Enabling Trustworthy Users
It is often said that the user is the weakest link in any secure system. Such arguments overstate the level of communication provided to users. Coordinating the user response with the risk profile appropriate to current activities and context can enable superior digital self-defense. Such coordination requires neither full transparency (with complete technical details) nor opaque, vague, decontextualized warnings.
I propose, in contrast, translucent security which informs individuals of the risk state of their virtual context, and teams with the individual to create the appropriate security posture.
Translucent security approaches users as individuals making complex risk decisions. Instead of a plethora of add-ins, add-ons, and an ever expanding vocabulary of attacks and defense, translucent security offers a single narrative with a consistent metaphor about the risk context, and a path to risk mitigation. These narratives are embedded in messages that (1) leverage mental models to describe the risks; (2) describe particular risks to which a user may be exposed; and (3) contain risk-mitigating information close in time to the risk decision itself.
In this talk I provide both the theoretical underpinning and specific examples where informing the user about the likely context using appropriate warnings changes user behavior. I propose other communications, and critique the current state of the art.
Speaker Details
Professor L. Jean Camp’s core contributions are within the intersection of human behavior and computer security. Professor Camp is the author of “Trust and Risk in Internet Commerce” (MIT Press), “Economics of Identity Theft” (Springer) and the editor of “Economics of Information Security” (Kluwer Academic). She has authored one hundred thirty additional works, with scores of invited presentations on six continents.
- Series:
- Microsoft Research Talks
- Date:
- Speakers:
- L. Jean Camp
- Affiliation:
- Indiana University
-
-
Jeff Running
-
Series: Microsoft Research Talks
-
Decoding the Human Brain – A Neurosurgeon’s Experience
Speakers:- Pascal Zinn,
- Ivan Tashev
-
-
-
-
-
-
Challenges in Evolving a Successful Database Product (SQL Server) to a Cloud Service (SQL Azure)
Speakers:- Hanuma Kodavalla,
- Phil Bernstein
-
Improving text prediction accuracy using neurophysiology
Speakers:- Sophia Mehdizadeh
-
Tongue-Gesture Recognition in Head-Mounted Displays
Speakers:- Tan Gemicioglu
-
DIABLo: a Deep Individual-Agnostic Binaural Localizer
Speakers:- Shoken Kaneko
-
-
Recent Efforts Towards Efficient And Scalable Neural Waveform Coding
Speakers:- Kai Zhen
-
-
Audio-based Toxic Language Detection
Speakers:- Midia Yousefi
-
-
From SqueezeNet to SqueezeBERT: Developing Efficient Deep Neural Networks
Speakers:- Sujeeth Bharadwaj
-
Hope Speech and Help Speech: Surfacing Positivity Amidst Hate
Speakers:- Monojit Choudhury
-
-
-
-
-
'F' to 'A' on the N.Y. Regents Science Exams: An Overview of the Aristo Project
Speakers:- Peter Clark
-
Checkpointing the Un-checkpointable: the Split-Process Approach for MPI and Formal Verification
Speakers:- Gene Cooperman
-
Learning Structured Models for Safe Robot Control
Speakers:- Ashish Kapoor
-