View
214
Download
0
Category
Preview:
Citation preview
7/29/2019 09 Prompts
1/10
DesigningSecPrompts
CS155,Spring2013
Slides,courtesyofRobReeder,MicrosoUsableSecurityTeam
7/29/2019 09 Prompts
2/10
Users are faced with a lot of challengingrelated decisions
7/29/2019 09 Prompts
3/10
An example problem: IE6 mixed con
How should the uthis decision? No
steps for user to
Yes, the possibly lesssafe option, is the default
7/29/2019 09 Prompts
4/10
Better
Even better: load the safe content, and use thgold bar to enable the rest
7/29/2019 09 Prompts
5/10
Guidelines Philosophy:
Doestheuserhaveuniqueknowledgethesystemdoesnt? Dontinvolveuserifyoudonthaveto Ifyouinvolvetheuser,enablethemtomaketherightdecision
MakesureyoursecuritydialogsareNEAT: Necessary:Canthesystemtakeaconwithouttheuser?
Iftheuserhasnouniqueknowledge,redesignsy Explained:seenextslides Ac0onable:CanusersmakegooddecisionswithyourUIinbo
maliciousandbenignsituaons?
Tested:Testyourdialogonafewpeoplewhohaventusedtsystembefore--bothmaliciousandbenignsituaon
7/29/2019 09 Prompts
6/10
Example1:badexplanao
Most users will not understand revocation inform
Choices are unclear, consequence is unclear.
IE6 CRL check failure notification
7/29/2019 09 Prompts
7/10
Better explanation
Source
Risk
Choices
Process
7/29/2019 09 Prompts
8/10
Example 2: bad explanation
Attacker can abuse explanation causing bad user
Used by Conficker spread through USB drives.
AutoPlay dialog in Vista
7/29/2019 09 Prompts
9/10
A better design
Windows 7 AutoPlay removed the auto-run option
7/29/2019 09 Prompts
10/10
THEEND
Recommended