National Academies Press: OpenBook

Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop (2010)

Chapter: 1 Overview of Security, Privacy, and Usability

« Previous: Front Matter
Suggested Citation:"1 Overview of Security, Privacy, and Usability." National Research Council. 2010. Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/12998.
×

1
Overview of Security, Privacy, and Usability

This overview briefly discusses computer system security and privacy, their relationship to usability, and research at their intersection. The chapter is drawn from remarks made at the National Research Council’s (NRC’s) July 2009 Workshop on Usability, Security, and Privacy of Computer Systems as well as recent reports from the NRC’s Computer Science and Telecommunications Board (CSTB) on security and privacy.1

SECURITY

Society’s reliance on information technology (IT) has been increasing simultaneously with the ability of individuals, organizations, and state actors to conduct attacks on computer systems and networks. IT has become essential to the day-to-day operations of companies, organizations, and government. People’s personal lives also involve computing in areas ranging from communication with family and friends to online banking and other household and financial management activities. Companies large and small are ever more reliant on information systems to support diverse business processes, including payroll and accounting, the tracking of inventory, the operation of sales, manufacturing, and research

1

National Research Council, Toward a Safer and More Secure Cyberspace, Seymour E. Goodman and Herbert S. Lin, eds., The National Academies Press, Washington, D.C., 2007; and National Research Council, Engaging Privacy and Information Technology in a Digital Age, James Waldo, Herbert S. Lin, and Lynette I. Millett, eds., The National Academies Press, Washington, D.C., 2007.

Suggested Citation:"1 Overview of Security, Privacy, and Usability." National Research Council. 2010. Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/12998.
×

and development—that is, computer systems are increasingly needed for organizations to be able to operate at all. Critical national infrastructures—such as those associated with energy, banking and finance, defense, law enforcement, transportation, water systems, and government and private emergency services—also depend on information systems and networks. The telecommunications system itself and the Internet running on top of it are critical infrastructure for the nation. Information systems play a critical role in many governmental functions, including national security and homeland and border security.

The conventional definition of computer security relates to the following attributes of a computer system: confidentiality (the system prevents unauthorized access to information), integrity (information in the system cannot be altered without authorization), and availability (the system is available for authorized use). Authentication—the verification of identity using some combination of something that one knows (such as a password), something that one has (such as a hardware token), and something that one is (such as a fingerprint)—is often thought of as an additional essential security capability. Reliability is a closely related concept—a reliable system performs and maintains its functions even in hostile circumstances, including but not limited to threats from adversaries.

Nearly all indications of the severity of the security threat to computer systems, whether associated with losses or damage, type of attack, or presence of vulnerability, indicate a continuously worsening problem.2 The potential consequences fall into three broad categories:

  • Economic drag—To counter security problems, organizations are forced to spend in order to defend and strengthen insecure IT systems.

  • Avoidance—Because of the perceived security risks of computing, individuals or organizations avoid using IT systems, thereby missing the potential benefit of their use.

  • Catastrophe—Failure of an IT system causes major economic loss and perhaps even loss of life. A catastrophe could be the result of a cyberattack, a serious software design or implementation flaw, or system misuse.

Despite advances that have been made in both practice and technology, cybersecurity will be a concern into the foreseeable future. More and more sensitive information will be stored in systems whose security does not necessarily increase in proportion to the value of the assets they contain. The threats will continue to evolve both on their own and as defenses against them are discovered and implemented. New vulnerabilities will emerge as previously unknown weaknesses are uncovered and as innova-

2

NRC, Toward a Safer and More Secure Cyberspace, 2007, p. 2.

Suggested Citation:"1 Overview of Security, Privacy, and Usability." National Research Council. 2010. Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/12998.
×

tion leads to the use of IT in new applications and the deployment of new technologies. The growing complexity of IT systems and the fast-growing importance of network access and network-intermediated computing are likely to increase the emergence of new vulnerabilities.

PRIVACY

Information privacy concerns the protection of information about individuals and other entities. The environment for privacy is dynamic, reflecting societal shifts (e.g., increases in electronic communication), varying and evolving attitudes (e.g., across generations or cultures), and discontinuities (e.g., events and emerging conditions that rapidly transform the national debate, such as the September 11, 2001, attacks and the global response to them) as well as technological change. The decreasing cost of storage combined with the increase in communications devices, including, and especially, mobile ones, has led to remarkable impacts on personal privacy within a very short period of time. Private information can be compromised by attacking networks and computers directly or by tricking users into revealing the information or the credentials required to access it.3 Protecting privacy often occurs in the face of competing interests in the collection or use of particular information, and addressing privacy issues thus involves understanding and balancing these interests.

USABILITY

Usability may be thought of narrowly in terms of the quality of a system’s interfaces, but the concept applies more broadly to how well a system supports user needs and expectations. The International Organization for Standardization (ISO) 9241-11 standard defines usability as “the extent to which a product can be used by specified users to achieve specified goals with effectiveness, efficiency and satisfaction in a specified context of use.”4 A framework attributed to both Nielsen5 and Shneiderman6 describes usability in terms of learnability, efficiency of use, memorability, few and noncatastrophic errors, and subjective satisfaction. Usability relates not only to understanding what taking a particular action means in

3

One example of the latter is phishing, which refers to attempts to acquire sensitive information such as passwords by pretending in an e-mail or other communication to be a trustworthy entity.

4

International Organization for Standardization (ISO), Ergonomics of Human System Interactions: Guidance on Usability (Part 11), ISO, Geneva, 1998.

5

Jakob Nielsen, Usability Engineering, Academic Press, San Diego, Calif., 1993, p. 26.

6

Ben Shneiderman, Designing the User Interface: Strategies for Effective Human-Computer-Interaction, Addison-Wesley, Reading, Mass., 1992.

Suggested Citation:"1 Overview of Security, Privacy, and Usability." National Research Council. 2010. Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/12998.
×

the context of a particular interaction, but also to whether the user understands the implications of his or her choices in a broader context. Information system design and development inevitably embed assumptions and values, both implicit and explicit, that have impacts on a system’s users; these considerations may be thought of as another aspect of usability.

USABILITY, SECURITY, AND PRIVACY

Despite many advances, security and privacy often remain too complex for individuals or enterprises to manage effectively or to use conveniently. Security is hard for users, administrators, and developers to understand, making it all too easy to use, configure, or operate systems in ways that are inadvertently insecure. Moreover, security and privacy technologies originally were developed in a context in which system administrators had primary responsibility for security and privacy protections and in which the users tended to be sophisticated. Today, the user base is much wider—including the vast majority of employees in many organizations and a large fraction of households—but the basic models for security and privacy are essentially unchanged.

Security features can be clumsy and awkward to use and can present significant obstacles to getting work done. As a result, cybersecurity measures are all too often disabled or bypassed by the users they are intended to protect.7 Similarly, when security gets in the way of functionality, designers and administrators deemphasize it. Workshop participant Don Norman quipped, “The more secure a system, the less secure the system”—that is, when users find that security gets in their way, they figure out ways to bypass it.8 Indeed, some participants suggested, it may be the dedicated workers who are most highly motivated to defeat security measures.

The result is that end users often engage in actions, knowingly or unknowingly, that compromise the security of computer systems or contribute to the unwanted release of personal or other confidential information. For example, industry reports, such as the one issued in 2008 by the

7

A recent paper by Herley explains that “security advice is a daily burden, applied to the whole population, while an upper bound on the benefit is the harm suffered by the fraction that become victims annually.” C. Herley, “So Long, and No Thanks for the Externalities: The Rational Rejection of Security Advice by Users,” New Security Paradigms Workshop 2009, Oxford.

8

This observation was published following the workshop in D.A. Norman, “When Security Gets in the Way,” Interactions 16(6): 60-63, 2009; a similar observation (“More onerous security requirements can lead to less secure situations”) appears in D.A. Norman, Living with Complexity, MIT Press, Cambridge, Mass., 2010, Chapter 3, in press.

Suggested Citation:"1 Overview of Security, Privacy, and Usability." National Research Council. 2010. Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/12998.
×

Verizon Business RISK Team, have highlighted the impact that end users have on system security. As the Verizon report observed:

[L]oosely defined, error is a contributing factor in nearly all data breaches. Poor decisions, misconfigurations, omissions, non-compliance, process breakdowns, and the like undoubtedly occur somewhere in the chain of events leading to the incident.9

Usability and security are thus attributes that can trade off against each other. For example, requiring users to change their passwords periodically may improve security but places a greater burden on users. (Poor usability may also reduce security by driving users to workarounds, such as when users tape hard-to-remember passwords to their workstations.) Or, a password may be replaced by a hardware token; this relieves the user of having to remember a password but imposes a new burden on the user to carry the token wherever that access is required.

Poor usability is also an impediment to privacy protection. For example, a privacy policy or privacy settings that are difficult to understand or navigate make it difficult for users to know what privacy choices they have made or to change the settings to best reflect their preferences.

Usability, security, and privacy are all especially challenging aspects of system design. For example, although well-established techniques exist for testing the usability of a system, at least in the narrow sense of the quality of the system’s interface, much less is known about how to effectively embed usability considerations in a specification. Better user models might help in the identification of usability requirements and more generally speed development. More sophisticated models might make it easier to strike the right balance between usability and risk mitigation. Moreover, usability, security, and privacy have all come to be understood as attributes that must be addressed throughout a system’s development life cycle. Early decisions about architecture, data structures, and so forth can have a large impact on what sorts of usability aspects are even feasible. Finally, both usability and security/privacy considerations are not finished once a product or system is released, but need to be kept in mind through the life cycle of use—assumptions, norms, and expectations may change over time. Data about these factors can be gathered and taken into account during system updates and revisions.

9

Verizon Business RISK Team, 2009 Data Breach Investigations Report, Verizon business. Available at http://www.verizonbusiness.com/products/security/risk/databreach; accessed February 16, 2010.

Suggested Citation:"1 Overview of Security, Privacy, and Usability." National Research Council. 2010. Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/12998.
×

USABILITY, SECURITY, AND PRIVACY: AN EMERGING DISCIPLINE

A small but growing research community has been working at the intersection of usability, security, and privacy—one that draws on expertise from multiple disciplines including computer security, human-computer interaction, and psychology. Participants noted that as an emerging and multidisciplinary discipline, it is sometimes viewed as too “soft” by some engineers and scientists and that it does not always have buy-in from those responsible for managing the development and operation of computer systems. There has, however, been growing interest in the field from the more traditional disciplines. Papers at the intersection have appeared occasionally at traditional security conferences for many years, but until recently there have been few sustained research efforts in this area. Exploratory workshops held in 2003 and 2004 led to the organization in 2005 of the first formal conference on this topic, the Symposium on Usable Privacy and Security (SOUPS), which has been held annually since then. Increasingly, usable security and privacy papers are also appearing at traditional security conferences and human-computer interaction conferences, more academic and industry researchers are focusing their research in this area, several universities now offer courses in this area,10 and the National Science Foundation’s Trustworthy Computing program highlights usability as an important research area.

10

For example, courses have been offered by Carnegie Mellon University (“Usable Privacy and Security”; see http://cups.cs.cmu.edu/courses/ups.html), and Harvard University (“Security and Privacy Usability”; see http://www.seas.harvard.edu/courses/cs279/syllabus.html).

Suggested Citation:"1 Overview of Security, Privacy, and Usability." National Research Council. 2010. Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/12998.
×
Page 1
Suggested Citation:"1 Overview of Security, Privacy, and Usability." National Research Council. 2010. Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/12998.
×
Page 2
Suggested Citation:"1 Overview of Security, Privacy, and Usability." National Research Council. 2010. Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/12998.
×
Page 3
Suggested Citation:"1 Overview of Security, Privacy, and Usability." National Research Council. 2010. Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/12998.
×
Page 4
Suggested Citation:"1 Overview of Security, Privacy, and Usability." National Research Council. 2010. Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/12998.
×
Page 5
Suggested Citation:"1 Overview of Security, Privacy, and Usability." National Research Council. 2010. Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/12998.
×
Page 6
Next: 2 Framing the Security and Usability Challenges »
Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop Get This Book
×
Buy Paperback | $29.00 Buy Ebook | $23.99
MyNAP members save 10% online.
Login or Register to save!
Download Free PDF

Despite many advances, security and privacy often remain too complex for individuals or enterprises to manage effectively or to use conveniently. Security is hard for users, administrators, and developers to understand, making it all too easy to use, configure, or operate systems in ways that are inadvertently insecure. Moreover, security and privacy technologies originally were developed in a context in which system administrators had primary responsibility for security and privacy protections and in which the users tended to be sophisticated. Today, the user base is much wider--including the vast majority of employees in many organizations and a large fraction of households--but the basic models for security and privacy are essentially unchanged.

Security features can be clumsy and awkward to use and can present significant obstacles to getting work done. As a result, cybersecurity measures are all too often disabled or bypassed by the users they are intended to protect. Similarly, when security gets in the way of functionality, designers and administrators deemphasize it.

The result is that end users often engage in actions, knowingly or unknowingly, that compromise the security of computer systems or contribute to the unwanted release of personal or other confidential information. Toward Better Usability, Security, and Privacy of Information Technology discusses computer system security and privacy, their relationship to usability, and research at their intersection.

  1. ×

    Welcome to OpenBook!

    You're looking at OpenBook, NAP.edu's online reading room since 1999. Based on feedback from you, our users, we've made some improvements that make it easier than ever to read thousands of publications on our website.

    Do you want to take a quick tour of the OpenBook's features?

    No Thanks Take a Tour »
  2. ×

    Show this book's table of contents, where you can jump to any chapter by name.

    « Back Next »
  3. ×

    ...or use these buttons to go back to the previous chapter or skip to the next one.

    « Back Next »
  4. ×

    Jump up to the previous page or down to the next one. Also, you can type in a page number and press Enter to go directly to that page in the book.

    « Back Next »
  5. ×

    Switch between the Original Pages, where you can read the report as it appeared in print, and Text Pages for the web version, where you can highlight and search the text.

    « Back Next »
  6. ×

    To search the entire text of this book, type in your search term here and press Enter.

    « Back Next »
  7. ×

    Share a link to this book page on your preferred social network or via email.

    « Back Next »
  8. ×

    View our suggested citation for this chapter.

    « Back Next »
  9. ×

    Ready to take your reading offline? Click here to buy this book in print or download it as a free PDF, if available.

    « Back Next »
Stay Connected!