Integrating Flexible Support for Security Policies into the Linux Operating System
Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference
ACM SIGOPS Operating Systems Review
Why Johnny Can't Evaluate Security Risk
IEEE Security and Privacy
Paranoid penguin: an introduction to Novell AppArmor
Linux Journal
Virtual appliances in the collective: a road to hassle-free computing
HOTOS'03 Proceedings of the 9th conference on Hot Topics in Operating Systems - Volume 9
Make least privilege a right (not a privilege)
HOTOS'05 Proceedings of the 10th conference on Hot Topics in Operating Systems - Volume 10
Why Johnny can't encrypt: a usability evaluation of PGP 5.0
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
Usable Mandatory Integrity Protection for Operating Systems
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
WindowBox: a simple security model for the connected desktop
WSS'00 Proceedings of the 4th conference on USENIX Windows Systems Symposium - Volume 4
Making information flow explicit in HiStar
OSDI '06 Proceedings of the 7th USENIX Symposium on Operating Systems Design and Implementation - Volume 7
A framework for reasoning about the human in the loop
UPSEC'08 Proceedings of the 1st Conference on Usability, Psychology, and Security
Virtual machine contracts for datacenter and cloud computing environments
ACDC '09 Proceedings of the 1st workshop on Automated control for datacenters and clouds
The user is not the enemy: fighting malware by tracking user intentions
Proceedings of the 2008 workshop on New security paradigms
Native Client: A Sandbox for Portable, Untrusted x86 Native Code
SP '09 Proceedings of the 2009 30th IEEE Symposium on Security and Privacy
Leveraging legacy code to deploy desktop applications on the web
OSDI'08 Proceedings of the 8th USENIX conference on Operating systems design and implementation
Crying wolf: an empirical study of SSL warning effectiveness
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
The multi-principal OS construction of the gazelle web browser
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
Apiary: easy-to-use desktop application fault containment on commodity operating systems
USENIXATC'10 Proceedings of the 2010 USENIX conference on USENIX annual technical conference
An attack-resistant and rapid recovery desktop system
An attack-resistant and rapid recovery desktop system
| Hi-index | 0.00 |
In this paper, we identify the primary difficulties encountered when security systems include users in the decision-making process. We propose security system inquiry mechanisms, designed around file open dialogs and drag-and-drop interfaces, to increase the accuracy of information obtained from users while also maintaining a high level of user inclusiveness in security decisions. We note that, although it has been previously shown that many users are inherently bad at making final security decisions, useful information regarding user intent can be accurately obtained by using our inquiry mechanisms. In particular, inquiry mechanisms that parallel the actions within applications the user actually intends to perform prompt the user in ways that are understandable and likely to receive accurate responses. We discuss how our system eliminates the traditional problems faced in security systems due to false positives and false negatives.