Secure Interaction Design - PowerPoint PPT Presentation

1 / 47
About This Presentation
Title:

Secure Interaction Design

Description:

Cookies. A cookie is a small file downloaded by your web browser that is used to identify ... Cookie Examples. Doubleclick.com ... – PowerPoint PPT presentation

Number of Views:57
Avg rating:3.0/5.0
Slides: 48
Provided by: scie240
Category:

less

Transcript and Presenter's Notes

Title: Secure Interaction Design


1
Secure Interaction Design
  • Kami Vaniea

2
Overview
  • Designing secure interfaces
  • Design principles
  • Firefox extensions
  • Cookies
  • Phishing
  • Tracking

3
Overview
  • Designing secure interfaces
  • Design principles
  • Firefox extensions
  • Petname
  • Add N Edit Cookies
  • Cookie Culler
  • Cookie Button
  • Distrust
  • X Paranoia

4
Secure Interaction Design
  • Designing a computer system to protect the
    interests of its legitimate user

5
Problems
  • Viruses
  • Spyware
  • Phishing
  • Online tracking
  • Unintentional disclosure of information

6
Mental Models
  • For software to protect its users interests, its
    behavior should be consistent with the users
    expectations.

What the user thinks is happening
What is really happening
What is shown in the interface
7
Designation vs. Admonition
  • Security by designation
  • When a user designates an action, take
    appropriate security related actions
  • Double clicking a Word document
  • Security by admonition
  • Provide notifications that the user looks at and
    takes appropriate action from
  • Display a warning when the user tries to do
    something dangerous

8
Design Principles
  • Know your audience
  • Think like your audience
  • Eliminate clutter
  • Eliminate complexity
  • Create just enough feedback
  • Be a customer advocate when usability and
    competitive pressure collide

9
Know Your Audience
  • Who are they?
  • What skills do they have?
  • If you dont know who they are you cant think
    like them
  • If your product doesnt match your audience then
    it will not do as well as it could have

10
Think Like Your Audience
  • Present your design to other people to get
    feedback
  • Think of a representative of your audience and
    design for them
  • Could my mother use this?

11
Eliminate Clutter
  • Think about the tasks the user needs to perform
  • If a word or button is not necessary to those
    tasks then remove it

12
Eliminate Complexity
  • Again what are the tasks the user needs to
    perform
  • Dose your design allow them to complete these
    tasks in the simplest manner
  • Design for the common tasks, dont sacrifice
    usability of common tasks for usability of rare
    or unlikely tasks

13
Create Just Enough Feedback
  • Users just want it to work
  • If it can be done safely without their
    involvement do it
  • They want to be reassured it is working in
    unobtrusive ways

14
Be a Customer Advocate When Usability and
Competitive Pressure Collide
  • Its your job to make sure that customers dont
    suffer from poor design
  • Be willing to compromise with developers if it
    gets a better interface

15
Questions
16
Overview
  • Designing secure interfaces
  • Design principles
  • Firefox extensions
  • Petname
  • Add N Edit Cookies
  • Cookie Culler
  • Cookie Button
  • Distrust
  • X Paranoia

17
Firefox
  • A free web browser
  • Browse the Web with confidence - Firefox
    protects you from viruses, spyware and pop-ups.
    Enjoy improvements to performance, ease of use
    and privacy.3
  • www.getfirefox.com

18
Firefox Extensions
  • Extensions are small add-ons that add new
    functionality to Firefox. They can add anything
    from a toolbar button to a completely new
    feature. They allow the application to be
    customized to fit the personal needs of each user
    if they need additional features, while keeping
    Firefox small to download. 2

19
Firefox Extensions
20
Firefox Extensions
21
Anti-Paranoia
  • Takes all your doubts and gives you confidence.
    Especially if you are working on security, you
    might get the feeling that your part of something
    really big and maybe even evil.How can your
    extension help me? It will pop up calmative
    messages for you to feel relaxed while browsing
    the web. No, this extension will not spy and
    destroy your personal data, remember Everything
    is good!

22
Petname
  • Need help avoiding phishing and spoofing
    attacks? The petname tool can help you avoid
    online fraud by clearly distinguishing your
    online relationships.Using the petname tool,
    you can save a reminder note about a relationship
    you have with a secure site. The petname tool
    will then automatically display this reminder
    note every time you visit the site. After
    following a hyperlink, you need only check that
    the expected reminder note is being displayed. If
    so, you can be sure you are using the same site
    you have in the past. 1

23
Petname
24
Petname
25
Petname
26
Cookies
  • A cookie is a small file downloaded by your web
    browser that is used to identify you to a
    website.

27
Cookie Examples
  • Doubleclick.com
  • id80000060da01136doubleclick.net/10243237971202995
    7155287164811229736878
  • Sun
  • SUN_ID128.2.141.10349701134167353sun.com/15362447
    9276803122654586416876829752592

28
Cookies
  • Convenient
  • Automatic login
  • Personalization
  • Session information
  • Not so Good
  • Usage tracking
  • Targeted ads
  • Unwanted logins

29
Firefox Cookie Settings
30
Add N Edit Cookies
  • Cookie Editor that allows you add and edit
    "session" and saved cookies.

31
Add N Edit Cookies
32
Add N Edit Cookies
33
(No Transcript)
34
Design Principles
  • Know your audience
  • Think like your audience
  • Eliminate clutter
  • Eliminate complexity
  • Create just enough feedback
  • Be a customer advocate when usability and
    competitive pressure collide

35
(No Transcript)
36
Cookie Culler
  • Extended Cookie Manager--protect/unprotect
    selected cookies

37
Cookie Culler
38
Cookie Button in the Status Bar
  • Button for easy access to cookie permissions in
    the status bar. For those who have been asking
    for cookie button in the status bar.

39
Cookie Button in the Status Bar
40
Cookie Button in the Status Bar
41
Distrust
  • Hide surfing trails that the browser leaves
    behind.AKA Private Browsing.Once turned on this
    extension monitors FireFox for its
    activities.Once turned off Distrust will remove
    history items cache and cookies that were used
    during the distrust session.

42
Distrust
43
Distrust
44
X Paranoia
  • Adds a paranoia button to the toolbar (clear your
    history, saved form information, passwords,
    download history, cookies, and/or cache with as
    little as two clicks).

45
X Paranoia
46
Design Principles
  • Know your audience
  • Think like your audience
  • Eliminate clutter
  • Eliminate complexity
  • Create just enough feedback
  • Be a customer advocate when usability and
    competitive pressure collide

47
Bibliography
  • Petname Firefox Extension https//addons.mozilla.
    org/extensions/moreinfo.php?id957applicationfir
    efox
  • Firefox Extensions (https//addons.mozilla.org/ext
    ensions/?applicationfirefox)
  • Firefox (http//www.mozilla.com/firefox/)
Write a Comment
User Comments (0)
About PowerShow.com