Frontiers of Engineering Reports on Leading-Edge Engineering from the 2007 Symposium (2008) / Chapter Skim
Currently Skimming:
Usable Security: Oxymoron or Challenge?--Diana K. Smetters
Usable Security: Oxymoron or Challenge?--Diana K. Smetters
Pages 21-28
The Chapter Skim interface presents what we've algorithmically identified as the most significant single chunk of text within every page in the chapter.
Select key terms on the right to highlight them within pages of the chapter.
From page 21... ...
security technologies and secure systems from the ground up with usability in mind will there be systems sufficiently usable and secure to meet the demands of modern computing environments. In this paper I will briefly review recent work both on improving the usability of security technologies and in designing systems to be simultaneously usable and secure, with an eye toward the challenges still faced in marrying these two seemingly opposing goals.
|
From page 22... ...
Even simple changes in typical password policies can demonstrably increase usability without decreasing security, for example, not requiring password change or increasing the number of password input errors allowed without requiring administrator intervention (e.g., from 3 to 10) (Brostoff and Sasse, 2003)
|
From page 23... ...
, act to significantly strengthen passwords as a security measure by asking users to remember a single master password, from which they generate unique passwords for every site a user logs into. By enabling users to have distinct passwords for each site they access, these tools can not only minimize the damage caused by a single stolen password (which is usually significant, as passwords are frequently reused in practice)
|
From page 24... ...
At the limit, enterprise WLAN users can be individually authenticated using digital certificates and provided with separate keys for encrypting data; this provides strong authentication and network access control, the ability to revoke individual user's access easily, and protects network users from one another. However, availing oneself of such high security requires deploying a Public Key Infrastructure (PKI)
|
From page 25... ...
The AP can then use that connection to download to the device a digital certificate sufficient to allow it to authenticate as a user of the WLAN using standard protocols, and a small amount of software is sufficient to automatically configure the device to use that certificate in this way in the future. So from the point of view of the user, a small demonstrative act, which in experimental tests is perceived as simpler than the amount of manual configuration required to get a device onto a network providing lower levels of security, is all that is required to set his device up on a highly secure WLAN.
|
From page 26... ...
Therefore, securing your WLAN becomes equivalent to locking your front door, or if that isn't enough, locking the AP in a closet. And at the same time, the resulting network provides best available enterprise-class WLAN security, with per-user encryption keys and the ability to revoke access by any device at any time without requiring reconfiguration of any other device.
|
From page 27... ...
2006. Web wallet: Preventing phishing attacks by revealing user intentions.
|
Key Terms
This material may be derived from roughly machine-read images, and so is provided only to facilitate research.
More
information on Chapter Skim is available.