There has been roughly 15 years of research into approaches for aligning research in Human Computer Interaction with computer Security, more colloquially known as "usable security." Although usability and security were once thought to be inherently antagonistic, today there is wide consensus that systems that are not usable will inevitably suffer security failures when they are deployed into the real world. Only by simultaneously addressing both usability and security concerns will we be able to build systems that are truly secure. This book presents the historical context of the work to date on usable security and privacy, creates a taxonomy for organizing that work, outlines current research objectives, presents lessons learned, and makes suggestions for future research.
Table of Contents
A Brief History of Usable Privacy and Security Research
Major Themes in UPS Academic Research
Conclusion: The Next Ten Years
About the Author(s)Simson Garfinkel
, U.S. Naval Postgraduate School
Simson Garfinkel is an Associate Professor at the Naval Postgraduate School. Based in Arlington VA, Garfinkel's research interests include digital forensics, usable security, data fusion, information policy, and terrorism. He holds seven US patents and has published dozens of research articles on security and digital forensics. He is an ACM Fellow and an IEEE Senior Member, as well as a member of the National Association of Science Writers. Garfinkel is the author of 14 books on computing. He is perhaps best known for his book Database Nation: The Death of Privacy in the 21st Century
. Garfinkel's most successful book, Practical UNIX and Internet Security
(co-authored with Gene Spafford), has sold more than 250,000 copies and been translated into many languages since the first edition in 1991. Garfinkel is also a journalist and has written more than a thousand articles about science, technology, and technology policy. He has won numerous journalism awards, including the Jesse H. Neal National Business Journalism Award for his "Machine shop" series in CSO magazine.Heather Richter Lipford
, University of North Carolina, Charlotte
Heather Richter Lipford is an Associate Professor in the Department of Software and Information Systems at the University of North Carolina at Charlotte. Lipford's research interests are in Human Computer Interaction, with a focus in usable privacy and security, secure programming, and social computing. She has published dozens of research articles in these areas at premiere HCI and usable security venues. She has also previously done research in the areas of ubiquitous computing and software engineering. At UNC Charlotte, Lipford co-directs the HCI Lab and is a member of the UNCC Cyber Defense and Network Assurability Center, the Charlotte Visualization Center, and the UNCC Cognitive Science Academy. She regularly teaches and mentors students in the areas of HCI and usable privacy and security. She is also heavily involved in efforts to broaden participation in computing, and increase the recruitment and retention of under-represented groups in computing degree programs. Lipford received a Bachelor of Science degree from Michigan State University in 1995, and a Ph.D. from the College of Computing at the Georgia Institute of Technology in 2005.