S | Security and Usability: Designing Secure Systems That People Can Use

Index

[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [R] [S] [T] [U] [V] [W] [X] [Y] [Z]

Salvaneschi, Paolo
sanitization
     cryptographic approach to
     standards, U.S. Department of Defense
     usability and
SANS (SysAdmin, Audit, Network, Security)
Sasse, M. Angela 2nd
Save As command, overwriting files
Schneier's Security Processes Framework
search tools, file access security
Secure Empty Trash command (Macintosh), replacing with Shred Trash command
secure interaction design
     authority management
     browsers
     conflict between security/usability
     design guidelines
         authorization
         communications
     design strategies
     implementations of
     iterative design
     privacy, designing for
Secure Sockets Layer (SSL)
SecureID
security
     as collaborative effort
     authentication and
         environmental considerations
         online banking example
     breaches in business sector
     by admonition
     by designation
         file access, securing
     challenge questions systems and
     collaborative applications, embedding in
     complexity and
     contextual design
     cookies, managing
     credentials, using challenge questions to recover
     culture 2nd 3rd 4th
         ethnographic studies
     graphical passwords, evaluating
     image problem
     memorability and, tradeoff in password selection
     on desktops 2nd
     problematic properties of
     retrofitting usable, inability to
     supporting task
     user knowledge
security administration
     attack analysis
     case studies
     collaboration as requirement of
     system checkups
     tools
security administrators 2nd
     activity reuse in information processing, need for
     attacks, analysis of
     checkups, performing
     education of
     environment, required knowledge of
     Groove Virtual Office and
     instructing users about password selection
     profiles of
     schedules, staggering
     time as crucial factor
     workload increases
security and privacy
    applications
         usability design/evaluation for
     applications, complexity of
     balancing
     biometric authentication systems
     differences between
     frameworks
         Schneier's Security Processes Framework
     HCI methods/usability in
     solutions, updating
     Web
security and usability, balancing 2nd
     authentication design
     disposable cell phones
     graphical passwords, evaluating 2nd
     Groove Virtual Office
     Mozilla FireFox
    passwords
         removing unnecessary restrictions
     physical locations, exploiting differences
     sanitization systems
     secure interaction design
         authority management
         checklist
         iterative design
         mental models
         security by admonition
         security by designation
     sources of conflict
     users
         attackers and, exploiting differences
         partnership with
security mechanisms
     complementary, challenge questions systems
     constraints on
     context of
     environmental influences
     overprotection
     tasks, varying with
     testing
     unreasonably burdensome
     users and
         compliance enforcement
         perceptions
         resistance 2nd 3rd
         training
     users compromising
         remedial prevention measures
security performance
     biometric authentication mechanisms
     monitoring
security policies 2nd
     academic environments
     expression of
     methods of establishing constraints
     users circumventing 2nd
security systems
     AEGIS methodology for creating
     authentication
     biometrically based
     creating usable
     design, minimizing user effort
     production of, recommendations
     psychological acceptability
     stakeholders, benefits of involving
     trust relationships
selecting
     authentication mechanisms
semantics, phishing attacks and
Service Pack 2, Windows XP
session logs, examining
shoulder-surfing attacks
     challenge questions systems
shred command (Linux), secure file deletion
Shred Trash command (Macintosh), replacing Empty Trash/Secure Empty Trash commands with
signature verification, biometric authentication
Slammer worm
smart cards 2nd 3rd 4th 5th
     cryptography and
     for paying tolls, balancing privacy and security
     OTP tokens
     public and private keys
     recommendations
     usability study of
         aim/scope of study
         context/roles definition
         measurement apparatus
         results/interpretation
         user selection
Smetters, Diana
sniffing attacks
Sobig virus
social
     approach to privacy management
     capital
     engineering, phishing attacks and
     navigation
sociotechnical
     gap, user-centered controls on privacy mechanisms
     systems
         privacy and
soft trust
software
     add-on, sanitization techniques
     features, classifying
     life cycle
     privacy
         recommendations for developers
     remote installation, Microsoft Internet Explorer
     requirements, authentication accessibility
     uninstalling, lack of revocability and
Solaris, trusted stripe
spammers
speaker verification, biometrics authentication
SpoofGuard, case study
spyware 2nd 3rd
     exploiting poor software design
Spyware Eliminator
SQLSnake/Spida worm 2nd
ssh
SSL (Secure Sockets Layer)
support calls, data analysis of
Symantec AntiVirus
symmetric key cryptography
SysAdmin, Audit, Network, Security (SANS)
system lockout feature, challenge questions systems