Human–computer interaction (security): Difference between revisions
Appearance
Content deleted Content added
Fix cat sort |
Move HCI wikilink to body |
||
Line 1: | Line 1: | ||
'''HCISec''' is the study of interaction between humans and computers, or [[ |
'''HCISec''' is the study of interaction between humans and computers, or [[human–computer interaction]], specifically as it pertains to [[information security]]. Its aim, in plain terms, is to improve the [[usability]] of security features in [[end user]] applications. |
||
Unlike HCI, which has roots in the early days of [[Xerox PARC]] during the 1970s, HCISec is a nascent field of study by comparison. Not surprisingly, interest in this topic tracks with that of [[Internet security]], which has become an area of broad public concern only in very recent years. |
Unlike HCI, which has roots in the early days of [[Xerox PARC]] during the 1970s, HCISec is a nascent field of study by comparison. Not surprisingly, interest in this topic tracks with that of [[Internet security]], which has become an area of broad public concern only in very recent years. |
||
Line 10: | Line 10: | ||
* their interface designers lacked understanding of related security concepts |
* their interface designers lacked understanding of related security concepts |
||
* their interface designers were not usability experts (often meaning they were the application developers themselves) |
* their interface designers were not usability experts (often meaning they were the application developers themselves) |
||
==See also== |
|||
*[[Human-computer interaction]] |
|||
==Further reading== |
==Further reading== |
Revision as of 22:58, 16 May 2012
HCISec is the study of interaction between humans and computers, or human–computer interaction, specifically as it pertains to information security. Its aim, in plain terms, is to improve the usability of security features in end user applications.
Unlike HCI, which has roots in the early days of Xerox PARC during the 1970s, HCISec is a nascent field of study by comparison. Not surprisingly, interest in this topic tracks with that of Internet security, which has become an area of broad public concern only in very recent years.
Historically, security features exhibit poor usability for reasons that include:
- they were added in casual afterthought
- they were hastily patched in to address newly discovered security bugs
- they address very complex use cases without the benefit of a software wizard
- their interface designers lacked understanding of related security concepts
- their interface designers were not usability experts (often meaning they were the application developers themselves)
Further reading
- "Design Principles and Patterns for Computer Systems That Are Simultaneously Secure and Usable", by Simson Garfinkel