In Search of Usable Security: Five Lessons from the Field

Authors:
Dirk Balfanz;Glenn Durfee;Rebecca E. Grinter;D. K. Smetters
Affiliations:
Palo Alto Research Center;Palo Alto Research Center;Palo Alto Research Center;Palo Alto Research Center
Venue:
IEEE Security and Privacy
Year:
2004

Citing 8
Cited 12

A mathematical model of the finding of usability problems

INTERCHI '93 Proceedings of the INTERCHI '93 conference on Human factors in computing systems
Users are not the enemy

Communications of the ACM
Using speakeasy for ad hoc peer-to-peer collaboration

CSCW '02 Proceedings of the 2002 ACM conference on Computer supported cooperative work
Moving from the design of usable security technologies to the design of useful secure applications

Proceedings of the 2002 workshop on New security paradigms
Usable Access Control for the World Wide Web

ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
Plug-and-play PKI: a PKI your mother can use

SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Network-in-a-box: how to set up a secure wireless network in under a minute

SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Why Johnny can't encrypt: a usability evaluation of PGP 5.0

SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8

Security and usability engineering with particular attention to electronic mail

International Journal of Human-Computer Studies - Special isssue: HCI research in privacy and security is critical now
Mechanisms for increasing the usability of grid security

International Journal of Human-Computer Studies - Special isssue: HCI research in privacy and security is critical now
Authentication interface evaluation and design for mobile devices

InfoSecCD '05 Proceedings of the 2nd annual conference on Information security curriculum development
Is usable security an oxymoron?

interactions - A contradiction in terms?
Aligning usability and security: a usability study of Polaris

SOUPS '06 Proceedings of the second symposium on Usable privacy and security
Intentional access management: making access control usable for end-users

SOUPS '06 Proceedings of the second symposium on Usable privacy and security
PKI design for the real world

NSPW '06 Proceedings of the 2006 workshop on New security paradigms
An exprimental investigation of the usability of transaction authorization in online bank security systems

AISC '08 Proceedings of the sixth Australasian conference on Information security - Volume 81
Secure and usable P2P VoIP for mobile devices

Proceedings of the 12th international conference on Human computer interaction with mobile devices and services
Secure in-band wireless pairing

SEC'11 Proceedings of the 20th USENIX conference on Security
Physical access control administration using building information models

CSS'12 Proceedings of the 4th international conference on Cyberspace Safety and Security
C4PS - helping facebookers manage their privacy settings

SocInfo'12 Proceedings of the 4th international conference on Social Informatics

Quantified Score

Hi-index	0.00

Visualization

Abstract

A new system reduces the time to enroll in a secure wireless network by two orders of magnitude, yet it also gets high marks for usability and user satisfaction. Applying it to a real-world example reveals five general lessons for usable, secure system design.