Security and Usability: Designing Secure Systems That People Can Use
Index[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [R] [S] [T] [U] [V] [W] [X] [Y] [Z] P2P (peer-to-peer) P2P (peer-to-peer) systems, usability/privacy issues security guidelines P3P (Platform for Privacy Preferences) informed consent and P3P policies Privacy Bird checking for P3P statements policies, Bugnosis future directions policy reference files user agents design challenges preferences W3C specifications 2nd P3P 1.0 (Platform for Privacy Preferences 1.0) Specification PACT (Psychological Aspects of Communication Technologies) panorama, element of sociotechnical systems 2nd 3rd security development environment, influence of security mechanisms, context of Passfaces login errors, minimizing passfaces, password alternative passive storage passphrases password generation and password selection beliefs about existing advice on 2nd experimental study graphical passwords, bias in human factors problem memorability security and, tradeoff recommendations restrictions on security administrators, recommendations security recommendations special characters/numbers 2nd passwords associative authentication by 2nd challenge questions, differences changing login failures and password reminders and crackability cultural 2nd 3rd entering marching dots display Tresor rolling blackout display fake prompts guessing 2nd hardened, keystroke biometrics hashing ineffectiveness of 2nd key rings/wallets length, significance of mnemonics, based on difficulty of cracking memorability of proactive checking random authentication time centrally assigned meaningfulness of memorability of predictability of remembering 2nd difficulty of, security compromises methods of password reminders versus guessing resetting, user resistance to security recommendations smart cards SQLSnake/Spida worm types of users and demands on 2nd exploiting differences with attackers motivation writing down 2nd patches ineffectiveness of Patrick, Andrew S. PayPal false expectations generated by forged web sites PC operating systems, overwriting data and Peacock, Alen peer-to-peer (P2P) Pentium III processor, security/privacy issues per-files s attribute (Linux 0.4) peripheral awareness systems, browser design personal information as exoinformation 2nd automated tools for user control handling, communicating policies user control user nuanced control of 2nd users downloading PETs (Privacy Enhancing Technologies) PGP program encrypting email, user reluctance secure file deletion version 5.0 cognitive walkthrough, results of evaluating interface design failures key types usability standard for user study PGPTools display phishing attacks 2nd 3rd 4th anatomy of, eBay example as semantic attacks defenses message retrieval SpoofGuard user action PKI and success of, MailFrontier study techniques trust exploitation user interface, fighting at physiological characteristics, biometric authentication 2nd Piazzalunga, Ugo picture effect, graphical passwords and PINs (personal identification numbers) keystroke biometrics memory demands on users, reducing PKI (public key infrastructure) 2nd IBM Lotus Notes/Domino phishing attacks and problems with usable, creating Network-in-a-Box study wireless network deployments 2nd Platform for Privacy Preferences 1.0 (P3P 1.0) Specification plausible deniability Polaris research project pop-up windows blocking, Windows XP Service Pack 2 port 1034, MyDoom virus portable devices biometric devices cell phones, disposable environmental awareness passive storage versus active storage telephones, balancing privacy and security position, authentication mechanism based on POSIX unlink( ) system call, changing semantics of postrelease phase, product development predictability, authentication security prevention user awareness implications privacy as process aspect of secure authentication awareness and, trade-offs biometric authentication monitoring users, concerns about user acceptance of challenge questions systems concept of, evolving concerns about informed consent Thunderwire study user differences designing for case study challenges 2nd features HCI and historical protections, erosion of mechanisms iterative design/develop/test social theories 2nd privacy policy management tool, usability case study privacy-affecting systems risk management/perception sociotechnical systems and software development, advice about ubicomp concerns about management of usability and P2P systems user-analysis with Bugnosis users awareness of protective behaviors control, nuances of 2nd information about, publicizing rights, colliding Privacy Bird bird as personification of user agent cookie manager, integrating with design privacy icons web security, communications about evaluating usability of iterative design/develop/test Privacy Enhancing Technologies (PETs) privacy management, social approach to challenges deploying system design user needs, evaluating privacy policies/preferences user opinion of privacy space framework for, user-centric research Privacy Space Framework 2nd validating private keys process, element of sociotechnical systems 2nd security design product, element of sociotechnical systems 2nd user behavior user-centered design 2nd production tasks, security system design program advisor, ZoneAlarm prototypes Chameleon interface development experience, interface design Faces high- and low-fidelity prototyping privacy policy, designing/evaluating user interface redesigning after usability evaluations testing proxies, web PSC (Problem Severity Classification Matrix) 2nd PSN (Processor Serial Number) technology, security/privacy issues psychological acceptability configuration passwords patches security mechanisms, context of user-centered design user-centered design of secure systems Psychological Aspects of Communication Technologies (PACT) public information sources for security tools public key cryptography IBM Lotus Notes/Domino key predictability smart cards and user understanding public keys push-to-talk phones, exploiting plausible deniability |