Presentation is loading. Please wait.

Presentation is loading. Please wait.

Making Security Work M. Angela Sasse Dept of Computer Science University College London

Published byLea Cook Modified over 9 years ago

Similar presentations

Presentation on theme: "Making Security Work M. Angela Sasse Dept of Computer Science University College London"— Presentation transcript:

1 Making Security Work M. Angela Sasse Dept of Computer Science University College London a.sasse@cs.ucl.ac.uk www.ucl.cs.ac.uk/staff/A.Sasse

2 December 5, 2002NESC 2 The “Weakest Link” “Security is only as good as it’s weakest link, and people are the weakest link in the chain.” [Bruce Schneier, Secrets and Lies]

3 December 5, 2002 Framework – Interaction Design GOAL/ TASK CONTEXT USERSYSTEM

4 December 5, 2002NESC 4 User Characteristics Limitations of human memory Behaviour is goal-driven Knowledge and understanding of security threats and mechanisms Motivation to expend effort Perception and attitudes toward security

5 December 5, 2002NESC 5 System Factors Security on a per-system basis Applications, networks, OS etc. Proliferation passwords and PINs (banking, phones, websites) “Sticky plaster” approach instead of designed systems Wrong goals - strongest security rather than effectiveness in the real world

6 December 5, 2002NESC 6 No personal motivation to be security-conscious “No, if I have, I usually don’t have anything to hide or anything, but if I have something, I probably put it on my computer at home.”

7 December 5, 2002NESC 7 “Nobody would bother to attack me” “You know, if you think about, who’s actually going to go through all that struggle to hack a departmental computer science account of some academic at xxxx college. It’s not like NASA or anything, nothing of interest. “What would make it more likely?” Answer: “Maybe if I was more famous, or…” [laughs]

8 December 5, 2002NESC 8 “Hackers can’t be deterred anyway” “How foolproof is it?” Answer: “Ahm… I don’t know, really. I think it’s, ah, I haven’t the faintest idea, to be honest. I’ve got a feeling that for most purposes it’s good enough, but I think if somebody’s clever enough and perseveres enough, they will be able to get in. But I can’t see why [laughs]. To be honest.”

9 December 5, 2002NESC 9 Negative view of good security behaviour “What kind of person is a person who is very concerned about security?” Answer: “I think, it’s just that it’s all a personality type. First all, they could be people who generally have private or confidential information on there. Fine - data, I wanna keep it private. I suppose general personality types. People who would want to be more secure. I don’t know. That’s really a question for psychologists. What sort of people keep their desks tidy. What sort of people comb their hair in the morning.”

10 December 5, 2002NESC 10 Cont. “Probably the same sort of people who would not give their passwords away. People who are very sort of… either people who are very paranoid about breaches of security or whatever or people who were told “Never give your password away.” without understanding why that would be and therefore they would never do it because they were told not to do it. People therefore who are obedient. People who follow the crowd.”

11 December 5, 2002NESC 11 No personal accountability “I would say ‘If they can hack into my system, then it can’t be that secure a system to start with. It’s not my job to guarantee the security of the entire xxx computer network.’ “Well, I would just say, you know, this clearly is the work of a hacker, and I think also, people that know me personally would know that I wouldn’t do things like that.”

12 December 5, 2002NESC 12 Designing usable security Usable mechanisms – Physical & mental workload of users as low as possible – Consider frequency of use Strong but simple policies are easier to understand than more permissive, complicated ones Make assets and threats visible Rationale for security mechanisms and user behaviour in protecting assets

13 December 5, 2002NESC 13 Task Factors For most users, most of the time, security is enabling task to one or more production tasks If competing with production tasks, it will be eliminated/circumvented whenever possible Production tasks must drive security design

14 December 5, 2002NESC 14 Designing workable security Security design must be integrated with production tasks Performance determined by Production Tasks Speed, idle times, strength of authentication Availability – viable contingencies – No competing demands for user resources – Match security behaviour to work practices – Workable contingencies

15 Context Factors Physical – Ease of access and use – Environmental conditions Social – Social conventions (trust) Organisational – Lack of security culture – Assets, roles, responsibilies not clear or understood

16 Designing security policies Security policies specific to organisation Risk analysis: identify assets, threats, roles, and responsibilities Build positive security culture – Specify expected user behaviour, and penalties for transgression – Enforce penalties, and be seen to enforce them – Reward good user behaviour Security as ongoing process – Monitor and adapt

17 December 5, 2002NESC 17 Beyond end-users Urgent need to address usability for system administrators and developers Escalating cost Re-think – Simpler architectures – Design for security and usability, instead of sticking it on Support for good security development needed

18 December 5, 2002NESC 18 Supporting developers Integrate security into development process – Perform security analysis as part of requirements analysis – UML-based model of system, threats and security controls Design patterns – Develop tried & tested security design patterns – Develop design patterns for usable security

19 December 5, 2002NESC 19 S. Brostoff & M. A. Sasse (2001): Safe and Sound: a safety-critical design approach to security. Procs 10th ACM/SIGSAC New Security Paradigms Workshop. D. Weirich & M. A. Sasse (2001): Pretty Good Persuasion: A first step towards effective password security for the Real World. Procs10th ACM/SIGSAC New Security Paradigms Workshop. M. A. Sasse, S. Brostoff, & D. Weirich (2001): Transforming the “Weakest Link": a human-computer interaction approach to usable and effective security. BT Technical Journal, 19 (3), pp. 122-131. S. Brostoff & M. A. Sasse (2000): Are Passfaces more usable than passwords? A field trial investigation. Procs HCI 2000 pp. 405-424. Springer. A. Adams & M. A. Sasse (1999): Users Are Not The Enemy: Why users compromise security mechanisms and how to take remedial measures. Communications of the ACM, 42 (12), pp. 40-46.

Download ppt "Making Security Work M. Angela Sasse Dept of Computer Science University College London"

Similar presentations

E - safety How e-safe are you?.

E - safety How e-safe are you?.
Georgia State University 2003 A Ten Step Approach to Developing an Information Security Program Bill Paraska Director of University Computing.

Georgia State University 2003 A Ten Step Approach to Developing an Information Security Program Bill Paraska Director of University Computing.
Chapter 1  Introduction 1 Introduction Chapter 1  Introduction 2 The Cast of Characters  Alice and Bob are the good guys  Trudy is the bad guy 

Chapter 1  Introduction 1 Introduction Chapter 1  Introduction 2 The Cast of Characters  Alice and Bob are the good guys  Trudy is the bad guy 
Chapter 1  Introduction 1 Chapter 1: Introduction.

Chapter 1  Introduction 1 Chapter 1: Introduction.
Chapter 1  Introduction 1 Chapter 1: Introduction “Begin at the beginning,” the King said, very gravely, “and go on till you come to the end: then stop.”

Chapter 1  Introduction 1 Chapter 1: Introduction “Begin at the beginning,” the King said, very gravely, “and go on till you come to the end: then stop.”
most important characteristic

most important characteristic
CSC 386 – Computer Security Scott Heggen. Agenda Authentication Passwords Reducing the probability of a password being guessed Reducing the probability.

CSC 386 – Computer Security Scott Heggen. Agenda Authentication Passwords Reducing the probability of a password being guessed Reducing the probability.
Audit Issues regarding Passwords on Elevated Privilege Accounts Gene Scheckel Global Internal Audit.

Audit Issues regarding Passwords on Elevated Privilege Accounts Gene Scheckel Global Internal Audit.
People and Security. Contents People and security – what is the problem? Why usable security is important Introduction to usability principles Best Practices.

People and Security. Contents People and security – what is the problem? Why usable security is important Introduction to usability principles Best Practices.
SECURITY AND SOCIAL ENGINEERING US Department of Commerce Office of Security Updated 09/26/11 Security is Everyone's Responsibility – See Something, Say.

SECURITY AND SOCIAL ENGINEERING US Department of Commerce Office of Security Updated 09/26/11 Security is Everyone's Responsibility – See Something, Say.
Relationship Bank Account Habit 4 Think Win-Win. Your Personal Challenge Task 1: On the mini post-it note, write the biggest challenge you are facing.

Relationship Bank Account Habit 4 Think Win-Win. Your Personal Challenge Task 1: On the mini post-it note, write the biggest challenge you are facing.
1 No Silver Bullet : Inherent Limitations of Computer Security Technologies Jeffrey W. Humphries Texas A&M University.

1 No Silver Bullet : Inherent Limitations of Computer Security Technologies Jeffrey W. Humphries Texas A&M University.
A Covenant University Presentation By Favour Femi-Oyewole, BSc, MSc (Computer Science), MSc (Information Security) Certified COBIT 5 Assessor /Certified.

A Covenant University Presentation By Favour Femi-Oyewole, BSc, MSc (Computer Science), MSc (Information Security) Certified COBIT 5 Assessor /Certified.
Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.

Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.
Users Are Not The Enemy A. Adams and M. A. Sasse Presenter: Jonathan McCune Security Reading Group February 6, 2004.

Users Are Not The Enemy A. Adams and M. A. Sasse Presenter: Jonathan McCune Security Reading Group February 6, 2004.
Usable Privacy and Security Carnegie Mellon University Spring 2007 Cranor/Hong 1 User Studies Motivation January.

Usable Privacy and Security Carnegie Mellon University Spring 2007 Cranor/Hong 1 User Studies Motivation January.
Usability and Security – Why we need to look at the big picture M. Angela Sasse Professor of Human-Centred Technology Department of Computer Science University.

Usability and Security – Why we need to look at the big picture M. Angela Sasse Professor of Human-Centred Technology Department of Computer Science University.
05-899/17-500 Usable Privacy and Security Colleen Koranda February 7, 2006 Usable Privacy and Security I.

05-899/ Usable Privacy and Security Colleen Koranda February 7, 2006 Usable Privacy and Security I.
Chapter 1  Introduction 1 Chapter 1: Introduction “Begin at the beginning,” the King said, very gravely, “and go on till you come to the end: then stop.”

Chapter 1  Introduction 1 Chapter 1: Introduction “Begin at the beginning,” the King said, very gravely, “and go on till you come to the end: then stop.”
Social Engineering PA Turnpike Commission. “Social Engineering is the practice of obtaining confidential information by manipulation of legitimate users”

Social Engineering PA Turnpike Commission. “Social Engineering is the practice of obtaining confidential information by manipulation of legitimate users”

Similar presentations

Ads by Google