secure interaction design n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Secure Interaction Design PowerPoint Presentation
Download Presentation
Secure Interaction Design

Loading in 2 Seconds...

play fullscreen
1 / 47

Secure Interaction Design - PowerPoint PPT Presentation


  • 88 Views
  • Uploaded on

Secure Interaction Design. Kami Vaniea. Overview. Designing secure interfaces Design principles Firefox extensions Cookies Phishing Tracking. Overview. Designing secure interfaces Design principles Firefox extensions Petname Add N Edit Cookies Cookie Culler Cookie Button Distrust

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Secure Interaction Design' - nikki


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
overview
Overview
  • Designing secure interfaces
    • Design principles
  • Firefox extensions
    • Cookies
    • Phishing
    • Tracking
overview1
Overview
  • Designing secure interfaces
    • Design principles
  • Firefox extensions
    • Petname
    • Add N Edit Cookies
    • Cookie Culler
    • Cookie Button
    • Distrust
    • X Paranoia
secure interaction design1
Secure Interaction Design
  • Designing a computer system to protect the interests of its legitimate user
problems
Problems
  • Viruses
  • Spyware
  • Phishing
  • Online tracking
  • Unintentional disclosure of information
mental models
Mental Models
  • For software to protect its users interests, its behavior should be consistent with the user’s expectations.

What the user thinks is happening

What is really

happening

What is shown in

the interface

designation vs admonition
Designation vs. Admonition
  • Security by designation
    • When a user designates an action, take appropriate security related actions
    • Double clicking a Word document
  • Security by admonition
    • Provide notifications that the user looks at and takes appropriate action from
    • Display a warning when the user tries to do something dangerous
design principles
Design Principles
  • Know your audience
  • Think like your audience
  • Eliminate clutter
  • Eliminate complexity
  • Create just enough feedback
  • Be a customer advocate when usability and competitive pressure collide
know your audience
Know Your Audience
  • Who are they?
  • What skills do they have?
  • If you don’t know who they are you can’t think like them
  • If your product doesn’t match your audience then it will not do as well as it could have
think like your audience
Think Like Your Audience
  • Present your design to other people to get feedback
  • Think of a representative of your audience and design for them
    • Could my mother use this?
eliminate clutter
Eliminate Clutter
  • Think about the tasks the user needs to perform
  • If a word or button is not necessary to those tasks then remove it
eliminate complexity
Eliminate Complexity
  • Again what are the tasks the user needs to perform
  • Dose your design allow them to complete these tasks in the simplest manner
  • Design for the common tasks, don’t sacrifice usability of common tasks for usability of rare or unlikely tasks
create just enough feedback
Create Just Enough Feedback
  • Users just want it to work
  • If it can be done safely without their involvement do it
  • They want to be reassured it is working in unobtrusive ways
be a customer advocate when usability and competitive pressure collide
Be a Customer Advocate When Usability and Competitive Pressure Collide
  • Its your job to make sure that customers don’t suffer from poor design
  • Be willing to compromise with developers if it gets a better interface
overview2
Overview
  • Designing secure interfaces
    • Design principles
  • Firefox extensions
    • Petname
    • Add N Edit Cookies
    • Cookie Culler
    • Cookie Button
    • Distrust
    • X Paranoia
firefox
Firefox
  • A free web browser
  • “Browse the Web with confidence - Firefox protects you from viruses, spyware and pop-ups. Enjoy improvements to performance, ease of use and privacy.“3
  • www.getfirefox.com
firefox extensions
Firefox Extensions
  • “Extensions are small add-ons that add new functionality to Firefox. They can add anything from a toolbar button to a completely new feature. They allow the application to be customized to fit the personal needs of each user if they need additional features, while keeping Firefox small to download. “2
anti paranoia
Anti-Paranoia
  • Takes all your doubts and gives you confidence. Especially if you are working on security, you might get the feeling that your part of something really big and maybe even evil.How can your extension help me? It will pop up calmative messages for you to feel relaxed while browsing the web.No, this extension will not spy and destroy your personal data, remember: Everything is good!
petname
Petname
  • “Need help avoiding phishing and spoofing attacks? The petname tool can help you avoid online fraud by clearly distinguishing your online relationships.Using the petname tool, you can save a reminder note about a relationship you have with a secure site. The petname tool will then automatically display this reminder note every time you visit the site. After following a hyperlink, you need only check that the expected reminder note is being displayed. If so, you can be sure you are using the same site you have in the past.”1
cookies
Cookies
  • A cookie is a small file downloaded by your web browser that is used to identify you to a website.
cookie examples
Cookie Examples
  • Doubleclick.com
    • id80000060da01136doubleclick.net/102432379712029957155287164811229736878*
  • Sun
    • SUN_ID128.2.141.103:49701134167353sun.com/153624479276803122654586416876829752592*
cookies1
Cookies
  • Convenient
    • Automatic login
    • Personalization
    • Session information
  • Not so Good
    • Usage tracking
    • Targeted ads
    • Unwanted logins
add n edit cookies
Add N Edit Cookies
  • Cookie Editor that allows you add and edit "session" and saved cookies.
design principles1
Design Principles
  • Know your audience
  • Think like your audience
  • Eliminate clutter
  • Eliminate complexity
  • Create just enough feedback
  • Be a customer advocate when usability and competitive pressure collide
cookie culler
Cookie Culler
  • Extended Cookie Manager--protect/unprotect selected cookies
cookie button in the status bar
Cookie Button in the Status Bar
  • Button for easy access to cookie permissions in the status bar. For those who have been asking for cookie button in the status bar.
distrust
Distrust
  • Hide surfing trails that the browser leaves behind.AKA Private Browsing.Once turned on this extension monitors FireFox for its activities.Once turned off Distrust will remove history items cache and cookies that were used during the distrust session.
x paranoia
X Paranoia
  • Adds a paranoia button to the toolbar (clear your history, saved form information, passwords, download history, cookies, and/or cache with as little as two clicks).
design principles2
Design Principles
  • Know your audience
  • Think like your audience
  • Eliminate clutter
  • Eliminate complexity
  • Create just enough feedback
  • Be a customer advocate when usability and competitive pressure collide
bibliography
Bibliography
  • Petname Firefox Extension: https://addons.mozilla.org/extensions/moreinfo.php?id=957&application=firefox
  • Firefox Extensions (https://addons.mozilla.org/extensions/?application=firefox)
  • Firefox (http://www.mozilla.com/firefox/)