Lightening in a bottle: usable and secure
Pages 62 - 68
Abstract
A review of the difficulties inherent in implementing usable and secure cyber policies, specifically as the implementation relies on user awareness, acceptance, and compliance. (Current Hard Problems in INFOSEC Research #11)
References
[1]
Institute for Information Infrastructure Protection (I3P), "National Cyber Security: Research and Development Challenges Related to Economics, Physical Infrastructure and Human Behavior," 2009. {Online}. Available: http://www.cyber.st.dhs.gov/docs/i3pnationalcybersecurity.pdf. {Accessed 6 February 2012}.
[2]
Institute for Information Infrastructure Protection (I3P), "Cyber Security Research and Development Agenda," January 2003. {Online}. Available: http://www.cyber.st.dhs.gov/docs/I3P%20Research%20Agenda%202003.pdf. {Accessed 6 February 2012}.
[3]
Committee on Improving Cybersecurity Research in the United States, Computer Science and Telecommunications Board, Division on Engineering and Physical Sciences, National Research Council of the National Academies (National Academies), "Toward a Safer and More Secure Cyberspace," The National Academies Press, 2007. {Online}. Available: http://www.cyber.st.dhs.gov/docs/Toward_a_Safer_and_More_Secure_Cyberspace-Full_report.pdf. {Accessed 6 February 2012}.
[4]
U.S. Secret Service and CERT® Coordination Center, "Insider Threat Study: Illicit Cyber Activity in the Banking and Finance Sector," August 2004. {Online}. Available: http://www.cyber.st.dhs.gov/docs/its_report_040820.pdf. {Accessed 6 February 2012}.
[5]
The White House, "The National Strategy to Secure Cyberspace," 2003. {Online}. Available: http://www.cyber.st.dhs.gov/docs/National%20Strategy%2 0to%20Secure%20Cyberspace%202003.pdf. {Accessed 6 February 2012}.
[6]
S. M. Poremba, "To Catch a Thief," Campus Technology, vol. 25, no. 6, pp. pp14--16, February 2012.
[7]
The White House, "The Comprehensive National Cybersecurity Initiative," 2010. {Online}. Available: http://www.cyber.st.dhs.gov/docs/CNCI-Cybersecurity.pdf. {Accessed 6 February 2012}.
[8]
Institute for Information Infrastructure Protection (I3P), "Human Behavior and Security Culture," 2011. {Online}. Available: http://www.thei3p.org/docs/publications/439.pdf. {Accessed 6 February 2012}.
[9]
U.S. Department of Homeland Security (DHS), "Fact Sheet: Blueprint for a Secure Cyber Future," 2011. {Online}. Available: http://www.cyber.st.dhs.gov/wp-content/uploads/2011/12/FACT-SHEET-Blueprint-for-a-Secure-Cyber-Future.pdf. {Accessed 6 February 2012}.
[10]
U.S. Department of Homeland Security (DHS), "Blueprint for a Secure Cyber Future: The Cybersecurity Strategy for the Homeland Security Enterprise," November 2011. {Online}. Available: http://www.cyber.st.dhs.gov/wp-content/uploads/2011/12/blueprint-for-a-secure-cyber-future.pdf. {Accessed 6 February 2012}.
[11]
D. Shoemaker and W. A. Conklin, Cybersecurity: The Essential Body of Knowledge, Boston, MA: Course Technology, Cengage Learning, 2012.
Index Terms
- Lightening in a bottle: usable and secure
Recommendations
Do Users' Perceptions of Password Security Match Reality?
CHI '16: Proceedings of the 2016 CHI Conference on Human Factors in Computing SystemsAlthough many users create predictable passwords, the extent to which users realize these passwords are predictable is not well understood. We investigate the relationship between users' perceptions of the strength of specific passwords and their actual ...
What Usable Security Really Means: Trusting and Engaging Users
Proceedings of the Second International Conference on Human Aspects of Information Security, Privacy, and Trust - Volume 8533Non-compliance with security mechanisms and processes poses a significant risk to organizational security. Current approaches focus on designing systems that restrict user actions to make them 'secure', or providing user interfaces to make security ...
A method for incorporating usable security into computer security courses
SIGCSE '13: Proceeding of the 44th ACM technical symposium on Computer science educationSince human factor security exploits are on the rise, ensuring Usable Security has become extremely important for the overall security of computer systems. However, traditional undergraduate computer security curriculum focuses heavily on technical ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
October 2012
84 pages
ISBN:9781450315388
DOI:10.1145/2390317
- Conference Chair:
- Michael E. Whitman,
- Program Chair:
- Humayun Zafar
Copyright © 2012 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
- KSU - CISE: KSU Center for InfoSec Education
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 12 October 2012
Check for updates
Author Tags
Qualifiers
- Research-article
Conference
InfoSecCD'12
Sponsor:
- KSU - CISE
InfoSecCD'12: Information Security Curriculum Development Conference
October 12 - 13, 2012
Georgia, Kennesaw
Acceptance Rates
Overall Acceptance Rate 18 of 23 submissions, 78%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 140Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Reflects downloads up to 05 Jan 2025
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in