Usable security: Difference between revisions
Content deleted Content added
Submitting using AfC-submit-wizard |
Blaze Wolf (talk | contribs) Declining submission: context - Submission provides insufficient context (AFCH 0.9.1) |
||
| Line 1: | Line 1: | ||
{{AFC submission|d|context|u=0066cc|ns=118|decliner=Blaze Wolf|declinets=20221205155744|ts=20221201183703}} <!-- Do not remove this line! --> |
|||
{{AFC comment|1=I'd suggest removing the "common goals" section as that's not very encyclopedic. ― [[User:Blaze Wolf|<b style="background:#0d1125;color:#51aeff;padding:1q;border-radius:5q;">Blaze Wolf</b>]][[User talk:Blaze Wolf|<sup>Talk</sup>]]<sub title="Discord Username" style="margin-left:-22q;">Blaze Wolf#6545</sub> 15:57, 5 December 2022 (UTC)}} |
|||
---- |
|||
{{Short description|Subfield of Computer Science and Cybersecurity}} |
{{Short description|Subfield of Computer Science and Cybersecurity}} |
||
{{Draft topics|software|technology}} |
{{Draft topics|software|technology}} |
||
{{AfC topic|stem}} |
{{AfC topic|stem}} |
||
{{AfC submission|||ts=20221201183703|u=0066cc|ns=118}} |
|||
{{AfC submission|t||ts=20221201182723|u=0066cc|ns=118|demo=}}<!-- Important, do not remove this line before article has been created. --> |
|||
Usable security is a subfield of [[computer science]], [[Human–computer interaction|human-computer interaction]] and [[Computer security|cybersecurity]] concerned with the usability of cybersecurity systems<ref>{{Citation |last=Garfinkel |first=Simson |title=Introduction |date=2014 |url=https://link.springer.com/10.1007/978-3-031-02343-9_1 |work=Usable Security |pages=1–11 |place=Cham |publisher=Springer International Publishing |language=en |doi=10.1007/978-3-031-02343-9_1 |isbn=978-3-031-01215-0 |access-date=2022-12-01 |last2=Lipford |first2=Heather Richter}}</ref>. In particular, usable security focuses on ensuring that security systems are accessible and understandable to human users. This differs from the [[software engineering]] method of [[secure by design]] by placing greater focus on the human aspects of cybersecurity rather than the technical. Usable security also sits opposite the idea of [[security through obscurity]] by instead working to ensure that users are aware of the security implications of their decisions<ref>{{Citation |last=Renaud |first=Karen |title=Why Doesn’t Jane Protect Her Privacy? |date=2014 |url=http://link.springer.com/10.1007/978-3-319-08506-7_13 |work=Privacy Enhancing Technologies |volume=8555 |pages=244–262 |editor-last=De Cristofaro |editor-first=Emiliano |place=Cham |publisher=Springer International Publishing |doi=10.1007/978-3-319-08506-7_13 |isbn=978-3-319-08505-0 |access-date=2022-12-01 |last2=Volkamer |first2=Melanie |last3=Renkema-Padmos |first3=Arne |editor2-last=Murdoch |editor2-first=Steven J.}}</ref><ref>{{Cite journal |last=Yee |first=Ka-Ping |date=2004 |title=Aligning security and usability |url=https://ieeexplore.ieee.org/document/1341409/ |journal=IEEE Security & Privacy |volume=2 |issue=5 |pages=48–55 |doi=10.1109/MSP.2004.64 |issn=1558-4046}}</ref> |
Usable security is a subfield of [[computer science]], [[Human–computer interaction|human-computer interaction]] and [[Computer security|cybersecurity]] concerned with the usability of cybersecurity systems.<ref>{{Citation |last=Garfinkel |first=Simson |title=Introduction |date=2014 |url=https://link.springer.com/10.1007/978-3-031-02343-9_1 |work=Usable Security |pages=1–11 |place=Cham |publisher=Springer International Publishing |language=en |doi=10.1007/978-3-031-02343-9_1 |isbn=978-3-031-01215-0 |access-date=2022-12-01 |last2=Lipford |first2=Heather Richter}}</ref>. In particular, usable security focuses on ensuring that security systems are accessible and understandable to human users. This differs from the [[software engineering]] method of [[secure by design]] by placing greater focus on the human aspects of cybersecurity rather than the technical. Usable security also sits opposite the idea of [[security through obscurity]] by instead working to ensure that users are aware of the security implications of their decisions<ref>{{Citation |last=Renaud |first=Karen |title=Why Doesn’t Jane Protect Her Privacy? |date=2014 |url=http://link.springer.com/10.1007/978-3-319-08506-7_13 |work=Privacy Enhancing Technologies |volume=8555 |pages=244–262 |editor-last=De Cristofaro |editor-first=Emiliano |place=Cham |publisher=Springer International Publishing |doi=10.1007/978-3-319-08506-7_13 |isbn=978-3-319-08505-0 |access-date=2022-12-01 |last2=Volkamer |first2=Melanie |last3=Renkema-Padmos |first3=Arne |editor2-last=Murdoch |editor2-first=Steven J.}}</ref><ref>{{Cite journal |last=Yee |first=Ka-Ping |date=2004 |title=Aligning security and usability |url=https://ieeexplore.ieee.org/document/1341409/ |journal=IEEE Security & Privacy |volume=2 |issue=5 |pages=48–55 |doi=10.1109/MSP.2004.64 |issn=1558-4046}}</ref> |
||
== Common Goals == |
== Common Goals == |
||
| Line 32: | Line 36: | ||
* [[Security through obscurity]] |
* [[Security through obscurity]] |
||
* [[Software Security Assurance]] |
* [[Software Security Assurance]] |
||
== References == |
== References == |
||
Revision as of 15:57, 5 December 2022
 | This article, Usable security, has recently been created via the Articles for creation process. Please check to see if the reviewer has accidentally left this template after accepting the draft and take appropriate action as necessary.
Reviewer tools: Inform author |
Comment: I'd suggest removing the "common goals" section as that's not very encyclopedic. ― Blaze WolfTalkBlaze Wolf#6545 15:57, 5 December 2022 (UTC)
Usable security is a subfield of computer science, human-computer interaction and cybersecurity concerned with the usability of cybersecurity systems.[1]. In particular, usable security focuses on ensuring that security systems are accessible and understandable to human users. This differs from the software engineering method of secure by design by placing greater focus on the human aspects of cybersecurity rather than the technical. Usable security also sits opposite the idea of security through obscurity by instead working to ensure that users are aware of the security implications of their decisions[2][3]
Common Goals
Much of the research in the field of usable security focuses on improving human-related aspects of cybersecurity[4], notably:
- Improving user understanding of good security practices
- Minimising the friction of implementing security practices in user workflows
- Strengthening organisational resilience to security threats stemming from user behaviour
Scientific Conferences
- EuroUSEC: European Symposium on Usable Security
- HAS: International Conference on Human Aspects of Information Security, Privacy, and Trust
- IFIP World Conference on Information Security Education
- STAST: International Workshop on Socio-Technical Aspects in Security
- TrustBus: International Conference on Trust and Privacy in Digital Business
- USEC: Usable Security and Privacy Symposium
See also
- User experience design
- Information design
- Information architecture
- Secure by default
- Secure by design
- Security through obscurity
- Software Security Assurance
References
- ^ Garfinkel, Simson; Lipford, Heather Richter (2014), "Introduction", Usable Security, Cham: Springer International Publishing, pp. 1–11, doi:10.1007/978-3-031-02343-9_1, ISBN 978-3-031-01215-0, retrieved 2022-12-01
- ^ Renaud, Karen; Volkamer, Melanie; Renkema-Padmos, Arne (2014), De Cristofaro, Emiliano; Murdoch, Steven J. (eds.), "Why Doesn't Jane Protect Her Privacy?", Privacy Enhancing Technologies, vol. 8555, Cham: Springer International Publishing, pp. 244–262, doi:10.1007/978-3-319-08506-7_13, ISBN 978-3-319-08505-0, retrieved 2022-12-01
- ^ Yee, Ka-Ping (2004). "Aligning security and usability". IEEE Security & Privacy. 2 (5): 48–55. doi:10.1109/MSP.2004.64. ISSN 1558-4046.
- ^ "Security and usability: you CAN have it all!". www.ncsc.gov.uk. Retrieved 2022-12-01.