{"title":"寻找完美的用户:迈向理解融合多层次安全用户界面的可用性","authors":"Abdullah Issa, Toby C. Murray, G. Ernst","doi":"10.1145/3292147.3292231","DOIUrl":null,"url":null,"abstract":"Converged Multi-Level Secure systems allow users to interact with and freely move between applications and data of varying sensitivity on a single user interface. They promise unprecedented usability and security, especially in security-critical environments like Defence. Yet these promises rely on hard assumptions about secure user behaviour. We present initial work to test the validity of these assumptions in the absence of deception by an adversary. We conducted a user study with 21 participants on the Cross Domain Desktop Compositor. Chief amongst our findings is that the vast majority of participants (19 of 21) behave securely, even when doing so requires more effort than to behave insecurely. Our findings suggest that there is large scope for further research on converged Multi-Level Secure systems, and highlight the value of user studies to complement formal security analyses of critical systems.","PeriodicalId":309502,"journal":{"name":"Proceedings of the 30th Australian Conference on Computer-Human Interaction","volume":"66 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-12-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"In search of perfect users: towards understanding the usability of converged multi-level secure user interfaces\",\"authors\":\"Abdullah Issa, Toby C. Murray, G. Ernst\",\"doi\":\"10.1145/3292147.3292231\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Converged Multi-Level Secure systems allow users to interact with and freely move between applications and data of varying sensitivity on a single user interface. They promise unprecedented usability and security, especially in security-critical environments like Defence. Yet these promises rely on hard assumptions about secure user behaviour. We present initial work to test the validity of these assumptions in the absence of deception by an adversary. We conducted a user study with 21 participants on the Cross Domain Desktop Compositor. Chief amongst our findings is that the vast majority of participants (19 of 21) behave securely, even when doing so requires more effort than to behave insecurely. Our findings suggest that there is large scope for further research on converged Multi-Level Secure systems, and highlight the value of user studies to complement formal security analyses of critical systems.\",\"PeriodicalId\":309502,\"journal\":{\"name\":\"Proceedings of the 30th Australian Conference on Computer-Human Interaction\",\"volume\":\"66 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-12-04\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 30th Australian Conference on Computer-Human Interaction\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3292147.3292231\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 30th Australian Conference on Computer-Human Interaction","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3292147.3292231","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
In search of perfect users: towards understanding the usability of converged multi-level secure user interfaces
Converged Multi-Level Secure systems allow users to interact with and freely move between applications and data of varying sensitivity on a single user interface. They promise unprecedented usability and security, especially in security-critical environments like Defence. Yet these promises rely on hard assumptions about secure user behaviour. We present initial work to test the validity of these assumptions in the absence of deception by an adversary. We conducted a user study with 21 participants on the Cross Domain Desktop Compositor. Chief amongst our findings is that the vast majority of participants (19 of 21) behave securely, even when doing so requires more effort than to behave insecurely. Our findings suggest that there is large scope for further research on converged Multi-Level Secure systems, and highlight the value of user studies to complement formal security analyses of critical systems.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
