Ebook Security and Usability: Designing Secure Systems that People Can Use
Introducing a new hobby for other people may inspire them to join with you. Reading, as one of mutual hobby, is considered as the very easy hobby to do. But, many people are not interested in this hobby. Why? Boring is the reason of why. However, this feel actually can deal with the book and time of you reading. Yeah, one that we will refer to break the boredom in reading is choosing Security And Usability: Designing Secure Systems That People Can Use as the reading material.
Security and Usability: Designing Secure Systems that People Can Use
Ebook Security and Usability: Designing Secure Systems that People Can Use
After often times, book turns into one of the good manners that will certainly motivate the system of life run much better. It includes not just the ideas, motivation, opinion, but additionally the truths. Several realities have actually been exposed from the books. Lots of literature works are also served. When you have even more time to read, please read this Security And Usability: Designing Secure Systems That People Can Use as one of the reading products!
Spending the moment for reading a book will certainly provide you the very valuable system. The system is not just about obtaining the understanding to associate with your specific problem. However, in some cases you well require fun point from guide. It can accompany you to run the time meaningfully and also well. Yeah, great time to review a book, great time to enjoy. And also the existence of this publication will be so accurate to be in yours.
As well as exactly how this publication will assist you? Do you believe that you have issue with similar subject? This is no fret about this. Even you have had the sources to address your issues; this publication will certainly complete what you need. Security And Usability: Designing Secure Systems That People Can Use is among guides that that has actually been written by the trusted author. With the experience, understanding, and truths that are used by this book, it is truly professional.
By downloading and install the online Security And Usability: Designing Secure Systems That People Can Use publication right here, you will certainly obtain some benefits not to opt for the book establishment. Merely attach to the net as well as start to download the web page web link we discuss. Now, your Security And Usability: Designing Secure Systems That People Can Use is ready to enjoy reading. This is your time and also your peacefulness to get all that you desire from this publication Security And Usability: Designing Secure Systems That People Can Use
About the Author
Dr. Lorrie Faith Cranor is an Associate Research Professor in the School of Computer Science at Carnegie Mellon University. She is a faculty member in the Institute for Software Research, International and in the Engineering and Public Policy department. She is director of the CMU Usable Privacy and Security Laboratory (CUPS).Simson Garfinkel is a journalist, entrepreneur, and international authority on computer security. Garfinkel is chief technology officer at Sandstorm Enterprises, a Boston-based firm that develops state-of-the-art computer security tools.
Read more
Product details
Paperback: 740 pages
Publisher: O'Reilly Media; 1 edition (September 4, 2005)
Language: English
ISBN-10: 9780596008277
ISBN-13: 978-0596008277
ASIN: 0596008279
Product Dimensions:
7 x 1.3 x 9.2 inches
Shipping Weight: 2.3 pounds (View shipping rates and policies)
Average Customer Review:
4.2 out of 5 stars
11 customer reviews
Amazon Best Sellers Rank:
#742,384 in Books (See Top 100 in Books)
I'd first come into contact with the author's writing in the course of my study as a doctoral student. Given that my academic focus is the intersection of usability and security, I hoped I'd find in this book a summary of his ideas on the topic. There is good stuff, but nothing that you don't find in a good number of other places. You won't find in this book ideas about how we leverage the Cloud, or enhanced sensory capabilities of computers and mobile devices to off-load some of the tedium of authentication, encryption, etc. from users onto systems. This idea is hinted at but not developed. Application programming interfaces provide little support for making security software more usable, for example. I don't expect to find code samples, but what are some of the enhancements to APIs, operating systems, and system architectures generally, that will allow interface designs that minimize the disruptions of antivirus software, or reduced the endless number of times we have to authenticate to resources? Usable design centers on developing to sound conceptual models, we get that, but we're beginning to paint over paint. Some walls need to kicked down. ...still looking
"Security is about inconvenience". This what the national Lotus Notes manager for a federal agency said to me last January at Lotusphere 2005. We were discussing their policy to block all incoming zip files at the gateway without telling users what formats would be acceptable as mail attachments. I disagreed with him then and I find that I am not alone. In "Security and Usability: Designing Secure Systems That People Can Use" (Lorrie Faith Cranor and Simon Garfinkel (Ed), 2005, 716 pages, ISBN 0596008279), O'Reilly has assembled a comprehensive and far-reaching set of 34 essays that challenges commonly held beliefs of the information security community and provides a solid basis to open new dialogues about the trade-offs between security and usability of systems. Without a doubt, it is now on my recommendation list of "must read" books for the information security, application development, system administration, and IT audit communities.The book is broken down into six sections. In the first, "Realigning Usability and Security", the reader is presented with five essays which hammer home the point that if security of applications and systems are not made user friendly, the users can and will find ways to bypass them. This may range from doing whatever they can to bypass the controls put in place to not using the systems at all. The next section, "Authentication Mechanisms", covers topics that include the evaluation of authentication mechanisms, the problems of passwords, challenge questions, biometrics and more.The third section, "Secure Systems", covers specific issues associated wit the use of PKI, the sanitizing of equipment being disposed, desktop security, and security administration tools/practices. From here, the fourth section, "Privacy and Anonymity Systems", deals with the challenging topic of privacy. The essays in this section focus on human-computer interaction, policies, analysis and more.The fifth section, "Commercializing Usability: The Vendor Perspective", sealed the deal from me. Why? Because it allowed the book to grow beyond a purely academic discussion to a discussion of real world challenges faced and addressed by vendors. The vendors selected - ZoneAlarm, Firefox, Microsoft, IBM/Lotus, and the now 'defunct' Groove Networks - are important because each vendor addresses important issues in strong security and IT governance as collaboration becomes more important.The final section, "The Classics", provides 3 essays focusing on users not being the enemy, a study of KaZaA, and why people cannot encrypt.Who Should Read This BookThe discussions presented in this book need to be discussed, even debated, if advances in the field are going to occur. And this debate should not be limited to the IT security community. This is because security is everyone's responsibility. As I said at the beginning of this review, I consider this book to be a "must read" for the information security, application development, system administration, and IT audit communities.The ScorecardEagle on a 600 yard Par 5 playing into a stiff wind
This isn't a typical O'Reilly book, and it's definitely not an "animal" book. I think that's something that's thrown a lot of people for a loop the first time they see this book. That change is good, however, because what O'Reilly has delivered is a book whose contents will stand up much longer and be more useful than most of the books out there on any technical subject, from any publisher. By having various viewpoints in information rich, managable pieces so well organized, the book itself is usable both as a read through from cover to cover and as a reference.Security and Usability (S&U) is targeted at two main camps. The usability camp who doesn't quite understand what a security system is. They think in terms of making the user's experience with the software better, and often that means making the design more accomodating. That's great, and very valuable, but sometimes that's been known to compromise the system's security.The other camp this book targets is a security application or a security system designer. Often this camp doesn't have a great grasp on usability. We (I think I fall into this category) tend to be power users and build systems that work for power users. When regular users (read: "everyone else") encounter such a system they're usually stuck, and understandably so. S&U introduces many usability concepts and paradigms to the software or system designer and provide a springboard for better results.Make no mistake, this book wont make you an expert in either field, but it will give you a deeper understanding and a strong foothold at improving both scenarios. If nothing else, it gives both camps the vocabulary to start talking and working together.One of my favorite chapters in the book outlines how ZoneAlarm was designed and implemented, along with some of its issues along the way. This is a remarkably successful application that achieves both good security design and utility while being usable by a large portion of the population. Such a study - and the book has many similar studies to back up viewpoints - is an invaluable aid in getting the message across.If you write security software, design security systems, or work with a team that does, by all means look at this book. It will improve your product.
Security and Usability: Designing Secure Systems that People Can Use PDF
Security and Usability: Designing Secure Systems that People Can Use EPub
Security and Usability: Designing Secure Systems that People Can Use Doc
Security and Usability: Designing Secure Systems that People Can Use iBooks
Security and Usability: Designing Secure Systems that People Can Use rtf
Security and Usability: Designing Secure Systems that People Can Use Mobipocket
Security and Usability: Designing Secure Systems that People Can Use Kindle
0 comments:
Post a Comment