Reference : Detecting misalignments between system security and user perceptions: a preliminary s...
Scientific congresses, symposiums and conference proceedings : Paper published in a book
Engineering, computing & technology : Computer science
Security, Reliability and Trust
http://hdl.handle.net/10993/39726
Detecting misalignments between system security and user perceptions: a preliminary socio-technical analysis of an E2E email encryption system
English
Stojkovski, Borce mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > Computer Science and Communications Research Unit (CSC) >]
Vazquez Sandoval, Itzel mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Lenzini, Gabriele mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
2019
4th European Workshop on Usable Security - 2019 IEEE European Symposium on Security and Privacy Workshops
Yes
International
4th European Workshop on Usable Security
20-06-2019
Stockholm
Sweden
[en] socio-technical security ; UX ; formal models
[en] The set of impressions that a user has about distinct aspects of a system depends on the experience perceived while interacting with the system. Considering the effects of these interactions in a security analysis allows for a new class of security properties in terms of misalignments between the system’s technical guarantees and the user’s impressions of them. For instance, a property that we call “false sense of insecurity” identifies a situation in which a secure system injects uncertainty in users, thus improperly transmitting the degree of protection that it actually provides; another, which we call “false sense of security”, captures situations in which a system instills a false sense of security beyond what a technical analysis would justify. Both situations leave room for attacks. In this paper we propose a model to define and reason about such socio-technical misalignments. The model refers to and builds on the concept of security ceremonies, but relies on user experience notions and on security analysis techniques to put together the information needed to verify misalignment properties about user’s impressions and system’s security guarantees. We discuss the innovative insight of this pilot model for a holistic understanding of a system’s security. We also propose a formal model that can be used with existing model checkers for an automatic analysis of misalignments. We exemplify the approach by modelling one specific application for end-to-end email encryption within which we analyze a few instances of misalignment properties.
Interdisciplinary Centre for Security, Reliability and Trust (SnT) > Applied Security and Information Assurance Group (APSIA)
Fonds National de la Recherche - FnR
PRIDE15/10621687/SPsquared
http://hdl.handle.net/10993/39726
FnR ; FNR10621687 > Sjouke Mauw > SPsquared > Security and Privacy for System Protection > 01/01/2017 > 30/06/2023 > 2016

File(s) associated to this reference

Fulltext file(s):

FileCommentaryVersionSizeAccess
Limited access
21.pdfAuthor postprint1.09 MBRequest a copy

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.