Security and Usability

Designing Secure Systems That People Can Use
Herausgeber: Garfinkel, Simson; Cranor, Lorrie

Leseprobe

Security and Usability - Cranor, Lorrie; Garfinkel, Simson

Leseprobe

Fotogalerie

Lorrie Cranor, Simson Garfinkel

Security and Usability

Designing Secure Systems That People Can Use
Herausgeber: Garfinkel, Simson; Cranor, Lorrie

Broschiertes Buch

Jetzt bewerten Jetzt bewerten

There is increasing agreement that we need to design secure computer systems that people can actually use, but less agreement about how to reach this goal. Destined to be the classic reference in this emerging field, Security & Usability collects 34 groundbreaking essays from leading security and human-computer interaction (HCI) researchers on authentication, privacy and anonymity, secure systems, commercialization, and much more. It is expected to start an avalanche of discussion, new ideas, and further advances in this important field.
Human factors and usability issues have traditionally…mehr

Andere Kunden interessierten sich auch für

Andy Oram
Beautiful Security

42,99 €
Peter Morville
Ambient Findability

25,99 €
Safeguards in a World of Ambient Intelligence

180,99 €
Thomas Akin
Hardening Cisco Routers

21,99 €
Chris Fry
Security Monitoring

47,99 €
Bruce Schneier
Secrets and Lies

24,99 €
Kevin D. Mitnick
The Art of Deception

38,99 €

Produktbeschreibung

There is increasing agreement that we need to design secure computer systems that people can actually use, but less agreement about how to reach this goal. Destined to be the classic reference in this emerging field, Security & Usability collects 34 groundbreaking essays from leading security and human-computer interaction (HCI) researchers on authentication, privacy and anonymity, secure systems, commercialization, and much more. It is expected to start an avalanche of discussion, new ideas, and further advances in this important field.

Human factors and usability issues have traditionally played a limited role in security research and secure systems development. Security experts have largely ignored usability issues--both because they often failed to recognize the importance of human factors and because they lacked the expertise to address them. But there is a growing recognition that today's security problems can be solved only by addressing issues of usability and human factors. Increasingly, well-publicized security breaches are attributed to human errors that might have been prevented through more usable software. Indeed, the world's future cyber-security depends upon the deployment of security technology that can be broadly used by untrained computer users. Still, many people believe there is an inherent tradeoff between computer security and usability. It's true that a computer without passwords is usable, but not very secure. A computer that makes you authenticate every five minutes with a password and a fresh drop of blood might be very secure, but nobody would use it. Clearly, people need computers, and if they can't use one that's secure, they'll use one that isn't. Unfortunately, unsecured systems aren't usable for long, either. They get hacked, compromised, and otherwise rendered useless. There is increasing agreement that we need to design secure systems that people can actually use, but less agreement about how to reach this goal. Security & Usability is the first book-length work describing the current state of the art in this emerging field. Edited by security experts Dr. Lorrie Faith Cranor and Dr. Simson Garfinkel, and authored by cutting-edge security and human-computerinteraction (HCI) researchers world-wide, this volume is expected to become both a classic reference and an inspiration for future research. Security & Usability groups 34 essays into six parts: Realigning Usability and Security---with careful attention to user-centered design principles, security and usability can be synergistic. Authentication Mechanisms-- techniques for identifying and authenticating computer users. Secure Systems--how system software can deliver or destroy a secure user experience. Privacy and Anonymity Systems--methods for allowing people to control the release of personal information. Commercializing Usability: The Vendor Perspective--specific experiences of security and software vendors (e.g.,IBM, Microsoft, Lotus, Firefox, and Zone Labs) in addressing usability. The Classics--groundbreaking papers that sparked the field of security and usability. This book is expected to start an avalanche of discussion, new ideas, and further advances in this important field.

Produktdetails

Produktdetails
Theory In Practice
Verlag: O'Reilly Media
Seitenzahl: 738
Erscheinungstermin: 4. Oktober 2005
Englisch
Abmessung: 233mm x 179mm x 37mm
Gewicht: 1105g
ISBN-13: 9780596008277
ISBN-10: 0596008279
Artikelnr.: 14122951

Produktdetails

Theory In Practice
Verlag: O'Reilly Media
Seitenzahl: 738
Erscheinungstermin: 4. Oktober 2005
Englisch
Abmessung: 233mm x 179mm x 37mm
Gewicht: 1105g
ISBN-13: 9780596008277
ISBN-10: 0596008279
Artikelnr.: 14122951

Autorenporträt

Dr. Lorrie Faith Cranor is an Associate Research Professor in the School of Computer Science at Carnegie Mellon University. She is a faculty member in the Institute for Software Research, International and in the Engineering and Public Policy department. She is director of the CMU Usable Privacy and Security Laboratory (CUPS). Simson Garfinkel is a journalist, entrepreneur, and international authority on computer security. Garfinkel is chief technology officer at Sandstorm Enterprises, a Boston-based firm that develops state-of-the-art computer security tools.

Inhaltsangabe

Preface
Goals of This Book
Audience for This Book
Structure of This Book
Conventions Used in This Book
Safari Enabled
How to Contact Us
Acknowledgments
Part I: Realigning Usability and Security
Chapter One: Psychological Acceptability Revisited
1.1 Passwords
1.2 Patching
1.3 Configuration
1.4 Conclusion
1.5 About the Author
Chapter Two: Why Do We Need It? How Do We Get It?
2.1 Introduction
2.2 Product: Human Factors, Policies, and Security Mechanisms
2.3 Process: Applying Human Factors Knowledge and User-Centered Approaches to Security Design
2.4 Panorama: Understanding the Importance of the Environment
2.5 Conclusion
2.6 About the Authors
Chapter Three: Design for Usability
3.1 Death by Security
3.2 Balance Security and Usability
3.3 Balance Privacy and Security
3.4 Build a Secure Internet
3.5 Conclusion
3.6 About the Author
Chapter Four: Usability Design and Evaluation for Privacy and Security Solutions
4.1 Usability in the Software and Hardware Life Cycle
4.2 Case Study: Usability Involvement in a Security Application
4.3 Case Study: Usability Involvement in the Development of a Privacy Policy Management Tool
4.4 Conclusion
4.5 About the Authors
Chapter Five: Designing Systems That People Will Trust
5.1 Introduction
5.2 The Trust-Risk Relationship
5.3 The Time-Course of Trust
5.4 Models of Trust
5.5 Trust Designs
5.6 Future Research Directions
5.7 About the Authors
Part II: Authentication Mechanisms
Chapter Six: Evaluating Authentication Mechanisms
6.1 Authentication
6.2 Authentication Mechanisms
6.3 Quality Criteria
6.4 Environmental Considerations
6.5 Choosing a Mechanism
6.6 Conclusion
6.7 About the Author
Chapter Seven: The Memorability and Security of Passwords
7.1 Introduction
7.2 Existing Advice on Password Selection
7.3 Experimental Study
7.4 Method
7.5 Results
7.6 Discussion
7.7 Acknowledgments
7.8 About the Authors
Chapter Eight: Designing Authentication Systems with Challenge Questions
8.1 Challenge Questions as a Form of Authentication
8.2 Criteria for Building and Evaluating a Challenge Question System
8.3 Types of Questions and Answers
8.4 Designing a Challenge Question Authentication System
8.5 Some Examples of Current Practice
Chapter Nine: Graphical Passwords
9.1 Introduction
9.2 A Picture Is Worth a Thousand Words
9.3 Picture Perfect?
9.4 Let's Face It
9.5 About the Authors
Chapter Ten: Usable Biometrics
10.1 Introduction
10.2 Where Are Biometrics Used?
10.3 Biometrics and Public Technology: The ATM Example
10.4 Evaluating Biometrics
10.5 Incorporating User Factors into Testing
10.6 Conclusion
10.7 About the Author
Chapter Eleven: Identifying Users from Their Typing Patterns
11.1 Typing Pattern Biometrics
11.2 Applications
11.3 Overview of Previous Research
11.4 Evaluating Previous Research
11.5 Privacy and Security Issues
11.6 Conclusion
11.7 About the Authors
Chapter Twelve: The Usability of Security Devices
12.1 Introduction
12.2 Overview of Security Devices
12.3 Usability Testing of Security Devices
12.4 A Usability Study of Cryptographic Smart Cards
12.5 Recommendations and Open Research Questions
12.6 Conclusion
12.7 Acknowledgments
12.8 About the Authors
Part III: Secure Systems
Chapter Thirteen: Guidelines and Strategies for Secure Interaction Design
13.1 Introduction
13.2 Design Guidelines
13.3 Design Strategies
13.4 Conclusion
13.5 Acknowledgments
13.6 About the Author
Chapter Fourteen: Fighting Phishing at the User Interface
14.1 Introduction
14.2 Attack Techniques
14.3 Defenses
14.4 Looking Ahead
14.5 About the Authors
Chapter Fifteen: Sanitization and Usability
15.1 Introduction
15.2 The Remembrance of Data Passed Study
15.3 Related Work: Sanitization Standards, Software, and Practices
15.4 Moving Forward: A Plan for Clean Computing
15.5 Acknowledgments
15.6 About the Author
Chapter Sixteen: Making the Impossible Easy: Usable PKI
16.1 Public Key Infrastructures
16.2 Problems with Public Key Infrastructures
16.3 Making PKI Usable
16.4 About the Authors
Chapter Seventeen: Simple Desktop Security with Chameleon
17.1 Introduction
17.2 Chameleon User Interface
17.3 Chameleon Interface Development
17.4 Chameleon Implementation
17.5 Conclusion
17.6 Acknowledgments
17.7 About the Authors
Chapter Eighteen: Security Administration Tools and Practices
18.1 Introduction
18.2 Attacks, Detection, and Prevention
18.3 Security Administrators
18.4 Security Administration: Cases from the Field
18.5 Conclusion
18.6 Acknowledgments
18.7 About the Authors
Part IV: Privacy and Anonymity Systems
Chapter Ninteen: Privacy Issues and Human-Computer Interaction
19.1 Introduction
19.2 Privacy and HCI
19.3 Relevant HCI Research Streams
19.4 Conclusion
19.5 About the Authors
Chapter Twenty: A User-Centric Privacy Space Framework
20.1 Introduction
20.2 Security and Privacy Frameworks
20.3 Researching the Privacy Space
20.4 Privacy as a Process
20.5 Conclusion
20.6 About the Author
Chapter Twenty One: Five Pitfalls in the Design for Privacy
21.1 Introduction
21.2 Faces: (Mis)Managing Ubicomp Privacy
21.3 Five Pitfalls to Heed When Designing for Privacy
21.4 Discussion
21.5 Conclusion
21.6 Acknowledgments
21.7 About the Authors
Chapter Twenty Two: Privacy Policies and Privacy Preferences
22.1 Introduction
22.2 The Platform for Privacy Preferences (P3P)
22.3 Privacy Bird Design
22.4 Privacy Bird Evaluation
22.5 Beyond the Browser
22.6 About the Author
Chapter Twenty Three: Privacy Analysis for the Casual User with Bugnosis
23.1 Introduction
23.2 The Audience for Bugnosis
23.3 Cookies, Web Bugs, and User Tracking
23.4 The Graphic Identity
23.5 Making It Simple Is Complicated
23.6 Looking Ahead
23.7 Acknowledgments
23.8 About the Author
Chapter Twenty Four: Informed Consent by Design
24.1 Introduction
24.2 A Model of Informed Consent for Information Systems
24.3 Possibilities and Limitations for Informed Consent: Redesigning Cookie Handling in a Web Browser
24.4 Informing Through Interaction Design: What Users Understand About Secure Connections Through Their Web Browsing
24.5 The Scope of Informed Consent: Questions Motivated by Gmail
24.6 Acknowledgments
24.7 About the Authors
Chapter Twenty Five: Social Approaches to End-User Privacy Management
25.1 A Concrete Privacy Problem
25.2 Acumen: A Solution Using Social Processes
25.3 Supporting Privacy Management Activities with Social Processes
25.4 Deployment, Adoption, and Evaluation
25.5 Gaming and Anti-gaming
25.6 Generalizing Our Approach
25.7 Conclusion
25.8 About the Authors
Chapter Twenty Six: Anonymity Loves Company: Usability and the Network Effect
26.1 Usability for Others Impacts Your Security
26.2 Usability Is Even More Important for Privacy
26.3 Bootstrapping, Confidence, and Reputability
26.4 Technical Challenges to Guessing the Number of Users in a Network
26.5 Conclusion
26.6 About the Authors
Part V: Commercializing Usability: The Vendor Perspective
Chapter Twenty Seven: ZoneAlarm: Creating Usable Security Products for Consumers
27.1 About ZoneAlarm
27.2 Design Principles
27.3 Efficient Production for a Fast Market
27.4 Conclusion
27.5 About the Author
Chapter Twenty Eight: Firefox and the Worry-Free Web
28.1 Usability and Security: Bridging the Gap
28.2 The Five Golden Rules
28.3 Conclusion
28.4 About the Author
Chapter Twenty Nine: Users and Trust: A Microsoft Case Study
29.1 Users and Trust
29.2 Consent Dialogs
29.3 Windows XP Service Pack 2-A Case Study
29.4 Pop-Up Blocking
29.5 The Ideal
29.6 Conclusion
29.7 About the Author
Chapter Thirty: IBM Lotus Notes/Domino: Embedding Security in Collaborative Applications
30.1 Usable Secure Collaboration
30.2 Embedding and Simplifying Public Key Security
30.3 Designing Security Displays
30.4 User Control of Active Content Security
30.5 Conclusion
30.6 About the Author
Chapter Thirty One: Achieving Usable Security in Groove Virtual Office
31.1 About Groove Virtual Office
31.2 Groove Virtual Office Design
31.3 Administrators' Strengths and Weaknesses
31.4 Security and Usability
31.5 About the Authors
Part VI: The Classics
Chapter Thirty Two: Users Are Not the Enemy
32.1 The Study
32.2 Users Lack Security Knowledge
32.3 Security Needs User-Centered Design
32.4 Motivating Users
32.5 Users and Password Behavior
32.6 About the Authors
Chapter Thirty Three: Usability and Privacy: A Study of KaZaA P2P File Sharing
33.1 Introduction
33.2 Usability Guidelines
33.3 Results of the Cognitive Walkthrough
33.4 A Two-Part User Study
33.5 Conclusion
33.6 Acknowledgments
33.7 About the Authors
Chapter Thirty Four: Why Johnny Can't Encrypt
34.1 Introduction
34.2 Understanding the Problem
34.3 Evaluation Methods
34.4 Cognitive Walkthrough
34.5 User Test
34.6 Conclusion
34.7 Related Work
34.8 Acknowledgments
34.9 About the Authors
Colophon

Inhaltsangabe

Rezensionen

"[F]achlich fundiert, leicht verständlich geschrieben und interessant zu lesen. [...] Dank der geschickten Verbindung von theoretischen Grundlagen und praktischen Anwendungen eignet sich das Buch meines Erachtens sowohl für Studierende an Fachhochschulen und Universitäten wie auch für Praktiker." - Dr. Udo Hönig, Europäische Fachhochschule Rhein/Erft, Dezember 2012

Kundenbewertungen

Schreiben Sie eine Kundenbewertung zu diesem Produkt und gewinnen Sie mit etwas Glück einen 15,- EUR bücher.de–Gutschein!

5 Marktplatz-Angebote für "Security and Usability" ab 14,25 €

Zustand	Preis	Porto	Zahlung	Verkäufer	Rating
gebraucht; sehr gut	27,99 27,99 €	3,00 3,00 €	Banküberweisung, Offene Rechnung, PayPal, Offene Rechnung (Vorkasse vorbehalten) Zum Angebot	Buchladen an der Kyll	99,4%	Zum Angebot
gebraucht; gut	14,25 14,25 €	3,00 3,00 €	Banküberweisung, Kreditkarte, PayPal Zum Angebot	Buchpark GmbH	98,6%	Zum Angebot
gebraucht; gut	24,99 24,99 €	3,00 3,00 €	Banküberweisung, Offene Rechnung, PayPal, Offene Rechnung (Vorkasse vorbehalten) Zum Angebot	Buchladen an der Kyll	99,4%	Zum Angebot
gebraucht; gut	24,99 24,99 €	3,00 3,00 €	Banküberweisung, Offene Rechnung, PayPal, Offene Rechnung (Vorkasse vorbehalten) Zum Angebot	Buchladen an der Kyll	99,4%	Zum Angebot
leichte Gebrauchsspuren	16,50 16,50 €	5,00 5,00 €	Banküberweisung Zum Angebot	Wingate	100,0%	Zum Angebot
Alle anzeigen

Security and Usability

Rechnungen

Retourenschein anfordern

Bestellstatus

Storno

Serviceseiten

Schließen

Security and Usability

Security and Usability

Bitte wählen Sie Ihr Anliegen aus.

Rechnungen

Retourenschein anfordern

Bestellstatus

Storno

Serviceseiten

Schließen