An Economic View Usable Security

The past 10 years have seen a significant body of research aiming to improve the usability of security mechanisms. This activity has produced a wealth of new and/or improved security mechanisms – novel authentication mechanisms in particular. However, very few of these have been adopted in corporate or e-commerce environments – the proliferation of passwords is continuing, even though users despair and security people argue they are not secure. Based on research carried out as part of the Trust Economics project (www.trust-economics.org), we argue that a failure to recognise the full cost of unusable security and resulting non-compliance means key decision-makers are reluctant to consider new solutions. We present a method for modeling the full cost of operating security mechanisms, which includes the impact on individual and organisational productivity.

Speaker Details

M. Angela Sasse is the Professor of Human-Centred Technology and Head of Information Security Research in the Department of Computer Science at University College London, UK. A usability researcher by training, she has been researching human aspects of security, privacy, identity and trust for 10+ years.

Adam Beautement is a cognitive science graduate and final-year doctoral student in the Department of Computer Science at UCL, who has completed an internship at HPLabs Bristol.

Date:
Speakers:
M. Angela Sasse and Adam Beautement
Affiliation:
University College London, UK

    • Portrait of Jeff Running

      Jeff Running