Security and Usability: Designing Secure Systems that People Can Use

石头

作者：Lorrie Cranor, Simson Garfinkel
出版日期：August 25, 2005
出版社：O'Reilly
页数：739
ISBN：ISBN-10: 0596008279  ISBN-13: 978-0596008277
文件格式：CHM

Review
“It’s good. Buy it for your team library.” – Lindsay Marshall, news@UK, June 2006
Product Description
Human factors and usability issues have traditionally played a limitedrole in security research and secure systems development. Securityexperts have largely ignored usability issues–both because they oftenfailed to recognize the importance of human factors and because theylacked the expertise to address them.
But there is a growing recognition that today’s security problemscan be solved only by addressing issues of usability and human factors.Increasingly, well-publicized security breaches are attributed to humanerrors that might have been prevented through more usable software.Indeed, the world’s future cyber-security depends upon the deploymentof security technology that can be broadly used by untrained computerusers.
Still, many people believe there is an inherent tradeoff betweencomputer security and usability. It’s true that a computer withoutpasswords is usable, but not very secure. A computer that makes youauthenticate every five minutes with a password and a fresh drop ofblood might be very secure, but nobody would use it. Clearly, peopleneed computers, and if they can’t use one that’s secure, they’ll useone that isn’t. Unfortunately, unsecured systems aren’t usable forlong, either. They get hacked, compromised, and otherwise rendereduseless.
There is increasing agreement that we need to design secure systemsthat people can actually use, but less agreement about how to reachthis goal. Security & Usability is the first book-lengthwork describing the current state of the art in this emerging field.Edited by security experts Dr. Lorrie Faith Cranor and Dr. SimsonGarfinkel, and authored by cutting-edge security and human-computerinteraction (HCI) researchers world-wide, this volume is expected tobecome both a classic reference and an inspiration for future research.
Security & Usability groups 34 essays into six parts:

• Realigning Usability and Security—with careful attention touser-centered design principles, security and usability can besynergistic.
• Authentication Mechanisms– techniques for identifying and authenticating computer users.
• Secure Systems–how system software can deliver or destroy a secure user experience.
• Privacy and Anonymity Systems–methods for allowing people to control the release of personal information.
• Commercializing Usability: The Vendor Perspective–specificexperiences of security and software vendors (e.g., IBM, Microsoft,Lotus, Firefox, and Zone Labs) in addressing usability.
• The Classics–groundbreaking papers that sparked the field of security and usability.

This book is expected to start an avalanche of discussion, new ideas, and further advances in this important field.

terry_around

好东西，下载学习一下：）谢谢楼主：）