A | Security and Usability: Designing Secure Systems That People Can Use

Index

[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [R] [S] [T] [U] [V] [W] [X] [Y] [Z]

A P3P Preference Exchange Language (APPEL)
ability, trustworthiness and
abundance, authentication security
access control, on World Wide Web
accessibility of authentication mechanisms 2nd
     disabled users
         biometric authentication
     environmental considerations
     hardware/software requirements
     online banking example
Ackerman, Mark S.
active storage
ActiveX dialogs, Windows XP
Acumen
     anti-gaming techniques
     architecture
     deploying
     technological evaluation
    users
         awareness/motivation of
         educating
         needs, evaluating
Adage project
Adams, Anne
adaptive systems, interface design
AdAware
add-on software, sanitization techniques
admonition, security by
adware
AEGIS (Appropriate and Effective Guidance for Information Security)
agreement, informed consent model
Ambient Intelligence (AmI)
ambiguous disclosure
AmI (Ambient Intelligence)
Anderson, Ross
anonymity sets
anonymizing networks 2nd
     case studies of
anti-gaming, gaming and
Anti-Phishing Working Group (APWG)
antiphishing tools
AntiVirus (Symantec)
AOL (America Online), message system defense against phishing attacks
APPEL (P3P Preference Exchange Language)
applicability, challenge question systems
applications
     collaborative, embedding security in
     distributed/collaborative, user awareness
     for keystroke biometrics
     malware and
applications, developing
     design
     design/development phases
     postrelease phase
     privacy policy management tool, usability case study
         policy authoring, evaluating
         privacy needs, identifying
         prototypes, designing/evaluating
         users, interviewing
     privacy software developers, advice for 2nd
     Problem Severity Classification Matrix
     requirements phase
     secure software architecture
     security application, usability case study
         interface, testing
         ROI analysis
         work context, field study of
     trusted services
Appropriate and Effective Guidance for Information Security (AEGIS)
APWG (Anti-Phishing Working Group)
ARPANET
Asthagiri, Nimisha
at sign (@) in URLs
ATMs (automatic teller machines)
     biometric authentication
         keystroke biometrics
     two-factor authentication example
attachments, email
     malware
     self-propagating
attacks 2nd
     adware
     analysis of, case study
     auditing as means of minimizing
     brute force 2nd
     cracking
     dictionary 2nd
     email viruses
     environment and
     gaming
     graphical passwords, vulnerability of
     honeypots, attracting with
     information management and
     Internet viruses/worms
     malware
     man-in-the-middle
     network intrusion alerts, case study
     password hardening and
     phishing 2nd 3rd
         anatomy of, eBay example
         as semantic attacks
         defenses
         identification cues
         PKI and
         success of, MailFrontier study
         techniques
         trust exploitation
         user interface, fighting at
     research-based
     rootkits
     shoulder-surfing
         challenge question systems
     sniffing
     Trojan horses
     viruses
         Windows, exploiting design flaws in
     words/numbers in passwords, using permutations of
     worms
authentication 2nd
     accessibility barriers 2nd
         hardware/software requirements
     balanced design
     environmental considerations 2nd
     login attempts, increasing number of
     process, steps in
    time required
         challenge questions
         passwords
     token-based 2nd
     two-factor
     user-centered
         biometrics
authentication keys 2nd 3rd
     confidentiality
     distributing
     forced renewal
     generating, passwords and 2nd 3rd
     knowledge-based
     meaningfulness of
     predictability of
authentication mechanisms
     biometric 2nd 3rd 4th
         accessibility factors
         applications for 2nd
         ATMs
         enrolling users
         evaluating
         fingerprint systems
         flaws in
         key predictability
         keystroke systems
         memorability of
         outlier accommodation
         performance of
         portable devices
         privacy/security issues
         time factor
         user acceptance of
         user accommodation
     designing with challenge questions
     evaluating
     handheld devices
     human factors
     knowledge-based 2nd
     memometric 2nd
     selecting
     token-based, accessibility factors
     two-factor
authentication, challenge questions-based
     answers, types of
     credential recovery
     current practice, examples
     questions, types of
     time required
authorization, authentication process
     secure interaction design
automatic patching, psychological acceptability and
awareness of users
     distributed/collaborative applications
     information disclosure and
     privacy management
     privacy-protective behaviors
     web security, Bugnosis and
awareness tools