.
Humans & Security • Users will find ways to evade security demands that are considered unreasonable or burdensome. • Build systems that are safe and usable.
Usability & Security • Security experts may reject proposal for improving usability because they might help an attacker. • Require passwords be changed frequently. • Users write them down or put a number at the end. • Security designers should minimize the mental workload that a system creates for users.
Socially Acceptable Security • Require users to lock their screens when they leave their desks. • Their office mates might think that the user does not trust them. • People follow security policies to the letter might be considered “paranoid” or “anal” by their peers. • Psychological acceptability
User-Center Security Design • Security is a supporting task. Security must be designed to support production tasks. • Bring together stakeholders to carry out risk analysis and to consider the practical implications of proposed security mechanisms in the context of use.
User Education • Senior management sometimes exhibit bad security behavior. They are too important to be bother with “petty” security policies. • Organizations must integrate security into their business process for users to care about protecting assets and exhibiting good security behavior.
References • Security and Usability: Designing Secure Systems That People Can Use, ed. Lorrie Faith Cranor & Simson Garfinkel, O’Reilly • Matt Bishop, “Psychological Acceptability Revisited” • M. Angela Sasse & Ivan Flechais, “Usable Security” • Bruce Tognazzi, “Design for Usability”