Security and Usability

Security and Usability

Author: Lorrie Faith Cranor

Publisher: "O'Reilly Media, Inc."

Published: 2005-08-25

Total Pages: 741

ISBN-13: 0596553854

DOWNLOAD EBOOK

Human factors and usability issues have traditionally played a limited role in security research and secure systems development. Security experts have largely ignored usability issues--both because they often failed to recognize the importance of human factors and because they lacked the expertise to address them. But there is a growing recognition that today's security problems can be solved only by addressing issues of usability and human factors. Increasingly, well-publicized security breaches are attributed to human errors that might have been prevented through more usable software. Indeed, the world's future cyber-security depends upon the deployment of security technology that can be broadly used by untrained computer users. Still, many people believe there is an inherent tradeoff between computer security and usability. It's true that a computer without passwords is usable, but not very secure. A computer that makes you authenticate every five minutes with a password and a fresh drop of blood might be very secure, but nobody would use it. Clearly, people need computers, and if they can't use one that's secure, they'll use one that isn't. Unfortunately, unsecured systems aren't usable for long, either. They get hacked, compromised, and otherwise rendered useless. There is increasing agreement that we need to design secure systems that people can actually use, but less agreement about how to reach this goal. Security & Usability is the first book-length work describing the current state of the art in this emerging field. Edited by security experts Dr. Lorrie Faith Cranor and Dr. Simson Garfinkel, and authored by cutting-edge security and human-computerinteraction (HCI) researchers world-wide, this volume is expected to become both a classic reference and an inspiration for future research. Security & Usability groups 34 essays into six parts: Realigning Usability and Security---with careful attention to user-centered design principles, security and usability can be synergistic. Authentication Mechanisms-- techniques for identifying and authenticating computer users. Secure Systems--how system software can deliver or destroy a secure user experience. Privacy and Anonymity Systems--methods for allowing people to control the release of personal information. Commercializing Usability: The Vendor Perspective--specific experiences of security and software vendors (e.g.,IBM, Microsoft, Lotus, Firefox, and Zone Labs) in addressing usability. The Classics--groundbreaking papers that sparked the field of security and usability. This book is expected to start an avalanche of discussion, new ideas, and further advances in this important field.


Information and Communications Security

Information and Communications Security

Author: Tat Wing Chim

Publisher: Springer

Published: 2012-10-15

Total Pages: 519

ISBN-13: 3642341292

DOWNLOAD EBOOK

This book constitutes the refereed proceedings of the 14th International Conference on Information and Communications Security, ICICS 2012, held in Hong Kong, China, in October 2012. The 23 regular papers and 26 short papers were carefully reviewed and selected from 101 submissions. The papers cover many important areas in information security such as privacy, security in mobile systems, software and network security, cryptanalysis, applied cryptography as well as GPU-enabled computation.


Usable Security

Usable Security

Author: Simson Garfinkel

Publisher: Springer Nature

Published: 2022-06-01

Total Pages: 150

ISBN-13: 3031023439

DOWNLOAD EBOOK

There has been roughly 15 years of research into approaches for aligning research in Human Computer Interaction with computer Security, more colloquially known as ``usable security.'' Although usability and security were once thought to be inherently antagonistic, today there is wide consensus that systems that are not usable will inevitably suffer security failures when they are deployed into the real world. Only by simultaneously addressing both usability and security concerns will we be able to build systems that are truly secure. This book presents the historical context of the work to date on usable security and privacy, creates a taxonomy for organizing that work, outlines current research objectives, presents lessons learned, and makes suggestions for future research.


International Conference on Applications and Techniques in Cyber Security and Intelligence

International Conference on Applications and Techniques in Cyber Security and Intelligence

Author: Jemal Abawajy

Publisher: Springer

Published: 2017-10-20

Total Pages: 534

ISBN-13: 3319670719

DOWNLOAD EBOOK

This book presents the outcomes of the 2017 International Conference on Applications and Techniques in Cyber Security and Intelligence, which focused on all aspects of techniques and applications in cyber and electronic security and intelligence research. The conference provides a forum for presenting and discussing innovative ideas, cutting-edge research findings, and novel techniques, methods and applications on all aspects of cyber and electronic security and intelligence.


Security of Information and Networks

Security of Information and Networks

Author: Atilla Eli

Publisher: Trafford Publishing

Published: 2008

Total Pages: 388

ISBN-13: 1425141099

DOWNLOAD EBOOK

This book is a select collection of edited papers from the International Conference on Security of Information and Networks (SIN 2007) on the main theme of Information Assurance, Security, and Public Policy. SIN 2007 was hosted by the Eastern Mediterranean University in Gazimagusa, North Cyprus and co-organized by the Istanbul Technical University, Turkey. While SIN 2007 covered all areas of information and network security, the papers included here focused on the following topics: - cryptology: design and analysis of cryptographic algorithms, hardware and software implementations of cryptographic algorithms, and steganography; - network security: authentication, authorization and access control, privacy, intrusion detection, grid security, and mobile and personal area networks; - IT governance: information security management systems, risk and threat analysis, and information security policies. They represent an interesting mix of innovative academic research and experience reports from practitioners. This is further complemented by a number of invited papers providing excellent overviews: - Elisabeth Oswald, University of Bristol, Bristol, UK: Power Analysis Attack: A Very Brief Introduction; - Marc Joye, Thomson R&D, France: On White-Box Cryptography; - Bart Preneel, Katholieke Universiteit Leuven, Leuven, Belgium: Research Challenges in Cryptology; - Mehmet Ufuk Caglayan, Bogazici University, Turkey: Secure Routing in Ad Hoc Networks and Model Checking. The papers are organized in a logical sequence covering Ciphers; Mobile Agents & Networks; Access Control and Security Assurance; Attacks, Intrusion Detection, and Security Recommendations; and, Security Software, Performance, and Experience.


Cognitive Security

Cognitive Security

Author: Linan Huang

Publisher: Springer Nature

Published: 2023-07-04

Total Pages: 117

ISBN-13: 3031307097

DOWNLOAD EBOOK

This book presents the latest research in cognitive security, a rapidly emerging field that addresses the vulnerabilities in human behavior and cognition that can lead to Cyber-Physical Systems (CPS) compromise. This book demonstrates that as adversaries increasingly use manipulative and deceptive information to disrupt human cognitive processes, including sensation, attention, memory, and mental operations, humans are misled into fallacious reasoning and manipulated decisions that can lead to system-level meltdown. Cognitive security aims to protect humans from the exploitation of cognitive vulnerabilities, help them make informed decisions that are free from manipulation and undue influence, and mitigate the aggravating risk in the ensuing steps of the attacker’s kill chain. This book offers solutions that work across different fields, such as psychology, neuroscience, data science, social science, and game theory, to deal with cognitive threats. It guides the reader through the core ideas with figures, real-life examples, and case studies. Moreover, it formally defines all research questions, presents the results using mathematical theorems and proofs, and obtains insights through numerical validation. This book provides a self-contained and brief overview of essential system-scientific tools for modeling, analyzing, and mitigating cognitive vulnerabilities. The concepts of human cognitive capacities and cognitive vulnerabilities are formally discussed, followed by two case studies in the scenarios of reactive and proactive attention vulnerabilities. This book provides insights and applications on this transdisciplinary topic, with the goal of motivating future research in this emerging area and pushing the frontier of human-technology convergence. This book is a valuable reference for researchers and advanced-level students studying or working in cognitive security and related fields. It is also useful for decision-makers, managers, and professionals working within these related fields.


Financial Cryptography and Data Security

Financial Cryptography and Data Security

Author: Sven Dietrich

Publisher: Springer

Published: 2007-12-21

Total Pages: 401

ISBN-13: 3540773665

DOWNLOAD EBOOK

There are few more important areas of current research than this, and here, Springer has published a double helping of the latest work in the field. That’s because the book contains the thoroughly refereed proceedings of the 11th International Conference on Financial Cryptography and Data Security, and the co-located 1st International Workshop on Usable Security, both held in Trinidad/Tobago in February 2007. Topics covered include payment systems and authentication.


Security and Privacy Protection in Information Processing Systems

Security and Privacy Protection in Information Processing Systems

Author: Lech J. Janczewski

Publisher: Springer

Published: 2013-07-03

Total Pages: 447

ISBN-13: 3642392180

DOWNLOAD EBOOK

This book constitutes the refereed proceedings of the 28th IFIP TC 11 International Information Security and Privacy Conference, SEC 2013, held in Auckland, New Zealand, in July 2013. The 31 revised full papers presented were carefully reviewed and selected from 83 submissions. The papers are organized in topical sections on malware, authentication and authorization, network security/cryptography, software security, policy compliance and obligations, privacy protection, risk analysis and security metrics, social engineering, and security management/forensics.


Handbook of Blockchain, Digital Finance, and Inclusion, Volume 2

Handbook of Blockchain, Digital Finance, and Inclusion, Volume 2

Author: David Lee Kuo Chuen

Publisher: Academic Press

Published: 2017-08-16

Total Pages: 556

ISBN-13: 0128122994

DOWNLOAD EBOOK

Handbook of Blockchain, Digital Finance, and Inclusion, Volume 2: ChinaTech, Mobile Security, and Distributed Ledger emphasizes technological developments that introduce the future of finance. Descriptions of recent innovations lay the foundations for explorations of feasible solutions for banks and startups to grow. The combination of studies on blockchain technologies and applications, regional financial inclusion movements, advances in Chinese finance, and security issues delivers a grand perspective on both changing industries and lifestyles. Written for students and practitioners, it helps lead the way to future possibilities. - Explains the practical consequences of both technologies and economics to readers who want to learn about subjects related to their specialties - Encompasses alternative finance, financial inclusion, impact investing, decentralized consensus ledger and applied cryptography - Provides the only advanced methodical summary of these subjects available today