Computer security impaired by legitimate users
نویسندگان
چکیده
Computer security has traditionally been assessed from a technical point of view. One other view is about the role played by legitimate users of systems in impairing the level of protection. In order to address this issue, we wish to adopt a multidisciplinary standpoint and investigate some of the human aspects involved in computer security. From research in psychology, it is known that people make biased decisions. They sometimes overlook rules in order to gain maximum benefits for the cost of a given action. This situation leads to insidious security lapses whereby the level of protection is traded-off against usability. In this paper, we highlight the cognitive processes underlying such security impairments. At the end of the paper, we propose a short usability-centered set of recommendations.
منابع مشابه
Poster: Security for the Common Man
Security for the Common Man (SCM) is a new approach for detecting hidden malware by identifying a legitimate reason for outbound traffic. This method is combined with an interface that encourages user involvement. Users know what they were doing online and when they were doing it. We believe this knowledge can improve automated detection systems. SCM identifies legitimate outbound sessions by e...
متن کاملA preliminary model of end user sophistication for insider threat prediction in IT systems
The dangers that originate from acts of IT system misuse by legitimate users constitute a separate category of threats with well documented consequences for the integrity, privacy and availability of computer systems and networks. Amongst the various properties of malicious legitimate users one of the most notable ones is the level of his/her sophistication. Various studies indicate that user s...
متن کاملNeural correlates of gender differences and color in distinguishing security warnings and legitimate websites: a neurosecurity study
Users have long been recognized as the weakest link in security. Accordingly, researchers have applied knowledge from the fields of psychology and human–computer interaction to understand the security behaviors of users. However, many cognitive processes and responses are unconscious or obligatory and yet still have a profound effect on users’ security behaviors. With this in mind, researchers ...
متن کاملSpyware: The Ghost in the Machine
Computer users face a new and growing threat to security and privacy. This threat is not in the form of direct attacks by viruses or hackers, but rather by indirect infiltration in the form of monitoring programs surreptitiously installed on computers. These monitoring applications are called spyware, and serve to record and transmit a user’s computer uses and behaviors to third parties. Freque...
متن کاملBiometric Authentication of Fingerprint for Banking Users, Using Stream Cipher Algorithm
Providing banking services, especially online banking and electronic payment systems, has always been associated with high concerns about security risks. In this paper, customer authentication for their transactions in electronic banking has been discussed, and a more appropriate way of using biometric fingerprint data, as well as encrypting those data in a different way, has been suggest...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Computers & Security
دوره 23 شماره
صفحات -
تاریخ انتشار 2004