Welcome to P K Kelkar Library, Online Public Access Catalogue (OPAC)

Normal view MARC view ISBD view

Usable security : : history, themes, and challenges /

By: Garfinkel, Simson [author.].
Contributor(s): Lipford, Heather Richter [author.].
Material type: materialTypeLabelBookSeries: Synthesis digital library of engineering and computer science: ; Synthesis lectures on information security, privacy, and trust: # 11.Publisher: San Rafael, California (1537 Fourth Street, San Rafael, CA 94901 USA) : Morgan & Claypool, 2014.Description: 1 PDF (xiv, 150 pages) : illustrations.Content type: text Media type: electronic Carrier type: online resourceISBN: 9781627055307.Subject(s): Computer security | Data protection | usable privacy and security | passwords | device pairing | privacy | authentication | privacy policiesDDC classification: 005.8 Online resources: Abstract with links to full text | Abstract with links to resource Also available in print.
Contents:
1. Introduction -- 1.1 Why usable privacy and security is hard -- 1.2 Why usable security research is hard -- 1.3 This book -- 1.4 Methodology -- 1.5 Scope -- 1.6 Definitions -- 1.6.1 Security -- 1.6.2 Usability -- 1.6.3 Privacy -- 1.7 Related surveys and studies --
2. A brief history of usable privacy and security research -- 2.1 Early work (1975-1995) -- 2.2 The birth of UPS (1995-2000) -- 2.3 Creation of the UPS research community (2000-2005) -- 2.4 Mechanical Turk -- 2.5 Current UPS publishing venues --
3. Major themes in UPS academic research -- 3.1 User authentication -- 3.1.1 Text passwords -- 3.1.2 Password managers -- 3.1.3 Graphical authentication -- 3.1.4 Biometrics -- 3.1.5 Token-based authentication -- 3.1.6 Mental computation and one-time passwords -- 3.1.7 CAPTCHAs -- 3.1.8 Fallback and backup authentication -- 3.2 Email security and PKI -- 3.2.1 Automatic, transparent encryption -- 3.2.2 Future of secure messaging -- 3.3 Anti-phishing efforts -- 3.3.1 A brief history of phishing -- 3.3.2 Passive security indicators -- 3.3.3 Active security warnings -- 3.3.4 Training -- 3.3.5 Password managers -- 3.4 Storage -- 3.5 Device pairing -- 3.6 Web privacy and fair information practice -- 3.6.1 Privacy policies -- 3.6.2 P3P -- 3.6.3 Behavioral advertising -- 3.6.4 Summary -- 3.7 Policy specification and interaction -- 3.8 Mobile security and privacy -- 3.8.1 Location privacy -- 3.8.2 Application platforms -- 3.8.3 Mobile authentication -- 3.9 Social media privacy -- 3.10 Security administrators --
4. Lessons learned -- 4.1 Reduce decisions -- 4.2 Safe and secure defaults -- 4.3 Provide users with better information, not more information -- 4.4 Users require clear context to make good decisions -- 4.5 Information presentation is critical -- 4.6 Education works, but has limits --
5. Research challenges -- 5.1 Subject challenge: authentication -- 5.2 Subject challenge: adversary modeling -- 5.3 Subject challenge: administrators and system administration -- 5.4 Subject challenge: consumer privacy -- 5.5 Subject challenge: social computing -- 5.6 Domain challenge: ecological validity -- 5.7 Domain challenge: teaching --
6. Conclusion: the next ten years -- Bibliography -- Authors' biographies.
Abstract: There has been roughly 15 years of research into approaches for aligning research in Human Computer Interaction with computer Security, more colloquially known as "usable security." Although usability and security were once thought to be inherently antagonistic, today there is wide consensus that systems that are not usable will inevitably suffer security failures when they are deployed into the real world. Only by simultaneously addressing both usability and security concerns will we be able to build systems that are truly secure. This book presents the historical context of the work to date on usable security and privacy, creates a taxonomy for organizing that work, outlines current research objectives, presents lessons learned, and makes suggestions for future research.
    average rating: 0.0 (0 votes)
Item type Current location Call number Status Date due Barcode Item holds
E books E books PK Kelkar Library, IIT Kanpur
Available EBKE588
Total holds: 0

Mode of access: World Wide Web.

System requirements: Adobe Acrobat Reader.

Part of: Synthesis digital library of engineering and computer science.

Includes bibliographical references (pages 109-147).

1. Introduction -- 1.1 Why usable privacy and security is hard -- 1.2 Why usable security research is hard -- 1.3 This book -- 1.4 Methodology -- 1.5 Scope -- 1.6 Definitions -- 1.6.1 Security -- 1.6.2 Usability -- 1.6.3 Privacy -- 1.7 Related surveys and studies --

2. A brief history of usable privacy and security research -- 2.1 Early work (1975-1995) -- 2.2 The birth of UPS (1995-2000) -- 2.3 Creation of the UPS research community (2000-2005) -- 2.4 Mechanical Turk -- 2.5 Current UPS publishing venues --

3. Major themes in UPS academic research -- 3.1 User authentication -- 3.1.1 Text passwords -- 3.1.2 Password managers -- 3.1.3 Graphical authentication -- 3.1.4 Biometrics -- 3.1.5 Token-based authentication -- 3.1.6 Mental computation and one-time passwords -- 3.1.7 CAPTCHAs -- 3.1.8 Fallback and backup authentication -- 3.2 Email security and PKI -- 3.2.1 Automatic, transparent encryption -- 3.2.2 Future of secure messaging -- 3.3 Anti-phishing efforts -- 3.3.1 A brief history of phishing -- 3.3.2 Passive security indicators -- 3.3.3 Active security warnings -- 3.3.4 Training -- 3.3.5 Password managers -- 3.4 Storage -- 3.5 Device pairing -- 3.6 Web privacy and fair information practice -- 3.6.1 Privacy policies -- 3.6.2 P3P -- 3.6.3 Behavioral advertising -- 3.6.4 Summary -- 3.7 Policy specification and interaction -- 3.8 Mobile security and privacy -- 3.8.1 Location privacy -- 3.8.2 Application platforms -- 3.8.3 Mobile authentication -- 3.9 Social media privacy -- 3.10 Security administrators --

4. Lessons learned -- 4.1 Reduce decisions -- 4.2 Safe and secure defaults -- 4.3 Provide users with better information, not more information -- 4.4 Users require clear context to make good decisions -- 4.5 Information presentation is critical -- 4.6 Education works, but has limits --

5. Research challenges -- 5.1 Subject challenge: authentication -- 5.2 Subject challenge: adversary modeling -- 5.3 Subject challenge: administrators and system administration -- 5.4 Subject challenge: consumer privacy -- 5.5 Subject challenge: social computing -- 5.6 Domain challenge: ecological validity -- 5.7 Domain challenge: teaching --

6. Conclusion: the next ten years -- Bibliography -- Authors' biographies.

Abstract freely available; full-text restricted to subscribers or individual document purchasers.

Compendex

INSPEC

Google scholar

Google book search

There has been roughly 15 years of research into approaches for aligning research in Human Computer Interaction with computer Security, more colloquially known as "usable security." Although usability and security were once thought to be inherently antagonistic, today there is wide consensus that systems that are not usable will inevitably suffer security failures when they are deployed into the real world. Only by simultaneously addressing both usability and security concerns will we be able to build systems that are truly secure. This book presents the historical context of the work to date on usable security and privacy, creates a taxonomy for organizing that work, outlines current research objectives, presents lessons learned, and makes suggestions for future research.

Also available in print.

Title from PDF title page (viewed on October 16, 2014).

There are no comments for this item.

Log in to your account to post a comment.

Powered by Koha