Detecting cognitive causes of confidentiality leaks
R. s\.enas, P. Curzon, and A. Blandford. Electronic Notes in Theoretical Computer Science: Proceedings of the First International Workshop on Formal Methods for Interactive Systems (FMIS 2006), (July 2007)
Abstract
Most security research focuses on the technical aspects of systems. We consider security from a user-centred point of view. We focus on cognitive processes that influence security of information flow from the user to the computer system. For this, we extend our framework developed for the verification of usability properties. Finally, we consider small examples to illustrate the ideas and approach, and show how some confidentiality leaks, caused by a combination of an inappropriate design and certain aspects of human cognition, can be detected within our framework.
Electronic Notes in Theoretical Computer Science: Proceedings of the First International Workshop on Formal Methods for Interactive Systems (FMIS 2006)
%0 Journal Article
%1 loepucl5129
%A s\.enas, R. Ruk\v
%A Curzon, P.
%A Blandford, A.
%D 2007
%J Electronic Notes in Theoretical Computer Science: Proceedings of the First International Workshop on Formal Methods for Interactive Systems (FMIS 2006)
%K SAL UCLIC architecture; cognitive error; formal human security; verification;
%P 21--38
%T Detecting cognitive causes of confidentiality leaks
%U http://eprints.ucl.ac.uk/5129/
%V 183
%X Most security research focuses on the technical aspects of systems. We consider security from a user-centred point of view. We focus on cognitive processes that influence security of information flow from the user to the computer system. For this, we extend our framework developed for the verification of usability properties. Finally, we consider small examples to illustrate the ideas and approach, and show how some confidentiality leaks, caused by a combination of an inappropriate design and certain aspects of human cognition, can be detected within our framework.
@article{loepucl5129,
abstract = {Most security research focuses on the technical aspects of systems. We consider security from a user-centred point of view. We focus on cognitive processes that influence security of information flow from the user to the computer system. For this, we extend our framework developed for the verification of usability properties. Finally, we consider small examples to illustrate the ideas and approach, and show how some confidentiality leaks, caused by a combination of an inappropriate design and certain aspects of human cognition, can be detected within our framework.},
added-at = {2008-10-22T16:08:08.000+0200},
author = {s\.enas, R. Ruk\v and Curzon, P. and Blandford, A.},
biburl = {https://www.bibsonomy.org/bibtex/26fa0bc8609e59a9ec1019b6ab64d590b/spdegabrielle},
description = {UCLIC},
interhash = {d5305ea37f34fbb0ce7498b3f069d463},
intrahash = {6fa0bc8609e59a9ec1019b6ab64d590b},
journal = {Electronic Notes in Theoretical Computer Science: Proceedings of the First International Workshop on Formal Methods for Interactive Systems (FMIS 2006)},
keywords = {SAL UCLIC architecture; cognitive error; formal human security; verification;},
month = {July},
pages = {21--38},
timestamp = {2008-10-22T16:48:27.000+0200},
title = {Detecting cognitive causes of confidentiality leaks},
url = {http://eprints.ucl.ac.uk/5129/},
volume = 183,
year = 2007
}