Policy and Security Configuration Management Systems in Cross-Organisational Settings

A context of use analysis is an important step in every software engineering project. Comprising the identification of the key system users as well as an analysis of the system environment and the activities supported, this engineering step is crucial for the successful development of information systems. Clarity with respect to the users’ demand for system support and their participation in the activities supported by the system is considered particularly important for systems which are critical for organizational continuity and which are used across organizational boundaries. Systems supporting policy and security configuration management in networks of IT service providers, their customers and auditors meet both of these criteria. Within the scope of this article, the context of use of such a system supporting policy and security configuration management is investigated by means of a user-oriented approach. The focus lies on a specific setting being investigated within the scope of an on-going research project. The investigation which was based on a series of qualitative interviews as well as desk research resulted in a comprehensive description of the participation of a set of key system users in activities related to policy and security configuration management as well as their demand for system support. Also the key users and the activities to be supported are discussed within the scope of this article

A framework for reasoning about the human in the loop

Many secure systems rely on a \u27human in the loop\u27 to perform security-critical functions. However, humans often fail in their security roles. Whenever possible, secure system designers should find ways of keeping humans out of the loop. However, there are some tasks for which feasible or cost effective alternatives to humans are not available. In these cases secure system designers should engineer their systems to support the humans in the loop and maximize their chances of performing their security-critical functions successfully. This paper proposes a framework for reasoning about the human in the loop that provides a systematic approach to identifying potential causes for human failure. This framework can be used by system designers to identify problem areas before a system is built and proactively address deficiencies. System operators can also use this framework to analyze the root cause of security failures that have been attributed to \u27human error.\u27 Examples are provided to illustrate the applicability of this framework to a variety of secure systems design problems, including anti-phishing warnings and password policies

Adding context and value to online security ratings by combining heuristics with community based ratings

The Internet is growing rapidly in terms of websites, users and uses. People use the Internet for reference, shopping, social networking, communications, business and much more. Though the Internet is useful, there are many risks associated with its use, like malicious websites, identity theft, hateful content and fraudulent practices. Online safe surfing tools help Internet users stay safe from potential threats and have become common. These tools give security ratings for websites or automatically block and filter content. Many users rely on these ratings to identify dangers. This thesis examines different types of online safe surfing tools, analyzes their relative strengths and weaknesses, and ways to improve their quality. This thesis consists of two manuscripts. First, we conducted a study of the security ratings given by these tools. Based on these results, we identified two families of tools; 1) heuristic machine based and 2) community based tools. These differ both in analysis methodology and focus. Heuristics tools advise users about the technical foundations of a website but cannot be used to find whether the website engages in dubious practices, whether the content is for adults only, or whether the content is credible or reliable. Community based tools use user ratings, but determining the reliability of these is a problem.   We proposed a method for extracting high quality information from user data that can be added with heuristic techniques. Second, we conducted a controlled lab experiment and studied whether combining user data with machine-based results added value to users. We also analyzed how users behave when presented with conflicting ratings for a website. Our results show that combining heuristics and community-based information increased the confidence level of users while rating websites

Transferring Update Behavior from Smartphones to Smart Consumer Devices

Automatic updates are becoming increasingly common, which minimizes the amount of update decisions that users have to make. Rapidly deployed important updates have a major impact on security. However, automatic updates also reduce the users' opportunities to build useful mental models which makes decision-making harder on other consumer devices without automatic updates. Users generally transfer their understanding from domains that they know well (i.e., smartphones) to others. We investigate how well this transfer process works with respect to updates and if users with automatic updates fare worse than those with manual updates. We conducted a formative field study (N = 5$) to observe users' update settings on smartphones and examine reasons for their (de-)activation. Based on the results, we conducted an online survey (N = 91) to compare how users perceive update notifications for smartphones and smart consumer devices. One of our main findings is that update decisions based on expected changes do not apply well to these devices since participants do not expect meaningful and visual changes. We suggest naming updates for such devices 'maintenance' to move users' expectations from 'new features' to 'ensuring future functionality'

Complex, but in a good way? How to represent encryption to non-experts through text and visuals – Evidence from expert co-creation and a vignette experiment

An ongoing discussion in the field of usable privacy and security debates whether security mechanisms should be visible to end-users during interactions with technology, or hidden away. This paper addresses this question using a mixed-methods approach, focusing on encryption as a mechanism for confidentiality during data transmission on a smartphone application. In study 1, we conducted a qualitative co-creation study with security and Human-Computer Interaction (HCI) experts (N = 9) to create appropriate textual and visual representations of the security mechanism encryption in data transmission. We investigated this question in two contexts: online banking and e-voting. In study 2, we put these ideas to the test by presenting these visual and textual representations to non-expert users in an online vignette experiment (N = 2180). We found a statistically significant and positive effect of the textual representation of encryption on perceived security and understanding, but not on user experience (UX). More complex text describing encryption resulted in higher perceived security and more accurate understanding. The visual representation of encryption had no statistically significant effect on perceived security, UX or understanding. Our study contributes to the larger discussion regarding visible instances of security and their impact on user perceptions

Attribute-Based, Usefully Secure Email

A secure system that cannot be used by real users to secure real-world processes is not really secure at all. While many believe that usability and security are diametrically opposed, a growing body of research from the field of Human-Computer Interaction and Security (HCISEC) refutes this assumption. All researchers in this field agree that focusing on aligning usability and security goals can enable the design of systems that will be more secure under actual usage. We bring to bear tools from the social sciences (economics, sociology, psychology, etc.) not only to help us better understand why deployed systems fail, but also to enable us to accurately characterize the problems that we must solve in order to build systems that will be secure in the real world. Trust, a critically important facet of any socio-technical secure system, is ripe for analysis using the tools provided for us by the social sciences. There are a variety of scopes in which issues of trust in secure systems can be stud- ied. We have chosen to focus on how humans decide to trust new correspondents. Current secure email systems such as S/MIME and PGP/MIME are not expressive enough to capture the real ways that trust flows in these sorts of scenarios. To solve this problem, we begin by applying concepts from social science research to a variety of such cases from interesting application domains; primarily, crisis management in the North American power grid. We have examined transcripts of telephone calls made between grid manage- ment personnel during the August 2003 North American blackout and extracted several different classes of trust flows from these real-world scenarios. Combining this knowl- edge with some design patterns from HCISEC, we develop criteria for a system that will enable humans apply these same methods of trust-building in the digital world. We then present Attribute-Based, Usefully Secure Email (ABUSE) and not only show that it meets our criteria, but also provide empirical evidence that real users are helped by the system

Mainepohjainen luottamuksenhallinta wikiympäristössä

Trust makes our life easier, as we can focus our resources to productive actions instead of verifying the actions of others. Many services in our society would not be possible without trust. We trust products and services that have a good reputation and we recommend good services that we discover to others. Our aim is to find the best selection, taking into account the risk and the benefit. On the Internet the huge number of possible partners and options means a lot of options to choose from. However, online reputation management systems can automatically track our preferences and communicate the necessary recommendations, and applying reputation for trust decisions may be even easier than it is offline. This thesis seeks to answer what problems in a wiki can be solved with reputation based approaches, and how those mechanisms can and should be implemented. Wikis utilize collaborative writing, and this collaborative approach can create difficulties in generating actor reputation from content. Conducted literature review did not reveal a satisfying solution. Therefore, a reputation management application based on content reviews was made to explore the possible solutions. Field test for the application was done in a wiki related to teaching material. This test gave insights about user reactions to the application and user expectations for peer-review tools. Reputation related insights did not emerge because the test scenario was relatively short and restricted. However, what emerged was a need to evaluate the comments given as a part of peer-review. The main result of this thesis is the implemented reputation management application. In addition, the findings show that wiki user reputation and trust decisions can be easily applied to auxiliary functions, such as content reviews and comments. However, larger trust decisions and the evaluation of more complex content needs more work. /Kir11Luottamus helpottaa päivittäistä elämäämme, koska voimme keskittyä muiden henkilöiden vahtimisen sijasta tuottavaan toimintaan. Monet yhteiskuntamme palveluista, esimerkiksi valintamyymälät, eivät edes toimisi ilman luottamusta. Luotamme hyvämaineisiin, meille tuttuihin tuotteisiin ja palveluihin, sekä suosittelemme hyväksi havaitsemiamme hyödykkeitä edelleen muille. Tavoitteenamme on useimmiten löytää runsaasta palveluiden tarjonnasta meille sopivin vaihtoehto mahdolliset riskit ja hyödyt huomioiden. Jos haluamme käyttää samaa toimintamallia Internetissä, tarjottujen palveluiden ja mahdollisten kumppanien määrä voi tehdä vaihtoehtojen punnitsemisen todella raskaaksi. Maineen- ja luottamuksenhallintajärjestelmillä mieltymystemme seuranta ja suosittelujen välittäminen muillekin voidaan tehdä automaattiseksi, jolloin näiden mekanismien soveltaminen onnistuu myös verkossa. Tässä diplomityössä tutkittiin, millaisia ratkaisuja maineenhallintajärjestelmä voi tuoda luottamussuhteiden määrittämiseen käyttäjien välille, sekä sisällön luokitteluun ja suodatukseen opetussisältöä tuottavassa wikiympäristössä. Wikien perusajatuksena on, että sivuston käyttäjät itse luovat sivuston sisällön yhteistyössä. Tämä yhteistoiminnallisuus sisällön tuottamisessa asetti sellaisia haasteita käyttäjien toimien yksilöintiin, joita ei alussa suoritetun kirjallisuuskatsauksen perusteella pystytty täysin ratkaisemaan. Ratkaisuja etsittiin myös käytössä olevista toteutuksista. Näiden ideoiden pohjalta rakennettiin sisällön arviointiin perustuva maineenhallintasovellus. Maineenhallintasovellusta testattiin kohdejärjestelmässä. Testissä selvitettiin käyttäjien suhtautumista nykyiseen toteutuksen käytettävyyteen ja käyttäjien vertaisarviointiin liittyviä odotuksia ja tarpeita. Pääpaino oli testin lyhyydestä johtuen vertaisarvioinnin toteuttamisessa. Maineeseen liittyviä ominaisuuksia pystyttiinkin testaamaan vain vähän. Suurimmat vertaisarviointiin liittyvät tarpeet olivat tekstimuotoisessa kommentoinnissa ja sen arvostelussa. Tämän havainnon perusteella sovellukseen lisättiin mahdollisuus arvioitavaan ja maineen perusteella suodatettavaan kommentointiin. Työn näkyvin tulos on avoimena lähdekoodina julkaistu maineenhallintasovellus. Lisäksi työssä havaittiin, että maineen perusteella tehtäviä luottamuspäätöksiä on luontevinta soveltaa wikiympäristöissä sisällön luotettavuusarviointien sijasta oheistoimintojen, kuten tekstimuotoisen palautteen suodatukseen. Suurempia luottamuspäätöksiä tekevän järjestelmän luotettava toteutus vaatisi kuitenkin lisätutkimusta

A framework to evaluate user experience of end user application security features

The use of technology in society moved from satisfying the technical needs of users to giving a lasting user experience while interacting with the technology. The continuous technological advancements have led to a diversity of emerging security concerns. It is necessary to balance security issues with user interaction. As such, designers have adapted to this reality by practising user centred design during product development to cater for the experiential needs of user - product interaction. These User Centred Design best practices and standards ensure that security features are incorporated within End User Programs (EUP). The primary function of EUP is not security, and interaction with security features while performing a program related task does present the end user with an extra burden. Evaluation mechanisms exist to enumerate the performance of the EUP and the user’s experience of the product interaction. Security evaluation standards focus on the program code security as well as on security functionalities of programs designed for security. However, little attention has been paid to evaluating user experience of functionalities offered by embedded security features. A qualitative case study research using problem based and design science research approaches was used to address the lack of criteria to evaluate user experience with embedded security features. User study findings reflect poor user experience with EUP security features, mainly as a result of low awareness of their existence, their location and sometimes even of their importance. From the literature review of the information security and user experience domains and the user study survey findings, four components of the framework were identified, namely: end user characteristics, information security, user experience and end user program security features characteristics. This thesis focuses on developing a framework that can be used to evaluate the user experience of interacting with end user program security features. The framework was designed following the design science research method and was reviewed by peers and experts for its suitability to address the problem. Subject experts in the fields of information security and human computer interaction were engaged, as the research is multidisciplinary. This thesis contributes to the body of knowledge on information security and on user experience elements of human computer interaction security regarding how to evaluate user experience of embedded InfoSec features. The research adds uniquely to the literature in the area of Human Computer Interaction Security evaluation and measurement in general, and is specific to end user program security features. The proposed metrics for evaluating UX of interacting with EUP security features were used to propose intervention to influence UX in an academic setup. The framework, besides presenting UX evaluation strategies for EUP security features, also presents a platform for further academic research on human factors of information security. The impact can be evaluated by assessing security behaviour, and successful security breaches, as well as user experience of interaction with end user programs

ENHANCING USABILITY USING AUTOMATED SECURITY INTERFACE ADAPTATION (ASIA)

2 PUBLISHED CONFERENCE PROCEEDINGS PROVIDED IN APPENDIX E.Many users are now significantly dependent upon computer application. Whilst many aspects are now used very successfully, an area in which usability difficulties continue to be encountered is in relation to security. Thus can become particularly acute in situations where users are required to interact and make decisions, and a key context here is typically when they need to respond to security warnings. The current implementation of security warnings can often be considered as an attempt to offer a one size fits all solution. However, it can be argued that many implementations are still lacking the ability to provide meaningful and effective warnings. As such, this research focuses upon achieving a better understanding of the elements that aid end-users in comprehending the warnings, the difficulties with the current approaches, and the resulting requirements in order to improve the design and implementation of such security dialogues. In the early stage of research, a survey was undertaken to investigate perceptions of security dialogues in practice, with a specific focus upon security warnings issued within web browsers. This provided empirical evidence of end-users’ experiences, and revealed notable difficulties in terms of their understanding and interpretation of the security interactions. Building upon this, the follow-up research investigated understanding of application level security warnings in wider contexts, looking firstly at users’ interpretation of what constitutes a security warning and then at their level of comprehension when related warnings occurred. These results confirmed the need to improve the dialogues so that the end-users are able to act appropriately, and consequently promoted the design and prototype implementation of a novel architecture to improve security warnings, which has been titled Automated Security Interface Adaptation (ASIA). The ASIA approach aims to improve security warnings by tailoring the interaction more closely to individual user needs. By automatically adapting the presentation to match each user’s understanding and preferences, security warnings can be modified in ways that enable users to better comprehend them, and thus make more informed security decisions and choices. A comparison of the ASIA-adapted interfaces compared to standard versions of warnings revealed that the modified versions were better understood. As such, the ASIA approach has significant potential to assist (and thereby protect) the end-user community in their future interactions with security.UNIVERSITY SAINS MALAYSIA (USM), MINISTRY OF HIGHER EDUCATION MALAYSIA(MOHE