New version page

DISTRIBUTED HANDLER ARCHITECTURE

Upgrade to remove ads

This preview shows page 1-2-16-17-18-33-34 out of 34 pages.

Save
View Full Document
Premium Document
Do you want full access? Go Premium and unlock all 34 pages.
Access to all documents
Download any document
Ad free experience
Premium Document
Do you want full access? Go Premium and unlock all 34 pages.
Access to all documents
Download any document
Ad free experience
Premium Document
Do you want full access? Go Premium and unlock all 34 pages.
Access to all documents
Download any document
Ad free experience
Premium Document
Do you want full access? Go Premium and unlock all 34 pages.
Access to all documents
Download any document
Ad free experience
Premium Document
Do you want full access? Go Premium and unlock all 34 pages.
Access to all documents
Download any document
Ad free experience
Premium Document
Do you want full access? Go Premium and unlock all 34 pages.
Access to all documents
Download any document
Ad free experience
Premium Document
Do you want full access? Go Premium and unlock all 34 pages.
Access to all documents
Download any document
Ad free experience

Upgrade to remove ads
Unformatted text preview:

A Case Study in Using Design Principles for Secure Operating System Interfaces Yiming Sun1, Adity Mutsuddi1, Baizil K. Jacob2, Kay H. Connelly1, and Minaxi Gupta1 1Computer Science Department, Indiana University 150 S. Woodlawn Avenue, Bloomington, IN 47401 {yimsun, amutsudd, connelly, minaxi} @cs.indiana.edu 2School of Informatics, Indiana University 901 E. 10th Street, Bloomington, IN 47408 [email protected] ABSTRACT We present a three-phase case study in the use of design principles for designing usable and secure operating system (OS) interfaces. For the first phase, we performed a cognitive walkthrough of existing interfaces of a popular OS for creating accounts, logging into the computer, and configuring the set of services which run on the computer. After identifying potential problems, in phase 2, we designed interfaces that were meant to mitigate these problems. In the final phase, we performed a user study that examined the use of both interfaces. Participants using our interfaces had more secure behavior than those who used Windows XP interfaces. Categories and Subject Descriptors H.5.2 [User Interfaces]: User-centered design, D.4.6 Security and Protection [Operating Systems]. General Terms Design, Security, Human Factors. Keywords Security, interfaces, case study, usability, design principles, configuration, computer accounts, login. 1. INTRODUCTION Any device connected to the Internet today is vulnerable because countless viruses, worms, and other types of malicious software (aka malware) are on a constant lookout for attack targets. Home machines make particularly attractive targets because most are managed by end users who do not possess adequate knowledge for securing them. According to generally accepted guidelines for securing machines on the Internet, the end users should: 1) practice the principle of least privilege (the principle of least privilege advocates for users and processes to use the minimal privileges necessary to perform tasks), 2) run only the services they require, 3) choose strong passwords, 4) keep their anti-virus and anti-spyware checker software up-to-date, 5) apply patches released by companies to fix security bugs in existing software, and 6) use firewalls to block unwanted connections. Of these guidelines, the first two relate to operating system (OS) interfaces users encounter while using their machines on a daily basis, the third relates to passwords, and the last three are security-related applications or tasks. In this paper, we focus on the OS interfaces that users encounter on a daily basis without realizing that they have important security implications. Broadly speaking, two approaches can be taken to encourage users to behave securely in their daily interactions with their machines. The first is to educate them about secure behavior. Since it is not clear how this goal can be achieved effectively, we take the second approach, which is to ensure that the interfaces themselves encourage secure behavior. There is limited work demonstrating techniques to help designers with security-related interfaces. In this paper, we present a three-phase case study in the use of design principles for designing usable and secure OS interfaces. For the first phase, we performed a cognitive walkthrough of existing interfaces of a popular OS for creating accounts, logging into thecomputer, and configuring the set of services which run on the computer. After identifying potential problems, we designed interfaces that were meant to mitigate these problems during phase two. In the final phase, we performed a user study that examined the use of both. Overall, we found that participants using our interfaces had more secure behavior. The errors that remained suggest that interfaces need to be more aggressive in automating secure decisions, perhaps removing less secure options from view. In addition, our study showed that participants with more computer and security knowledge did not perform better than those with less, suggesting that user education would not solve security problems. Finally, we had contradictory results in the use of warnings with participants ignoring some warnings that encouraged more secure behavior and heeding others that prevented them from correctly configuring their machine. 2. RELATED WORK In this section, we first review the existing research that has investigated the usability of security interfaces where security is not the primary task. We then describe the efforts in usable security design guidelines, followed by a discussion of the methods for performing user studies in this domain. 2.1 Secure Interfaces There are many studies on the usability of security interfaces [3, 4, 6, 7, 9, 10, 13, 14, 22, 23, 24, 25] but not as many on applications where security is not the primary task yet where there are serious security implications. Ensuring such applications have secure interfaces has been investigated in the areas of wireless networks [2], peer-to-peer file sharing [11] and encrypted email [8]. These studies have identified many usability issues with existing interfaces and have provided improvements to make them more usable and secure. Warnings that explicitly describe the consequences of a risky decision have been found to be useful [11, 12]. In addition to text, visual cues and icons are valuable for alerting users about security and privacy issues [8]. Good and Krekelberg observed that interfaces most often assume that users are knowledgeable, which is not the case [11]. Users think about security in terms of their application goals and not in terms of security specific detail [1, 21]. Therefore, the technology must implement implicit security, a method in which security is automatically enabled when required by a particular application. Interfaces that hinder users from accomplishing their task will result in them having either everything turned on or off [5]. While designing our interfaces, we assume little user knowledge and take this application approach. We also use warning and visual cues to alert the user about the results of their choices. 2.2 Design Guidelines There exist many design guidelines for security or usability, but relatively few for usable security. In 1975, Saltzer and Schroeder presented the first security design principles [18]. These 8 principles specifically target


Download DISTRIBUTED HANDLER ARCHITECTURE
Our administrator received your request to download this document. We will send you the file to your email shortly.
Loading Unlocking...
Login

Join to view DISTRIBUTED HANDLER ARCHITECTURE and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view DISTRIBUTED HANDLER ARCHITECTURE 2 2 and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?