This book makes the case that traditional security design does not take the end-user into consideration, and therefore, fails. This book goes on to explain, using a series of examples, how to rethink security solutions to take users into consideration. By understanding the limitations and habits of users – including malicious users, aiming to corrupt the system – this book Illustrates how better security technologies are made possible.
Traditional security books focus on one of the following areas: cryptography, security protocols, or existing standards. They rarely consider the end user as part of the security equation, and when they do, it is in passing. This book considers the end user as the most important design consideration, and then shows how to build security and privacy technologies that are both secure and which offer privacy. This reduces the risk for social engineering and, in general, abuse.
Advanced-levelstudents interested in software engineering, security and HCI (Human Computer Interaction) will find this book useful as a study guide. Engineers and security practitioners concerned with abuse and fraud will also benefit from the methodologies and techniques in this book.
Mục lục
PART I: Considering the Typical User.- 1. Mind your SMSes: Mitigating Social Engineering in Second Factor Authentication.- 2. Permissions and Privacy.- 3. Privacy and Tracking.- PART II: Considering the Malicious User.- 4. A Framework for Analysis Attackers’ Accounts.- 5. Environmentally and Politically Conscious Crypto.- Part III: Designing Solutions Based on Typical and Malicious Users.- 6. Social Engineering Resistant 2FA.- 7. The Rising Threat of Launchpad Attacks.- 8. Discouraging Counterfeiting.- 9. Seeing the Future.
Giới thiệu về tác giả
Dr. Markus Jakobsson has spent more than 20 years as a security researcher, scientist and entrepreneur, studying phishing, crimeware, mobile security, privacy and user interaction. He spearheaded research in malware and mobile security technologies at Qualcomm, after his startup, Fat Skunk, was acquired by Qualcomm. He performed email security research and helped track Nigerian scammers as the Chief Scientist at Agari. In addition, Dr. Jakobsson has held key roles as Principal Scientist at Pay Pal, Xerox PARC, and RSA Security, and as Chief of Security and Data Analytics at Amber Solutions. He has also worked as a testifying expert witness in a range of high-profile patent litigation cases, covering digital rights management, Internet and mobile security, authentication, and spam detection. He has a Ph D in Computer Science from University of California at San Diego
.
Thêm sách điện tử từ cùng một tác giả / Biên tập viên
16.795 Ebooks trong thể loại này
