For years, secure application design was framed as a tradeoff: usability vs. security. Designers hoped to strike the right balance, trading off one for the other.

This is no longer "conventional wisdom." In some situations, a tradeoff is inevitable. In many other instances, usable and secure designs are the simplest and most elegant designs.

Our projects show how we can design security software for everyday, non-expert users. We design security mechanisms into existing processes. The results are technologies that are secure in an intuitive way.

Analysis of Industry Standards

Bluetooth Simple Pairing and Wi-Fi Protected Setup specify mechanisms for exchanging authentication credentials in wireless networks. To accommodate devices with varying hardware capabilities, Simple Pairing and Protected Setup support multiple setup mechanisms. This increases the chances for security vulnerabilities and hurts the user experience. To improve the security and usability of these specifications, we suggest defining a common baseline for hardware features and a consistent, interoperable user experience across devices.

Design for Anti-Phishing Technologies

Phishing attacks exploit a user’s inability to distinguish legitimate websites from spoofed websites. Unfortunately, human users are ill-suited to perform the security checks necessary for secure website identification.

Phoolproof Phishing Prevention uses a trusted device (e.g., a cell phone) to perform mutual authentication with websites. More information about Phoolproof can be found on its project page.

Google Safe Browsing / Firefox Phishing Prevention is a browser-based warning system. It actively prevents users from accessing known phishing sites. More information about Google Safe Browsing / Firefox Phishing Prevention can be found at http://www.mozilla.com/en-US/firefox/phishing-protection/.

Design for Configuration Interfaces

For home consumers, the setup and configuration of new technologies is a daunting experience. Few of the home users who successfully deploy an 802.11 wireless LAN enable the security features of the network.

We present our design, implementation, and evaluation of a configuration interface for 802.11 access points. The interface enables home consumers to configure their wireless networks securely. Our system empowers end users — even novices — to make configuration decisions appropriate to their situation. With existing interfaces, more knowledgeable users are better able to configure secure networks than novice users. Our system levels the playing field, enabling non-experts to perform as well as experts.

We also summarize the problems we encountered in evaluating secure wireless network configuration. Many textbook user study methods make assumptions which may not hold for security applications. After trying several user study methods, we designed our own study by adapting several different techniques.

The lessons that we learned in this domain will apply to other security configuration interfaces as well.

We are grateful to the National Science Foundation (NSF) and Intel Corporation for funding this research.

Contact Us