Abstract:
In the last few years, Internet users have seen the rapid expansion of
phishing, man-in-the-middle, malware and other attacks that attempt to
trick users into revealing sensitive data. We have also seen the
introduction of new authentication and identity management systems across
the Web. The scale and complexity, combined with the privacy and security
requirements of these systems, create steep challenges for usability. To
design systems and interfaces to shield users from attacks, it is
important to know which kinds of attack strategies are successful and why
users are deceived. In this talk, I posit seven flaws or design
challenges that must be met for authentication and identity management
systems to be usable and accepted by the general public.
Bio:
Rachna Dhamija is a Postdoctoral Fellow at the Center for Research on
Computation and Society at Harvard University. Rachna's research
interests span the fields of computer security, human computer interaction
and information policy. She received a Ph.D. from U.C. Berkeley, where
her thesis focused on the design and evaluation of usable security
systems. Previously, Dhamija worked on electronic payment system privacy
and security at CyberCash. Her research has been featured in the New York
Times, the Wall Street Journal, the Economist and CNN.