References of "IEEE TrustCom"
     in
Bookmark and Share    
Full Text
Peer Reviewed
See detailStudies in Socio-Technical Security Analysis: Authentication of Identities with TLS Certificates
Ferreira, Ana UL; Giustolisi, Rosario UL; Huynen, Jean-Louis UL et al

in IEEE TrustCom (2013)

Authenticating web identities with TLS certificates is a typical problem whose security depends on both technical and human aspects, and that needs, to be fully grasped, a socio-technical analysis. We ... [more ▼]

Authenticating web identities with TLS certificates is a typical problem whose security depends on both technical and human aspects, and that needs, to be fully grasped, a socio-technical analysis. We performed such an analysis, and in this paper we comment on the tools and methodology we found appropriate. We first analysed the interaction ceremonies between users and the most used browsers in the market. Then we looked at user's understanding of those interactions. Our tools and our methodology depend on whether the user model has a non-deterministic or a realistic behaviour. We successfully applied formal methods in the first case. In the second, we had to define a security framework consistent with research methods of experimental cognitive science. [less ▲]

Detailed reference viewed: 155 (34 UL)