[Sigia-l] secure interaction design
Karl Fast
karl.fast at pobox.com
Thu Dec 5 09:09:16 EST 2002
A few weeks back, PeterMe started a thread about timeouts on secure
web sites and asked why-oh-why can't we properly balance the
security and usability issues.
So I thought some folks might find this site interesting. Includes a
paper (PDF) that's been accepted for an international security
conference.
Secure Interaction Design
Ka-Ping Yee
http://www.sims.berkeley.edu/~ping/sid/
Usability and security aren't contrary goals; don't assume that
you must sacrifice one for the sake of the other. In fact, a
system that's hard to understand and use will almost certainly
have security problems in practice. And a more secure system is a
more reliable, more effective system: hence, a more usable system.
Not sure how this answers Peter's question though.
For those *really* interested in the subject, here's a bibliography:
Usability of Computer Security: A Bibliography
by Rachna Dhamija
http://www.sims.berkeley.edu/~rachna/security_usability.html
--karl
More information about the Sigia-l
mailing list