Christine D. Braza, Ahmed Seffahb, Pierre Poirierc
{"title":"设计可用且安全的身份验证服务:以用户为中心的协议","authors":"Christine D. Braza, Ahmed Seffahb, Pierre Poirierc","doi":"10.54941/ahfe100257","DOIUrl":null,"url":null,"abstract":"User authentication is a vital and critical service in many modern interactive applications including online banking, commerce, government as well as critical infrastructures protection. Such critical software systems should provide highly secure services for establishing if user access should be granted or not. As it will be highlighted in this paper, there is an intrinsic conflict between creating user authentication services that are secure, yet easy to use by the end-users. Our main goal is to adopt a human-centric approach which consists to study the intimate relationship between usability and security before the user authentication service has been implemented and deployed. We propose a framework that models the usability and security symmetry meaning the security consequences of usability issues. It suggests a novel usable security protocol through an inspection method named Usable Security Symmetry for dealing with usable security of user authentication methods that in turns will guide the development of truly secure and usable user authentication systems. The framework uses NGOMSL (Natural Goals, Methods, and Selection Language) to understand the user cognitive processes involved in user authentication while helping to identify and model the diverse situations of conflict between usability and security attributes.","PeriodicalId":259265,"journal":{"name":"AHFE International","volume":"295 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Designing Usable, Yet Secure Authentication Services: A User-Centric Protocol\",\"authors\":\"Christine D. Braza, Ahmed Seffahb, Pierre Poirierc\",\"doi\":\"10.54941/ahfe100257\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"User authentication is a vital and critical service in many modern interactive applications including online banking, commerce, government as well as critical infrastructures protection. Such critical software systems should provide highly secure services for establishing if user access should be granted or not. As it will be highlighted in this paper, there is an intrinsic conflict between creating user authentication services that are secure, yet easy to use by the end-users. Our main goal is to adopt a human-centric approach which consists to study the intimate relationship between usability and security before the user authentication service has been implemented and deployed. We propose a framework that models the usability and security symmetry meaning the security consequences of usability issues. It suggests a novel usable security protocol through an inspection method named Usable Security Symmetry for dealing with usable security of user authentication methods that in turns will guide the development of truly secure and usable user authentication systems. The framework uses NGOMSL (Natural Goals, Methods, and Selection Language) to understand the user cognitive processes involved in user authentication while helping to identify and model the diverse situations of conflict between usability and security attributes.\",\"PeriodicalId\":259265,\"journal\":{\"name\":\"AHFE International\",\"volume\":\"295 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1900-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"AHFE International\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.54941/ahfe100257\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"AHFE International","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.54941/ahfe100257","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Designing Usable, Yet Secure Authentication Services: A User-Centric Protocol
User authentication is a vital and critical service in many modern interactive applications including online banking, commerce, government as well as critical infrastructures protection. Such critical software systems should provide highly secure services for establishing if user access should be granted or not. As it will be highlighted in this paper, there is an intrinsic conflict between creating user authentication services that are secure, yet easy to use by the end-users. Our main goal is to adopt a human-centric approach which consists to study the intimate relationship between usability and security before the user authentication service has been implemented and deployed. We propose a framework that models the usability and security symmetry meaning the security consequences of usability issues. It suggests a novel usable security protocol through an inspection method named Usable Security Symmetry for dealing with usable security of user authentication methods that in turns will guide the development of truly secure and usable user authentication systems. The framework uses NGOMSL (Natural Goals, Methods, and Selection Language) to understand the user cognitive processes involved in user authentication while helping to identify and model the diverse situations of conflict between usability and security attributes.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
