Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security vs Usability Dr Kate Dingley Principal lecturer and International Coordinator for the School of Computing

Similar presentations


Presentation on theme: "Security vs Usability Dr Kate Dingley Principal lecturer and International Coordinator for the School of Computing"— Presentation transcript:

1 Security vs Usability Dr Kate Dingley Principal lecturer and International Coordinator for the School of Computing Kate.dingley@port.ac.uk

2 What do we know about Usability? Human needs and goals Analysing system requirements Evaluating prototypes GUIs (graphic user interfaces) Group working Mobile interfaces

3 What do we know about Usability? The HCI process Human needs and goals –Start with what the user actually wants to do Analysing system requirements –Then analyse and design system concepts to support their needs Evaluating prototypes –Build a quick prototype and evaluate your design

4 HCI aspects continued GUIs (graphic user interfaces) –Support recognition so user don’t have to recall things Group working –Modern work is seldom in isolation –Group working is vital Mobile interfaces –So much more in so little space

5 Human Needs and Perception Usability is based on understanding and designing for human needs Recognition is easier than recall ◦Short term memory is fairly limited ◦We use metaphors to help us learn and understand ◦Grouping things helps memory ◦We cannot remember and then forget on command ◦Language and culture affect understanding and use d

6 Analysing Needs Who is the User? –The person using the system or the one requiring the security Whose needs take priority? Consider how often you have to verify some characters If you dont type these exactly you wont achieve your goal(task)

7 What are the consequences of poor security?

8 Consequences For the site owner:-  Reduced “information harvesting”  More likely to be the correct user  User is not able to use their service For the end user:-  Feeling of security  Frustration  Move to another supplier if available If a user is prevented from using the site, how does this fit with Equality Act legislation?

9 Prototypes and evaluation Stakeholders are the people who would be interested in a system or its development –Often appointed at high level Testing a prototype with end users is important in ensuring usability –Real users are vital Security has traditionally been tested differently – access control, prevention, reset, etc, is quite different to principles of usability –Keyword in security is “prevention” –Keyword in usability is “enable”

10 Graphic User Interfaces Evolved with windows, icons, menus, mice to make interfaces easier to use Security dialogues are making things hard again Recall needed, little opportunity to recover from mistakes – return to command line interface Issues !People write them down! How do you forget an old p/word?

11 Security and human memory Memory is essential for high security –http://www.youtube.com/watch?v=p-j4WWko- 4Y&feature=relatedhttp://www.youtube.com/watch?v=p-j4WWko- 4Y&feature=related However we remember more in context –http://www.youtube.com/watch?v=BdSBwpqydY8&f eature=relatedhttp://www.youtube.com/watch?v=BdSBwpqydY8&f eature=related –But things can interrupt memory retrieval z

12 Group Working Groups present their own problems –Do all users share a login or have separate IDs? If you have assistive technology like speech/voice data entry - how do you enter personal data without it being overheard? –Even if you can enter text data, hearing your private information read by a computer voice is no fun –http://www.youtube.com/watch?v=XSHmPamLGQA& feature=relatedhttp://www.youtube.com/watch?v=XSHmPamLGQA& feature=related –http://www.youtube.com/watch?v=H6y4CWiqCFc&fe ature=related – using voice verifcationhttp://www.youtube.com/watch?v=H6y4CWiqCFc&fe ature=related d

13 Mobile interfaces Usability already harder – –Nested menus –Readability slower due to short lines –Screen visibility in different light However, mobile devices easier to steal – so need more, not less protection Mobile devices often store contacts, financial and p/word information

14 Solutions Biometrics –Not as easy as implied –Still have to remember stuff – eg, which finger to swipe What problems can you think of? –http://www.youtube.com/watch?v=RqWx7e8EVOYhttp://www.youtube.com/watch?v=RqWx7e8EVOY http://zing.ncsl.nist.gov/biousa/docs/Usability _and_Biometrics_final2.pdf -big document!http://zing.ncsl.nist.gov/biousa/docs/Usability _and_Biometrics_final2.pdf http://www.stcsig.org/usability/newsletter/02 04-politics.htmlhttp://www.stcsig.org/usability/newsletter/02 04-politics.html

15 Biometrics:- further information http://www.youtube.com/watch?v=0o5Uu6H8 tochttp://www.youtube.com/watch?v=0o5Uu6H8 toc

16 Ergonomics Move systems out of an office and there are more issues Outside you have heat and cold, dirt, poor light and glare There are the dangers of use while walking, cycling or driving - but add a p/word for real danger –Eg voice dial phone, but 4 digit keycode must be entered first People with physical disabilities are barred from use – eg arthritis would make finger scan hard/painful or impossible

17 People, again! Research has shown that people generally dont appreciate the need for good security when it conflicts with usability “We conjecture that this is the case because people prefer convenience over security”. Dhamija & Perrig, 2001 (deja vu) http://people.seas.harvard.edu/~rachna /papers/usenix.pdf http://people.seas.harvard.edu/~rachna /papers/usenix.pdf Behaviour modification may work in the long term

18 Quick Survey

19 Summary Nearly everything we have learned about usability currently conflicts with security systems as we know them Some research is being undertaken this would make interesting projects and offer job opportunities

20 References http://www.schneier.com/blog/archives/2009/ 08/security_vs_usa.htmlhttp://www.schneier.com/blog/archives/2009/ 08/security_vs_usa.html http://www.w3.org/2006/WSC/ http://www.youtube.com/watch?v=jYWmkcok kjEhttp://www.youtube.com/watch?v=jYWmkcok kjE http://www.youtube.com/watch?v=GpQ5ApW pNxo&feature=relatedhttp://www.youtube.com/watch?v=GpQ5ApW pNxo&feature=related http://people.clarkson.edu/~jsearlem/cs459/f a10/presentations/platek_presentation.pdfhttp://people.clarkson.edu/~jsearlem/cs459/f a10/presentations/platek_presentation.pdf


Download ppt "Security vs Usability Dr Kate Dingley Principal lecturer and International Coordinator for the School of Computing"

Similar presentations


Ads by Google