What do you think?
Rate this book
Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop
Despite many advances, security and privacy often remain too complex for individuals or enterprises to manage effectively or to use conveniently. Security is hard for users, administrators, and developers to understand, making it all too easy to use, configure, or operate systems in ways that are inadvertently insecure. Moreover, security and privacy technologies originally were developed in a context in which system administrators had primary responsibility for security and privacy protections and in which the users tended to be sophisticated. Today, the user base is much wider-including the vast majority of employees in many organizations and a large fraction of households-but the basic models for security and privacy are essentially unchanged.
Security features can be clumsy and awkward to use and can present significant obstacles to getting work done. As a result, cybersecurity measures are all too often disabled or bypassed by the users they are intended to protect. Similarly, when security gets in the way of functionality, designers and administrators deemphasize it.
The result is that end users often engage in actions, knowingly or unknowingly, that compromise the security of computer systems or contribute to the unwanted release of personal or other confidential information. Toward Better Usability, Security, and Privacy of Information Technology discusses computer system security and privacy, their relationship to usability, and research at their intersection.
Security features can be clumsy and awkward to use and can present significant obstacles to getting work done. As a result, cybersecurity measures are all too often disabled or bypassed by the users they are intended to protect. Similarly, when security gets in the way of functionality, designers and administrators deemphasize it.
The result is that end users often engage in actions, knowingly or unknowingly, that compromise the security of computer systems or contribute to the unwanted release of personal or other confidential information. Toward Better Usability, Security, and Privacy of Information Technology discusses computer system security and privacy, their relationship to usability, and research at their intersection.
70 pages, Paperback
First published January 1, 2010
2 people want to read
About the author
National Research Council
6,246 books43 followersThe National Research Council (NRC) functions under the auspices of the National Academy of Sciences (NAS), the National Academy of Engineering (NAE), and the Institute of Medicine (IOM). The NAS, NAE, IOM, and NRC are part of a private, nonprofit institution that provides science, technology and health policy advice under a congressional charter signed by President Abraham Lincoln that was originally granted to the NAS in 1863. Under this charter, the NRC was established in 1916, the NAE in 1964, and the IOM in 1970. The four organizations are collectively referred to as the National Academies.
The mission of the NRC is to improve government decision making and public policy, increase public education and understanding, and promote the acquisition and dissemination of knowledge in matters involving science, engineering, technology, and health. The institution takes this charge seriously and works to inform policies and actions that have the power to improve the lives of people in the U.S. and around the world.
The NRC is committed to providing elected leaders, policy makers, and the public with expert advice based on sound scientific evidence. The NRC does not receive direct federal appropriations for its work. Individual projects are funded by federal agencies, foundations, other governmental and private sources, and the institution’s endowment. The work is made possible by 6,000 of the world’s top scientists, engineers, and other professionals who volunteer their time without compensation to serve on committees and participate in activities. The NRC is administered jointly by the NAS, NAE, and the IOM through the NRC Governing Board.
The core services involve collecting, analyzing, and sharing information and knowledge. The independence of the institution, combined with its unique ability to convene experts, allows it to be responsive to a host of requests.
The portfolio of activities includes:
* Consensus Studies: These comprehensive reports focus on major policy issues and provide recommendations for solving complex problems.
* Expert Meetings and Workshops: By convening symposia, workshops, meetings, and roundtables, the NRC connects professionals as well as the interested public and stimulates dialogue on diverse matters.
* Program and Research Management: At the request of state and federal agencies, the NRC manages and evaluates research programs, conducts program assessments, and reviews proposals.
* Fellowships: The NRC administers several postdoctoral fellowship programs.
Free Scientific Information: Publishing more than 200 reports and related publications each year, the institution is one of the largest providers of free scientific and technical information in the world. Most of it is now on the Web at www.nap.edu.
The mission of the NRC is to improve government decision making and public policy, increase public education and understanding, and promote the acquisition and dissemination of knowledge in matters involving science, engineering, technology, and health. The institution takes this charge seriously and works to inform policies and actions that have the power to improve the lives of people in the U.S. and around the world.
The NRC is committed to providing elected leaders, policy makers, and the public with expert advice based on sound scientific evidence. The NRC does not receive direct federal appropriations for its work. Individual projects are funded by federal agencies, foundations, other governmental and private sources, and the institution’s endowment. The work is made possible by 6,000 of the world’s top scientists, engineers, and other professionals who volunteer their time without compensation to serve on committees and participate in activities. The NRC is administered jointly by the NAS, NAE, and the IOM through the NRC Governing Board.
The core services involve collecting, analyzing, and sharing information and knowledge. The independence of the institution, combined with its unique ability to convene experts, allows it to be responsive to a host of requests.
The portfolio of activities includes:
* Consensus Studies: These comprehensive reports focus on major policy issues and provide recommendations for solving complex problems.
* Expert Meetings and Workshops: By convening symposia, workshops, meetings, and roundtables, the NRC connects professionals as well as the interested public and stimulates dialogue on diverse matters.
* Program and Research Management: At the request of state and federal agencies, the NRC manages and evaluates research programs, conducts program assessments, and reviews proposals.
* Fellowships: The NRC administers several postdoctoral fellowship programs.
Free Scientific Information: Publishing more than 200 reports and related publications each year, the institution is one of the largest providers of free scientific and technical information in the world. Most of it is now on the Web at www.nap.edu.
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
No one has reviewed this book yet.