Presentation is loading. Please wait.

Presentation is loading. Please wait.

Biometrics and Usability March 21, 2008 Poor Usability: The Inherent Insider Threat Information Access Division Visualization and Usability Group Mary.

Published byKevin Bryan Modified over 8 years ago

Similar presentations

Presentation on theme: "Biometrics and Usability March 21, 2008 Poor Usability: The Inherent Insider Threat Information Access Division Visualization and Usability Group Mary."— Presentation transcript:

1 Biometrics and Usability March 21, 2008 Poor Usability: The Inherent Insider Threat Information Access Division Visualization and Usability Group Mary Theofanos

2 2 Biometrics and Usability 2

3 3 3

4 4 4 The weakest link in the chain? Is it because the User is :  Careless and Ignorant OR  Frustrated and Overwhelmed

5 5 Biometrics and Usability 5 What is usability? ISO 9241-11 defines usability as: “the extent to which a product can be used by specified users to achieve specified goals with effectiveness, efficiency and satisfaction in a specified context of use” ISO 9241-11 defines usability as: “the extent to which a product can be used by specified users to achieve specified goals with effectiveness, efficiency and satisfaction in a specified context of use”

6 6 Biometrics and Usability 6 First Tenet: Know thy User  Policy Makers  Security Organization  End-Users

7 7 Biometrics and Usability 7 User goals and mission are not similar End-User  Task oriented – production tasks vs supporting tasks  Performance metric: efficiency, effectiveness of production tasks  The organization’s mission relies on the production tasks Security Organization  Security is the production task  Performance metric: how secure  Mission is Security but how does it relate to overall mission of the larger organization

8 8 Biometrics and Usability 8 User Perception Influences Behavior  Impossible demands  Need --Value  Complexity  Awkward Behavior

9 9 Biometrics and Usability 9 Context of Use Differences in physical location and devices influence usage  Laptop  Desktop  Office, Home, Airport, Battlefield

10 10 Biometrics and Usability 10 Today’s usability is one-sided In favor of the Security Organization  “Command and Control” approach  Policies constructed top-down, enforced through sanctions  Compliance monitored by checklists  One size fits all

11 11 Biometrics and Usability 11 What can we do?  Integrate Security and Usability  Include usability in software development cycle  Apply user-centered design to security design  Establish a partnership with users

12 12 Biometrics and Usability 12 Good Usability Strengthens Security  Easier to implement security policies, processes and procedures  Encourages users to follow good security practices  Reduces users inadvertently undermining security

13 13 Biometrics and Usability 13  The goal is to build systems that are actually secure not theoretically secure:  Security Mechanisms have to be usable in order to be effective

Download ppt "Biometrics and Usability March 21, 2008 Poor Usability: The Inherent Insider Threat Information Access Division Visualization and Usability Group Mary."

Similar presentations

Linking regions and central governments: Indicators for performance-based regional development policy 6 th EUROPEAN CONFERENCE ON EVALUATION OF COHESION.

Linking regions and central governments: Indicators for performance-based regional development policy 6 th EUROPEAN CONFERENCE ON EVALUATION OF COHESION.
Chapter 1 Introducing User Interface Design. UIDE Chapter 1 Why the User Interface Matters Why the User Interface Matters Computers Are Ubiquitous Computers.

Chapter 1 Introducing User Interface Design. UIDE Chapter 1 Why the User Interface Matters Why the User Interface Matters Computers Are Ubiquitous Computers.
At What Cost Pervasive? A social computing view of mobile computing systems By: D.C.Dryer, C. Eisbach, and W.S. Ark IBM Systems Journal, online Presentation.

At What Cost Pervasive? A social computing view of mobile computing systems By: D.C.Dryer, C. Eisbach, and W.S. Ark IBM Systems Journal, online Presentation.
The Federal Bureaucracy Bureaucracy: a large, complex administrative structure that handles the everyday business of government. Deliver mail, collect.

The Federal Bureaucracy Bureaucracy: a large, complex administrative structure that handles the everyday business of government. Deliver mail, collect.
Enterprise security How to bring security transparency into your organization ISSA EDUCATIONAL SESSION Nicklaus Schleicher, VP Support & Customer Service.

Enterprise security How to bring security transparency into your organization ISSA EDUCATIONAL SESSION Nicklaus Schleicher, VP Support & Customer Service.
Define usability testing Usability is all about how easy a product, service or system is to use. The extent to which a product can be used by specified.

Define usability testing Usability is all about how easy a product, service or system is to use. The extent to which a product can be used by specified.
10/7/1999Database Management -- R. Larson Database Administration: Additional Issues University of California, Berkeley School of Information Management.

10/7/1999Database Management -- R. Larson Database Administration: Additional Issues University of California, Berkeley School of Information Management.
15 1 Chapter 15 Database Administration Database Systems: Design, Implementation, and Management, Seventh Edition, Rob and Coronel.

15 1 Chapter 15 Database Administration Database Systems: Design, Implementation, and Management, Seventh Edition, Rob and Coronel.
Ch 3 Usability page 1CS 368 Usability Models the authors compare three usability models and introduce their own “the extent to which a product can be used.

Ch 3 Usability page 1CS 368 Usability Models the authors compare three usability models and introduce their own “the extent to which a product can be used.
Www.adira.org Philippe LE TERTRE IS Governance Consultant  Founder and managing partner of VADEGIS (company specialized in Information System Management.

Philippe LE TERTRE IS Governance Consultant  Founder and managing partner of VADEGIS (company specialized in Information System Management.
Design, goal of design, design process in SE context, Process of design – Quality guidelines and attributes Evolution of software design process – Procedural,

Design, goal of design, design process in SE context, Process of design – Quality guidelines and attributes Evolution of software design process – Procedural,
Chapter 1 Database Systems. Good decisions require good information derived from raw facts Data is managed most efficiently when stored in a database.

Chapter 1 Database Systems. Good decisions require good information derived from raw facts Data is managed most efficiently when stored in a database.
How get your project management or professional services organization ISO 9001 certified.

How get your project management or professional services organization ISO 9001 certified.
CMGT400 Intro to Information Assurance and Security (University of Phoenix) Lecture, Week 4 Tom Olzak, MBA, CISSP.

CMGT400 Intro to Information Assurance and Security (University of Phoenix) Lecture, Week 4 Tom Olzak, MBA, CISSP.
5-1 © Prentice Hall, 2007 Chapter 5: Determining Object-Oriented Systems Requirements Object-Oriented Systems Analysis and Design Joey F. George, Dinesh.

5-1 © Prentice Hall, 2007 Chapter 5: Determining Object-Oriented Systems Requirements Object-Oriented Systems Analysis and Design Joey F. George, Dinesh.
1 Interface Design Easy to use? Easy to understand? Easy to learn?

1 Interface Design Easy to use? Easy to understand? Easy to learn?
1 ICS 122: Software Specification and Quality Engineering Spring 2002Lecturers: H. Muccini and D. J. Richardson Lecture 13: Summary The three aspects:

1 ICS 122: Software Specification and Quality Engineering Spring 2002Lecturers: H. Muccini and D. J. Richardson Lecture 13: Summary The three aspects:
System Development Process Prof. Sujata Rao. 2Overview Systems development life cycle (SDLC) – Provides overall framework for managing system development.

System Development Process Prof. Sujata Rao. 2Overview Systems development life cycle (SDLC) – Provides overall framework for managing system development.
Biometrics and Usability June 8, 2009 Usability and Key Management Information Access Division Visualization and Usability Group Mary Theofanos.

Biometrics and Usability June 8, 2009 Usability and Key Management Information Access Division Visualization and Usability Group Mary Theofanos.
References  Cranor & Garfinkel, Security and Usability, O’Reilly  Sasse & Flechais, “Usable Security: Why Do We Need It? How Do We Get It?”  McCracken.

References  Cranor & Garfinkel, Security and Usability, O’Reilly  Sasse & Flechais, “Usable Security: Why Do We Need It? How Do We Get It?”  McCracken.

Similar presentations

Ads by Google