Integrating a Usable Security Protocol Into User Authentication Services Design Process

Braz, Christina, Seffah, Ahmed, Naqvi, Bilal

  • 出版商: Auerbach Publication
  • 出版日期: 2020-09-30
  • 售價: $2,150
  • 貴賓價: 9.5$2,043
  • 語言: 英文
  • 頁數: 394
  • 裝訂: Quality Paper - also called trade paper
  • ISBN: 0367656922
  • ISBN-13: 9780367656928
  • 相關分類: 資訊安全
  • 海外代購書籍(需單獨結帳)

相關主題

商品描述

There is an intrinsic conflict between creating secure systems and usable systems. But usability and security can be made synergistic by providing requirements and design tools with specific usable security principles earlier in the requirements and design phase. In certain situations, it is possible to increase usability and security by revisiting design decisions made in the past; in others, to align security and usability by changing the regulatory environment in which the computers operate. This book addresses creation of a usable security protocol for user authentication as a natural outcome of the requirements and design phase of the authentication method development life cycle.

作者簡介

Christina Braz has been working with usable security in the area of computer security (particularly user authentication and identity management) since 2002. She earned her PhD in Cognitive Computing from the University of Quebec, Montreal, and Master of Science in Electronic Commerce from the Department of Computer Science and Applied Research, University of Montreal. Dr. Braz work experience spans over 15 years in Computer Security, Finance, Mobile Computing, and Telecommunications industries working in consultancy and corporate environments such as Scotiabank, Citibank, Symantec, RSA Security, VeriSign, and Roger Telecommunications. She has also held positions as Information Assurance Instructor at Northeastern University in Boston, MA and Graduate Teaching Assistant at HEC Montreal, QC, Canada. She has been publishing papers in the field of Human Computer Interaction Security (HCISec) for the past 10 years. Some of her main projects are investments and banking mobile applications; usable security symmetry: a security and usability inspection method; GlancePass: a usable, single-factor, and yet strong biometric authentication method; MobiTicket: a Wireless-based (SMS) auction application for selling concert tickets through mobile devices; and finally, AuthenLink, an authentication system to automatically authenticate mobile users through an implantable RFID chip. Dr. Braz currently works for Scotiabank in the Research & Development division in Toronto, Canada.

 

 

Ahmed Seffah is a professor of human-centric Software Engineering at Lappeenranta University of technology, Finland. Previously, he was a faculty member and the Concordia university research chair on human-centered software engineering. Professor Seffah was a visiting professor in various universities and research Centre including IBM, University of Lausanne, Daimler Chrysler and the Computer research institute of Montreal. He co-authored five research books and essays, the latest one on the "Patterns of HCI Design Patterns and the HCI Design of Patterns." His main research interest is to understanding human aspects and the measures for quantifying the software quality from a human perspective as well as avenues for integrating HCI design, user-centric engineering, UX design practices and all similar ones into the wider software and systems engineering processes. Visible contributions of his includes the gaps and bridges between HCI design practices and software engineering methodologies such as agile, model-driven and service-oriented to building a unifying theory of human-centric software design and engineering.

 

 

 

 

Bilal Naqvi is a Registered Computer Software Engineer and an expert in Information Security. Besides research he has been holding a full-time teaching position in an Engineering university in Pakistan. He is currently doing PhD Software Engineering from Finland with focus on human-aspects related to computer security. The main goal of the research is development of design patterns for addressing the usability and security conflicts.