相關主題
商品描述
This book makes the case that traditional security design does not take the end-user into consideration, and therefore, fails. This book goes on to explain, using a series of examples, how to rethink security solutions to take users into consideration. By understanding the limitations and habits of users - including malicious users, aiming to corrupt the system - this book Illustrates how better security technologies are made possible.
Traditional security books focus on one of the following areas: cryptography, security protocols, or existing standards. They rarely consider the end user as part of the security equation, and when they do, it is in passing. This book considers the end user as the most important design consideration, and then shows how to build security and privacy technologies that are both secure and which offer privacy. This reduces the risk for social engineering and, in general, abuse.
Advanced-level students interested in software engineering, security and HCI (Human Computer Interaction) will find this book useful as a study guide. HCI (Human Computer Interaction) practitioners designing user interfaces and privacy researchers and practitioners working in security, as well as software engineers designing software solutions (that can be abused) will also be interested in this book.
Traditional security books focus on one of the following areas: cryptography, security protocols, or existing standards. They rarely consider the end user as part of the security equation, and when they do, it is in passing. This book considers the end user as the most important design consideration, and then shows how to build security and privacy technologies that are both secure and which offer privacy. This reduces the risk for social engineering and, in general, abuse.
Advanced-level students interested in software engineering, security and HCI (Human Computer Interaction) will find this book useful as a study guide. HCI (Human Computer Interaction) practitioners designing user interfaces and privacy researchers and practitioners working in security, as well as software engineers designing software solutions (that can be abused) will also be interested in this book.
商品描述(中文翻譯)
本書主張傳統的安全設計未考慮最終使用者,因此失敗。本書接著透過一系列範例解釋如何重新思考安全解決方案,以考慮使用者。透過了解使用者的限制和習慣,包括那些旨在破壞系統的惡意使用者,本書說明了如何實現更好的安全技術。
傳統的安全書籍通常專注於以下幾個領域:密碼學、安全協議或現有標準。它們很少將最終使用者視為安全方程式的一部分,即使有提及,也只是輕描淡寫。本書將最終使用者視為最重要的設計考量,並展示如何構建既安全又提供隱私的安全和隱私技術。這降低了社會工程攻擊的風險,並在一般情況下減少濫用的可能性。
對於有興趣於軟體工程、安全性和人機互動(HCI)的高級學生來說,本書將作為一個有用的學習指南。設計使用者介面的HCI從業者、在安全領域工作的隱私研究人員和從業者,以及設計可能被濫用的軟體解決方案的軟體工程師也會對本書感興趣。
作者簡介
Dr. Markus Jakobsson has spent more than 20 years as a security researcher, scientist and entrepreneur, studying phishing, crimeware, mobile security, privacy and user interaction. He spearheaded research in malware and mobile security technologies at Qualcomm, after his startup, FatSkunk, was acquired by Qualcomm. He performed email security research and helped track Nigerian scammers as the Chief Scientist at Agari. In addition, Dr. Jakobsson has held key roles as Principal Scientist at PayPal, Xerox PARC, and RSA Security, and as Chief of Security and Data Analytics at Amber Solutions. He has also worked as a testifying expert witness in a range of high-profile patent litigation cases, covering digital rights management, Internet and mobile security, authentication, and spam detection. He has a PhD in Computer Science from University of California at San Diego.
作者簡介(中文翻譯)
馬庫斯·雅各布森博士(Dr. Markus Jakobsson)在安全研究、科學和創業領域擁有超過20年的經驗,專注於網路釣魚、犯罪軟體、行動安全、隱私和用戶互動。他在高通(Qualcomm)主導了惡意軟體和行動安全技術的研究,這是在他的創業公司FatSkunk被高通收購之後。他在Agari擔任首席科學家時進行了電子郵件安全研究,並協助追蹤尼日利亞詐騙者。此外,雅各布森博士曾在PayPal、Xerox PARC和RSA Security擔任首席科學家,並在Amber Solutions擔任安全與數據分析主管。他還曾作為多起高知名度專利訴訟案件的證人專家,涉及數位版權管理、網際網路和行動安全、身份驗證以及垃圾郵件檢測等領域。他擁有加州大學聖地牙哥分校的計算機科學博士學位。
![Taking [A]part: The Politics and Aesthetics of Participation in Experience-Centered Design-cover](https://cf-assets2.tenlong.com.tw/ig/028/858/393/9780262552592.jpg?1732601661)
