1 / 1

The Power of the Administrator versus the Security of the User

The Power of the Administrator versus the Security of the User Research Question Uninformed home computer users are increasingly being targeted by attackers Many home users do not practice the principle of least privilege , leaving them even more vulnerable.

issac
Download Presentation

The Power of the Administrator versus the Security of the User

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The Power of the Administrator versus the Security of the User • Research Question • Uninformed home computer users are increasingly being targeted by attackers • Many home users do not practice the principle of least privilege, leaving them even more vulnerable. • We explored what might cause a person to use their machine with full privileges rather than minimal privileges and designed a user interface that makes the most secure system setup the obvious choice. • User Study • We divided the participants into two groups. One group was tested on our enhanced interface and the other group, the control group, was tested on an interface that simulated current Windows XP functionality. • All participants asked to set up a computer for a fictitious family of four. The scenario described the level of computer expertise of each family member and how each hoped to use the computer. • Findings • Participants using our enhanced interface were more likely limit the number of administrator accounts. • Our enhanced login interface, which places users and administrators in separate categories with users listed on top with bigger icons, may encourage people not to login as an administrator for day-to-day tasks. • The study revealed that all of the participants understood that administrators have more power than normal users but only a few could explicitly describe the tasks that only an administrator can perform. • Problems With Windows XP • Windows XP allows two primary account types: administrator and limited. The term limited has negative connotations and may not appeal to users. • All accounts created during the initial setup are automatically given administrator privileges . • The interface does not encourage users to login to the system using a limited account. • Our Design • Our interface guides the user to create a minimal number of administrator accounts and to make the rest of the accounts limited accounts, which we refer to using the more neutral term useraccounts .It also encourages the user to login to the system with a useraccount instead of an administrator one. • We moved the assignment of account types to the setup process. This is more intuitive than making the user search for this functionality later. Anne Faber, Yiming Sun, Minaxi Gupta, Kay Connelly, Raquel Hill, and Adity Mutsuddi Indiana University, Bloomington

More Related