Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CS407 > Week 8 - Usable Security > Flashcards

Week 8 - Usable Security Flashcards

1
Q

What is the main focus of usable security?

A

designing security mechanisms that support end users, making it easier for them to follow security practices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What does “security as a supporting task” mean?

A

Security is a secondary task.

Users engage in security tasks (authentication) because they are necessary to achieve their goals

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is the difference between a primary task and a secondary task in security?

A
  • primary task is the main goal a user is trying to achieve,
  • secondary task (authentication) is something users must do to accomplish their primary goal
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is human-centered security?

A

looking at the human factors behind users’ behavior and decisions when developing secure systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are the nine guidelines for designing usable secure systems?

A
  • Path of least resistance
  • Explicit authorization
  • Appropriate boundaries
  • Revocability
  • Expected ability
  • Trusted path
  • Identifiability
  • Expressiveness
  • Clarity
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is the “path of least resistance” guideline?

A

the easiest way for a user to complete a task should also be the most secure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What does “explicit authorization” mean?

A

users must actively grant permission for actions, preventing unintentional authorization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the “appropriate boundaries”?

A

interfaces should clearly distinguish between different objects

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is “revocability”?

A

users should be able to revoke permissions or authorizations they’ve previously granted at any time.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the “trusted path” ?

A

communication between the user and servers is secure and authenticated.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What does “identifiability”?

A

distinct objects and actions are clearly distinguishable through the interface,

you can’t spoof them.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is “expressiveness”?

A

interface is allowed to clearly communicate security policies and enable users to implement their own security preferences,

e.g
setting rules for resource access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is the “clarity”?

A

users are clearly informed of the consequences of actions that could affect security,

e.g
receiving warnings about changes in authorization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is the importance of usability testing in creating secure systems?

A

essential for ensuring that security features are user-friendly and do not compromise usability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CS407 (19 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions