Go to content (C) | Go to Menu (M)  
HCI 2013 International, www.hcii2013.org
Welcome Las Vegas, Nevada, USA
HCI International 2013
 
21 - 26 July 2013, Mirage Hotel, Las Vegas, Nevada, USA
Conference Management System
Conference
Management
System


T23: Human in the loop: Exploring human vulnerabilities of authentication

Half Day Tutorial

Dr Theo Tryfonas (short bio)
Bristol Cryptography Group, University of Bristol, UK

Objectives:

To discuss human aspects of authentication process design, explore the reasons of human-related failures, provide examples of relevant vulnerabilities, misconceptions and ill defined authentication schemes that facilitated exploitation of human factors. The discussions will enable interface designers, system analysts, IT managers and other key stakeholders to understand essential human-centric aspects of computer security, especially as far as authentication (i.e. establishing and verification of someone'e identity) is concerned.

Content and benefits:

The tutorial will cover aspects of cognitive biases of password, PIN and lock pattern setting by end users, it will explore the design obstacles to password policy compliance, 'soft' side channel attacks (i.e. when information is leaked through interactions with people using the system, as opposed to attacking the system directly), social engineering as well as state of art countermeasures of usable security. We will also discuss ways that security measures can be enacted successfully within the context of an organisation, causing least disruption to business operations, looking at examples of effective designs as well as end user awareness campaigns.

Target Audience:

requirements engineers, software designers, human-computer interface specialists.

Bio Sketch of Presenters:

Theo Tryfonas

Dr Theo Tryfonas (BSc, MSc, PhD, CISA, MBCS CITP) is a Senior Lecturer at the Faculty of Engineering with interests in methodologies, tools and techniques for assessing security of computing technology and developing an understanding of emerging cyber-threats. He also works in the area of digital forensics exploring human and technical aspects of the analysis of digital evidence and its challenges in a national and international context. He has co-authored over 50 relevant articles in international journals and conferences and has assisted forensic investigations acting as an Expert Witness for several cases prosecuted under the Child Protection, the Fraud and the Computer Misuse Acts. He is currently coordinator of the EU-funded project ForToo (HOME/2 010/ISEC/AG/INT/002) working on developing tools for forensic analysis of network-related incidents.
Bristol Cryptography Group.

 
Last revision date: August 23, 2013 by web@hcii2013.org   Privacy Policy
Valid XHTML 1.0! Valid CSS! Level Double-A conformance icon,W3C-WAI Web Content Accessibility Guidelines 1.0