A brief introduction to usable Security

IEEE Internet Computing

Volumn 12, Issue 3, 2008, Pages 13-20

  Payne, Bryan D ^a   Edwards, W Keith ^a  

^a GEORGIA INSTITUTE OF TECHNOLOGY   (United States)

Author keywords

Computer security; Cryptography; Electronic mail; Email encryption; Face; Guidelines; Security; Usability; Useable computer security; User authentication; User interface

Indexed keywords

USER AUTHENTICATION;

CRYPTOGRAPHY; ELECTRONIC MAIL; SYSTEMS ANALYSIS; USABILITY ENGINEERING; USER INTERFACES;

SECURITY OF DATA;

EID: 44449091000     PISSN: 10897801     EISSN: None     Source Type: Journal    
DOI: 10.1109/MIC.2008.50     Document Type: Article

References (25)

1. R. Morris and K. Thompson, "Password Security: A Case History," Comm. ACM, vol. 22, no. 11, 1979, pp. 594-597.
2. S. Wiedenback et al., "Authentication using Graphical Passwords: Effects of Tolerance and image Choice," Proc. Symp. Usable Privacy and Security, ACM Press, 2005, pp. 1-12.
3. S.N.A. Porter, "A Password Extension for improved Human Factors," Computers & Security, vol. 1, no. 1, 1982, pp. 54-56.
4. J.A. Haskett, "Pass-Algorithms: A User Validation Scheme Based on Knowledge of Secret Algorithms," Comm. ACM, vol. 27, no. 8, 1984, pp. 777-781.
5. B.F. Barton and M.S. Barton, "User-Friendly Password Methods for Computer-Mediated Information Systems," Computers a Security, vol. 3, no. 3, 1984, pp. 186-195.
6. M. Zviran and W.J. Haga, "Cognitive Passwords: The Key to Easy Access Control," Computers & Security, vol. 9, no. 8, 1990, pp. 723-736.
7. S. Brostoff and A.M. Sasse, "Are Passfaces More Usable than Passwords? A Field Trial investigation," Proc. Human-Computer Interactions (CHI 00), ACM Press, 2000, pp. 405-424.
8. I. Jermyn et al., "The Design and Analysis of Graphical Passwords," Proc. 9th, Usenix Security Symp., Usenix Assoc., 2000, pp. 1-14.
9. R. Dhamija and A. Perrig, "Deja Vu: A User Study Using Images for Authentication," Proc. 9th Usenix Security Symp.," Usenix Assoc., 2000, pp. 45-58.
10. D. Davis, F. Monrose, and M.K. Reiter, "On User Choice in Graphical Password Schemes," Proc. 13th Usenix Security Symp., Usenix Assoc., 2004, pp. 151-164.
11. J. Thorpe and P.C.V. Oorschot, "Graphical Dictionaries and the Memorable Space of Graphical Passwords," Proc. 13th Usenix Security Symp., Usenix Assoc., 2004, pp. 135-150.
12. S.T. Kent, "Internet Privacy Enhanced Mail," Comm. ACM, vol. 36, no. 8, 1993, pp. 48-60.
13. L. Lundblade, "A Review of E-Mail Security Standards," Proc. 7th Ann. Conf. Internet Soc. (INET 97). 1997; www.isoc.org/inet97/proceedings/A4/A4_1.HTM.
14. S. Garfinkel, "Signed, Sealed and Delivered," CSO Online, April 2004, www.csoonline.com/read/040104/shop.html.
15. B. Schneier, Applied Cryptography, 2nd ed., Wiley, 1996.
16. S.L. Garfinkel, Design Principles and Patterns for Computer Systems that Are Simultaneously Secure and Usable, PhD thesis, Mass. Inst. of Technology, 2005.
17. A. Whitten and J.D. Tygar, "Why Johnny Can't Encrypt: A Usability Evaluation of PGP 5.0," Proc. 8th, Usenix Security Sym., Usenix Assoc., 1999, pp. 169-184.
18. S.L. Garfinkel and R.C. Miller, "Johnny 2: A User Test of Key Continuity Management with S/MIME and Outlook Express," Proc. Symp. Usable Privacy and Security, ACM Press, 2005, pp. 13-24.
19. K.-P. Yee, "User Interaction Design for Secure Systems," Proc. 4th Int'l Conf. Information and Communications Security, Springer-Verlag, 2002, pp. 278-290.
20. K.-P. Yee, "Secure Interaction Design," 2007, http://zesty.ca/sid.
21. R.W. Reeder and R.A. Maxion, "User Interface Dependability through Goal-Error Prevention," Proc. Int'l Conf. Dependable Systems & Networks, IEEE CS Press. 200r, pp. 60-69.
22. N. Borizov, I. Goldberg, and D. Wagner, "Intercepting Mobile Communications: The Insecurity of 802.1l," Proc. Int'l Conf. Mobile Computinq and Networking (Mobicom 01), ACM Press, 2001, pp. 180-189.
23. S. Fluhrer, I. Mantin, and A. Shamir, "Weaknesses in the Key Scheduling Algorithm of RC4," Proc. 8th Ann. Workshop Selected Areas in Cryptography, Springer, 2001, pp. 1-24.
24. D. Balfanz et al., "Network-in-a-Box: How to Set Up a Secure Wireless Network in Under a Minute," Usenix Security Symp., Usenix Assoc., 2004, pp. 207-222.
25. N.S. Good and A. Krekelberg, "Usability and Privacy: A Study of Kazaa P2P File-Sharing," Proc. Human-Computer Interactions (CHI 03), vol. 5, ACM Press, 2003, pp. 137-144.