Abstract
In this paper we are concerned with security issues that arise in the interaction between user and system. We focus on cognitive processes that affect security of information flow from the user to the computer system and the resilience of the whole system to intruder attacks. For this, we extend our framework developed for the verification of usability properties by introducing two kinds of intruder models, an observer and an active intruder, with the associated security properties. Finally, we consider small examples to illustrate the ideas and approach. These examples demonstrate how our framework can be used (a) to detect confidentiality leaks, caused by a combination of an inappropriate design and certain aspects of human cognition, and (b) to identify designs more susceptible to cognitively based intruder attacks.
Access this article
Rent this article via DeepDyve
Similar content being viewed by others
Explore related subjects
Discover the latest articles, news and stories from top researchers in related subjects.References
Adams A, Sasse MA (1999) Users are not the enemy. CACM 42(12): 41–46
Beckert B, Beuster G (2006) A method for formalizing, analyzing, and verifying secure user interfaces. In: Proc ICFEM 2006, vol 4260 of LNCS, Springer, Heidelberg, pp 55–73
Bell DE, La Padula LJ (1976) Secure computer system: unified exposition and Multics interpretation. Tech Rep MTR-2997, MITRE Corp, MA
Blandford A, Rugg G (2002) A case study on integrating contextual information with usability evaluation. Int J Hum Comput Stud 57(1): 75–99
Butterworth R, Blandford A, Duke D (2000) Demonstrating the cognitive plausibility of interactive systems. Form Asp Comput 12: 237–259
Byrne MD, Bovair S (1997) A working memory model of a common procedural error. Cogn Sci 21(1): 31–61
Cerone A, Lindsay PA, Connelly S (2005) Formal analysis of human-computer interaction using model-checking. In: Proc SEFM 2005, IEEE Press, pp 352–362
Chung PH, Byrne MD (2004) Visual cues to reduce errors in a routine procedural task. In: Proc 26th ann conf of the Cognitive Science Society, Cognitive Science Society, pp 227–232
Curzon P, Blandford AE (2001) Detecting multiple classes of user errors. In: Little R, Nigay L (eds) Proc EHCI 2001, vol 2254 of LNCS, Springer, Heidelberg, pp 57–71
Curzon P, Rukšėnas R, Blandford A (2007) An approach to formal verification of human-computer interaction. Form Asp Comput 19(4): 513–550
Denning DE, Denning PJ (1977) Certification of programs for secure information flow. CACM 20(7): 504–513
de Moura L, Owre S, Ruess H et al (2004) SAL 2. In: Alur R, Peled DA (eds) Computer aided verification: CAV 2004, vol 3114 of LNCS, Springer, Heidelberg, pp 496–500
Goguen JA, Meseguer J (1982) Security policies and security models. In: Proc IEEE symp on security and privacy, April 1982, IEEE Press, pp 11–20
Hollnagel E (1998) Cognitive reliability and error analysis method. Elsevier, Amsterdam
John BE, Kieras DE (1996) The GOMS family of user interface analysis techniques: comparison and contrast. ACM Trans CHI 3(4): 320–351
Ka-Ping Y (2002) User interaction design for secure systems. In: Deng R et al (eds) Proc ICICS 2002, vol 2513 of LNCS. Springer, Heidelberg, pp 278–290
Li SYW, Blandford A, Cairns P, Young RM (2005) Post-completion errors in problem solving. In: Proc 27th ann conf of the Cognitive Science Society, Cognitive Science Society, pp 1278–1283
Li SYW, Cox AL, Blandford A et al (2006) Further investigations into post-completion error: the effects of interruption position and duration. In: Proc 28th ann conf of the Cognitive Science Society, Cognitive Science Society, pp 471–476
Myers AC (1999) JFlow: practical mostly static information flow control. In: Proc of ACM symposium on principles of programming languages, pp 228–241
Newell A (1990) Unified theories of cognition. Harvard University Press, Cambridge
Rukšėnas R, Back J, Curzon P, Blandford A (2008) Formal modelling of salience and cognitive load. In: Proc 2nd int workshop on formal methods for interactive systems: FMIS 2007, Electron Notes Theor Comput Sci 208C:57–75
Rukšėnas R, Curzon P, Back J, Blandford A (2007) Formal modelling of cognitive interpretation. In: Proc. DSVIS 2006, vol 4323 of LNCS, Springer, Heidelberg, pp 123–136
Rukšėnas R, Curzon P, Blandford A (2007) Detecting cognitive causes of confidentiality leaks. In: Proc 1st int workshop on formal methods for interactive systems: FMIS 2006, Electron Notes Theor Comput Sci, vol 183, pp 21–38
Rushby J (2001) Analyzing cockpit interfaces using formal methods. Electron Notes Theor Comput Sci 43: 1–14
Sabelfeld A, Myers AC (2003) Language-based information-flow security. IEEE J Sel Area Comm 21(1): 1–15
Volpano D, Smith G, Irvine C (1996) A sound type system for secure flow analysis. J Comput Secur 4(3): 167–187
Zurko ME (2005) User-centered security: stepping up to the grand challenge. In: Proc ACSAC 2005, IEEE Press, pp 187–202
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Rukšėnas, R., Curzon, P. & Blandford, A. Modelling and analysing cognitive causes of security breaches. Innovations Syst Softw Eng 4, 143–160 (2008). https://doi.org/10.1007/s11334-008-0050-7
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11334-008-0050-7