Security-Centered Design
7 likes1,056 views
The document discusses the importance of security-centered design through examples of authentication methods like OAuth and Facebook Connect, alongside the psychology of user interactions such as ambient signifiers and change blindness. It highlights the need to accommodate user expectations while addressing security concerns and mentions related topics on privacy and user experience. The author, Chris Shiflett, emphasizes a practical approach to design that respects user behavior and enhances security in digital environments.
Security-Centered Design
- 1. SECURITY- CENTERED DESIGN Chris Shiflett shiflett.org @shiflett Tuesday, February 21, 12
- 2. Tuesday, February 21, 12
- 4. STOP Collaborate & Listen Tuesday, February 21, 12
- 5. Tuesday, February 21, 12
- 6. Web craftsman from Brooklyn, NY, working on Who am I? Mapalong and Brooklyn Beta from Studiomates. Tuesday, February 21, 12
- 7. TALK OUTLINE Psychology Fun – Ambient Signifiers, Change Blindness Authentication & Phishing – Password Anti-Pattern, OAuth, Facebook Connect Examples – SmugMug Privacy, Facebook Worm, Twitter Don’t Click Tuesday, February 21, 12
- 8. AMBIENT SIGNIFIERS Tuesday, February 21, 12
- 9. Tokyo Subway Tuesday, February 21, 12
- 10. Tokyo Subway Tuesday, February 21, 12
- 11. Ambient Umbrella Tuesday, February 21, 12
- 12. Ambient SSL Tuesday, February 21, 12
- 13. Login Seals Tuesday, February 21, 12
- 14. CHANGE BLINDNESS Tuesday, February 21, 12
- 15. Tuesday, February 21, 12
- 16. STOP Tuesday, February 21, 12
- 17. STOP Hammertime Tuesday, February 21, 12
- 18. Tuesday, February 21, 12
- 19. Tuesday, February 21, 12
- 20. Tuesday, February 21, 12
- 21. Tuesday, February 21, 12
- 22. Tuesday, February 21, 12
- 23. DERREN BROWN Tuesday, February 21, 12
- 24. PASSWORD ANTI-PATTERN Tuesday, February 21, 12
- 25. Tuesday, February 21, 12
- 26. Tuesday, February 21, 12
- 27. OAUTH http://shiflett.org/blog/2010/sep/twitter-oauth Tuesday, February 21, 12
- 28. Tuesday, February 21, 12
- 29. FACEBOOK CONNECT Tuesday, February 21, 12
- 30. Tuesday, February 21, 12
- 31. Tuesday, February 21, 12
- 32. Tuesday, February 21, 12
- 33. THE WEB IS NOT OBVIOUS Tuesday, February 21, 12
- 34. Tuesday, February 21, 12
- 35. OPENID OAUTH http://openid.net/ http://oauth.net/ OPENID & OAUTH HYBRID http://j.mp/openidoauth SHARED RESPONSIBILITY http://simonwillison.net/2009/Jul/16/responsibility/ Tuesday, February 21, 12
- 36. SMUGMUG PRIVACY Tuesday, February 21, 12
- 37. Tuesday, February 21, 12
- 38. Accommodate users’ expectations and tendencies; Pave the cow paths. don’t try to modify them. Tuesday, February 21, 12
- 39. Tuesday, February 21, 12
- 40. Be Humble Tuesday, February 21, 12
- 41. FACEBOOK WORM Tuesday, February 21, 12
- 42. Tuesday, February 21, 12
- 43. Tuesday, February 21, 12
- 44. TWITTER DON’T CLICK Tuesday, February 21, 12
- 45. Tuesday, February 21, 12
- 46. Tuesday, February 21, 12
- 47. Tuesday, February 21, 12
- 48. Tuesday, February 21, 12
- 49. RELATED POSTS Security and User Experience – http://shiflett.org/blog/2008/jan/security-and-user-experience Ambient Signifiers – http://shiflett.org/blog/2007/feb/ambient-signifiers Facebook Worm – http://shiflett.org/blog/2008/nov/facebook-worm Twitter Don’t Click Exploit – http://shiflett.org/blog/2009/feb/twitter-dont-click-exploit Tuesday, February 21, 12
- 50. PHOTOS Tree – http://flickr.com/photos/stuckincustoms/529110230 Cow path – http://flickr.com/photos/suda/672714986 My backyard – http://flickr.com/photos/shiflett/3261447115 Tuesday, February 21, 12
- 51. Tuesday, February 21, 12
- 52. FEEDBACK? Follow me on Twitter – @shiflett Comment on my blog – shiflett.org Email me – chris@shiflett.org Tuesday, February 21, 12