Sciweavers

ICISS
2007
Springer

Security in Practice - Security-Usability Chasm

14 years 5 months ago
Security in Practice - Security-Usability Chasm
Abstract. Computer systems security area has received increased attention from both academics and in industry. However, recent work indicates that substantial security gaps emerge when systems are deployed, even with the use of state-of-the-art security protocols. Our findings suggest that wide-spread security problems exist even when protocols such as SSL and SSH are deployed because systems today do not give security warnings properly or make it trivial for users to bypass them. Even when these protocols are deployed correctly, systems often leave themselves vulnerable to social-engineering attacks as an artifact of their design. In one of our studies, we examined the web sites of 706 financial institutions and found over 90% of them to have made poor design choices when it comes to security, even though all deployed SSL for communicating passwords and doing transactions. In another study, we examined the usage of SSH within our own department and found that most users would be sus...
Atul Prakash
Added 08 Jun 2010
Updated 08 Jun 2010
Type Conference
Year 2007
Where ICISS
Authors Atul Prakash
Comments (0)