Security and Usability (Paperback)

購買商店

Security and Usability (Paperback)

$399.00

馬上購買

內容描述

Description:

Human factors and usability issues have
traditionally played a limited role in security research and secure systems
development. Security experts have largely ignored usability issues--both
because they often failed to recognize the importance of human factors and
because they lacked the expertise to address them.
But there is a growing recognition that today's
security problems can be solved only by addressing issues of usability and
human factors. Increasingly, well-publicized security breaches are attributed
to human errors that might have been prevented through more usable software.
Indeed, the world's future cyber-security depends upon the deployment of
security technology that can be broadly used by untrained computer
users.
Still, many people believe there is an inherent
tradeoff between computer security and usability. It's true that a computer
without passwords is usable, but not very secure. A computer that makes you
authenticate every five minutes with a password and a fresh drop of blood
might be very secure, but nobody would use it. Clearly, people need computers,
and if they can't use one that's secure, they'll use one that isn't.
Unfortunately, unsecured systems aren't usable for long, either. They get
hacked, compromised, and otherwise rendered useless.
There is increasing agreement that we need to
design secure systems that people can actually use, but less agreement about
how to reach this goal. Security & Usability is the first
book-length work describing the current state of the art in this emerging
field. Edited by security experts Dr. Lorrie Faith Cranor and Dr. Simson
Garfinkel, and authored by cutting-edge security and human-computer
interaction (HCI) researchers world-wide, this volume is expected to
become both a classic reference and an inspiration for future research.
Security & Usability groups 34
essays into six parts:

Realigning Usability and Security---with
careful attention to user-centered design principles, security and usability
can be synergistic.
Authentication Mechanisms-- techniques for
identifying and authenticating computer users.
Secure Systems--how system software can
deliver or destroy a secure user experience.
Privacy and Anonymity Systems--methods for
allowing people to control the release of personal information.
Commercializing Usability: The Vendor
Perspective--specific experiences of security and software vendors (e.g.,
IBM, Microsoft, Lotus, Firefox, and Zone Labs) in addressing usability.

The Classics--groundbreaking papers that
sparked the field of security and usability.

This book is expected to start an avalanche
of discussion, new ideas, and further advances in this important field.
 
 
Table of
Contents:

1. Preface
   Part. Realigning Usability and
   Security
2. Psychological Acceptability
   RevisitedMatt Bishop 1
3. Usable SecurityM. Angela
   Sasse and Ivan Flechais 13
4. Design for UsabilityBruce
   Tognazzini 29
5. Usability Design and Evaluation for
   Privacy and Security SolutionsClare-Marie Karat, Carolyn Brodie, and
   John Karat 45
6. Designing Systems That People Will
   TrustAndrew S. Patrick, Pamela Briggs, and Stephen Marsh
   71
   Part. Authentication
   Mechanisms
7. Evaluating Authentication
   MechanismsKaren Renaud 97
8. The Memorability and Security of
   PasswordsJeff Yan, Alan Blackwell, Ross Anderson, and Alasdair Grant
   121
9. Designing Authentication Systemswith
   Challenge QuestionsMike Just 135
10. Graphical PasswordsFabian
    Monrose and Michael K. Reiter 147
11. Usable BiometricsLynne
    Coventry 165
12. Identifying Users from Their Typing
    PatternsAlen Peacock, Xian Ke, and Matt Wilkerson
    187
13. The Usability of Security
    DevicesUgo Piazzalunga, Paolo Salvaneschi, and Paolo Coffetti
    209
    Part. Secure
    Systems
14. Guidelines and Strategies for Secure
    Interaction DesignKa-Ping Yee 235
15. Fighting Phishing at the User
    InterfaceRobert C. Miller and Min Wu 263
16. Sanitization and
    UsabilitySimson Garfinkel 281
17. Making the Impossible Easy: Usable
    PKIDirk Balfanz, Glenn Durfee, and D.K. Smetters 305
18. Simple Desktop Security with
    ChameleonA. Chris Long and Courtney Moskowitz 321
19. Security Administration Tools and
    PracticesEser Kandogan and Eben M. Haber 343
    Part. Privacy and Anonymity
    Systems
20. Privacy Issues and Human-Computer
    InteractionMark S. Ackerman and Scott D. Mainwaring
    365
21. A User-Centric Privacy Space
    FrameworkBenjamin Brunk 383
22. Five Pitfalls in the Design for
    PrivacyScott Lederer, Jason I. Hong, Anind K. Dey, and James A. Landay
    403
23. Privacy Policies and Privacy
    PreferencesLorrie Faith Cranor 429
24. Privacy Analysis for the Casual User
    with BugnosisDavid Martin 455
25. Informed Consent by
    DesignBatya Friedman, Peyina Lin, and Jessica K. Miller
    477
26. Social Approaches to End-User
    Privacy ManagementJeremy Goecks and Elizabeth D. Mynatt
    505
27. Anonymity Loves Company: Usability
    and the Network EffectRoger Dingledine and Nick Mathewson
    529
    Part. Commercializing Usability:
    The Ventor Perspective
28. ZoneAlarm: Creating Usable Security
    Products for ConsumersJordy Berson 545
29. Firefox and the Worry-Free
    WebBlake Ross 559
30. Users and Trust: A Microsoft Case
    StudyChris Nodder 571
31. IBM Lotus Notes/Domino: Embedding
    Security in Collaborative ApplicationsMary Ellen Zurko
    589
32. Achieving Usable Security in Groove
    Virtual OfficeGeorge Moromisato, Paul Boyd, and Nimisha Asthagiri
    605
    Part. The
    Classics
33. Users Are Not the EnemyAnne
    Adams and M. Angela Sasse 619
34. Usability and Privacy:A Study of
    KaZaA P2P File SharingNathaniel S. Good and Aaron Krekelberg
    631
35. Why Johnny Can't EncryptAlma
    Whitten and J. D. Tygar 649
    Index