Class 20 Usability CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman

Slides:



Advertisements
Similar presentations
Slides will automatically advance Back to Online demo Welcome to the Safety Insite. com.
Advertisements

Class 9 Physical Security and DRM CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman
CGS 1000-SPRING 2008 Introduction to Computers and TechnologyIntroduction to Computers and Technology.
Introduction to Computer Programming I CSE 113
Class 1 Background, Tools, and Trust CIS 755: Advanced Computer Security Spring 2015 Eugene Vasserman
CPSC 481 Foundations and Principles of Human Computer Interaction
Department of Computer Science
Saul Greenberg CPSC 481 Foundations and Principles of Human Computer Interaction James Tam.
CIS101 Introduction to Computing Week 11 Spring 2004.
ELessons in JCSE – status report Zoran Putnik, Zoran Budimac.
BA Week 10 Course overview, ideas about the IS field’s future Dave Sullivan.
Saul Greenberg CPSC 481 Foundations and Principles of Human Computer Interaction James Tam.
Graphical User Interfaces Design and usability Saul Greenberg Professor University of Calgary Slide deck by Saul Greenberg. Permission is granted to use.
213: User Interface Design & Development Professor: Tapan Parikh TA: Eun Kyoung Choe
Need your MyMathLab card with your access code Need a Valid Address Need to know Purdue’s zip code is and your course ID for your Class You.
Semester wrap-up …my final slides.. More on HCI Class on Ubiquitous Computing next spring Courses in visualization, virtual reality, gaming, etc. where.
Semester wrap-up …the final slides.. The Final  December 13, 3:30-4:45 pm  Closed book, one page of notes  Cumulative  Similar format and length to.
Need your MyMathLab card with your access code Need a Valid Address Need to know Purdue’s zip code is and your course ID for your Class You.
Usable Privacy and Security Course Overview Lorrie Cranor, Jason Hong, Mike Reiter Grad students and juniors and seniors –Tended to be HCI, CS, Public.
Need your MyMathLab card with your access code Need a Valid Address Need to know Purdue’s zip code is and your course ID for your Class You.
Administrivia Turn in ranking sheets, we’ll have group assignments to you as soon as possible Homeworks Programming Assignment 1 due next Tuesday Group.
Need your MyMathLab card with your access code Need a Valid Address Need to know Purdue’s zip code is and your course ID for your Class You.
Security administrators The experts need better tools too!
James Tam CPSC 481 Foundations and Principles of Human Computer Interaction James Tam.
Feb. 27, 2001CSci Clark University1 CSci 250 Software Design & Development Lecture #13 Tuesday, Feb. 27, 2001.
What is HCI? IMD07101: Introduction to Human Computer Interaction Brian Davison 2011/12.
PROBLEM STATEMENT: Our research seeks to understand the current usability situation of files and encryption software. Particularly we focus in Gnupg4win.
Slide 1ICT 325 Human-Computer InteractionSemester 1, 2005 ICT 325 Human-Computer Interaction Semester 2, 2005.
People: Usability COMP 101 November 12, 2014 Carolyn Seaman Amanda Mancuso Susan Martin University of Maryland Baltimore County.
BIT 115: Introduction To Programming1 Sit in front of a computer Log in –Username: 230class –password: –domain: student Bring up the course web.
Please initial the appropriate attendance roster near the door. If you are on the Wait List you will find your name at the bottom. If you are not on the.
COMP3050 Human Computer Interface - By Dr. Amy Zhang.
CLASSROOM CHANGE  Starting Thursday class will move to:  SB
David Evans CS200: Computer Science University of Virginia Computer Science Class 36: Public-Key Cryptography If you want.
HUMAN-COMPUTER INTERACTION UCSD & Advanced Technology.
Fall CIS 764 Database Systems Engineering L1: Introduction to … CIS 764 Enterprise Database Systems Engineering: Software.
Class 5 Channels and Preview CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman
Class 8 Introduction to Anonymity CIS 755: Advanced Computer Security Spring 2015 Eugene Vasserman
Trustworthy Semantic Web Dr. Bhavani Thuraisingham The University of Texas at Dallas Review for the Final Exam December 8, 2008.
+ Introduction to Class IST210 Class Lecture. + Course Objectives Understand the importance of data, databases, and database management Design and implement.
INFO1408 Database Design Concepts Week 15: Introduction to Database Management Systems.
COORDINATOR: KATELYNN BOURASSA Psychology 1000 Research Requirement.
Interaction Design: Overview
West Virginia University Slide 1 Copyright © K.Goseva 2010 CS 736 Software Performance Engineering Comments on Homework #1  Please revise the solution.
Mario Čagalj University of Split 2014/15. Human-Computer Interaction (HCI)
CS 210 DATA STRUCTURES AND ALGORITHIMS Fall 2006.
Class 2 Cryptography Refresher CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman
Class 4 Asymmetric Cryptography and Trusting Internal Components CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman
Human Computer Interaction Lecture /11 1.
Class 3 Cryptography Refresher II CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman
English for Computer Science Lecture 5. Reading CS Papers (1)  Reading Abstract  Reading Conclusion  Reading Introduction  Reading Body 
In Search of Usable Security: Five Lessons from the Field Presentation by 王志誠.
HCI-833 Advanced User Interface Technology Scott Hudson NSH 3523.
ITIS 2110 Final Exam.  Today’s Notes  HW7 Returned  Early grade report  Final Project  End Term Exam.
AVI/Psych 358/IE 340: Human Factors Section AL1 (MWF 9:00 – 9:50) Fall 2008.
Wrap-up CS 370 Computer Game Design Ken Forbus Spring, 2003.
COORDINATOR: KATELYNN BOURASSA Psychology Extra Credit Option.
Data, Information and Knowledge (and the delayed Introduction!) Session 2 INST 301 Introduction to Information Science.
Maryknoll Wireless Network Access Steps for Windows 7 As of Aug 20, 2012.
BA Week 10 Course overview, conversations about this class and the IS field’s future Dave Sullivan.
Why Johnny Can’t Encrypt: A Usability Evaluation of PGP 5.0
Introduction to CS Senior Design Project I / II
(Advanced Human Computer Interaction)
Introduction to CS Senior Design Project I / II
Setting up an online account
Welcome to CS220/MATH 320 – Applied Discrete Mathematics Fall 2018
Monday, FEBRUARY 5, Day 110 Welcome back! I hope you had a great weekend! Please enter quietly, distribute job cards and then fill in your agenda.
BIT 142:Programming & Data Structures in C#
BIT 143:Programming & Data Structures in C#
Presentation transcript:

Class 20 Usability CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman

Administrative stuff TEVAL offered – please fill it out :) No class or office hours next week Quiz on Thursday Final project due Tuesday, May 13 th, by 2:00 PM ( ) Today: – Survey – Exam II returned

Papers “In search of usable security”… – Practical, sysadmin-ish “Shake well before use”… – Research – ease of application of known primitive (key agreement) “Seeing-is-believing” – Research – ease of application of known primitive (public keys)

User is not a 4-letter word! Software is used by people! – Psychology (we all have it) HCI (human-computer interaction) Human factors Usability “Return” vs. “enter” story

I’m sure this is someone’s law… If a security system is too difficult to use, users will find a way to get around it – Corollary: Getting the job done is more important than security Has more immediate potentially bad outcomes

A bit of historical background 1999: Why Johnny can’t encrypt 2003: Humans in the loop: Human-computer interaction and security 2006: Why Johnny still can't encrypt: Evaluating the usability of encryption software 2011: Why (special agent) Johnny (still) can't encrypt: A security analysis of the APCO project 25 two-way radio system

It’s more complex than you think! Non-expert users – Novice users – never used a computer? Security “signals” – Desensitization Types of mistakes

Real-world examples … you’d be amazed! Enterprise PKI/SSO K-State system – Password change Identity: who are you?? Demo (I hope this works!) – TrueCrypt

References Papers in notes fields (other slides) Assigned papers Norman’s “Design of Everyday Things” Actually, read all of Norman’s books :)

Back to the papers – “In search of usable security”… – “Shake well before use”… – “Seeing-is-believing” Problems? Vulnerabilities? Questions?

TrueCrypt – Lessons learned PROBLEM: Security software usability stinks SOLUTION: Improve it – Measurably! CONTRIBUTION: A vastly and provably improved TrueCrypt interface – Functionality-preserving

Old Wizard – Step 1

Old Wizard – Step 2

Old Wizard – Step 3

Old Wizard – Step 4

Old Wizard – Step 5

Old Wizard – Step 6

Browser warnings

Questions? Reading discussion

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.