ATUS - A Toolkit for Usable Security
-
Upload
sven-wohlgemuth -
Category
Science
-
view
31 -
download
3
Transcript of ATUS - A Toolkit for Usable Security
Priority Programme of the German Research Foundation
“Security in Information- and Communicationtechnology”
10
48
42
20
0
10
20
30
40
50
60
Problem Category I Problem Category II Problem Category III Problem Category
IV
Cit
ati
on
s
Prof. Dr. Günter Müller
Rafael Accorsi, Maike Gilliot,
Sebastian Höhn, Sven Wohlgemuth
Albert-Ludwigs University of Freiburg
Institute of Computer Science and Social Studies
A Toolkit for Usable Security
Department of Telematics
www.telematik.uni-freiburg.de
e-mail: [email protected]
Secure Delegation of RightsPartial Identities
HC+I
control
Dynamic Systems
Controllability
Observabilityobserve
Does Usability Matter? Dynamic Systems: Loss of Control
Take Machine-to-Machine Communication into Account
• Comprehensible User Interfaces
• Controlling Use of Data
• Observing Use of Data
Approach: Extend HCI to HC+I
PC I: Usability Problems, No Effects on Security
PC II: Security Relevant, Security Concept is Comprehensible and Familiar
PC III: Security Relevant, Security Concept is Unknown
PC IV: Technical Security Problems
Secure Logging
13: Show one-show credential(attributes, proxy, restrictions)
12: Request patents, establish pseudonym12: Request patents, establish pseudonym
9: Show proxyCredential(TID, attributes, proxy, restrictions),
establish pseudonym
11: Return one-show credential(attributes, proxy, restrictions)
10: Verify delegation(proxyCredential, policy), log delegation
4: Request proxyCredential(attributes, proxy, policy), establish pseudonym
5: Show credential(attributes, user)
7: Return proxyCredential(TID, attributes, proxy, restrictions)
8: Forward proxyCredential(TID, attributes, proxy, restrictions)
2: Query for attributes
3: Decide delegation request
1: Request patents, establish pseudonym
iManager
+ anonyme
Credentials
Alternative
zur
Weitergabe
von
kMaxkMax
6: Add entry (TID, attributes, pseudonym, credential, policy)
to delegation list
iManager
+ anonyme
Credentials