Skip to main content
SpringerLink
Log in

Modelling and analysing cognitive causes of security breaches

  • Original Paper
  • Published:
Innovations in Systems and Software Engineering Aims and scope Submit manuscript

Abstract

In this paper we are concerned with security issues that arise in the interaction between user and system. We focus on cognitive processes that affect security of information flow from the user to the computer system and the resilience of the whole system to intruder attacks. For this, we extend our framework developed for the verification of usability properties by introducing two kinds of intruder models, an observer and an active intruder, with the associated security properties. Finally, we consider small examples to illustrate the ideas and approach. These examples demonstrate how our framework can be used (a) to detect confidentiality leaks, caused by a combination of an inappropriate design and certain aspects of human cognition, and (b) to identify designs more susceptible to cognitively based intruder attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Adams A, Sasse MA (1999) Users are not the enemy. CACM 42(12): 41–46

    Google Scholar 

  2. Beckert B, Beuster G (2006) A method for formalizing, analyzing, and verifying secure user interfaces. In: Proc ICFEM 2006, vol 4260 of LNCS, Springer, Heidelberg, pp 55–73

  3. Bell DE, La Padula LJ (1976) Secure computer system: unified exposition and Multics interpretation. Tech Rep MTR-2997, MITRE Corp, MA

  4. Blandford A, Rugg G (2002) A case study on integrating contextual information with usability evaluation. Int J Hum Comput Stud 57(1): 75–99

    Article  Google Scholar 

  5. Butterworth R, Blandford A, Duke D (2000) Demonstrating the cognitive plausibility of interactive systems. Form Asp Comput 12: 237–259

    Article  MATH  Google Scholar 

  6. Byrne MD, Bovair S (1997) A working memory model of a common procedural error. Cogn Sci 21(1): 31–61

    Article  Google Scholar 

  7. Cerone A, Lindsay PA, Connelly S (2005) Formal analysis of human-computer interaction using model-checking. In: Proc SEFM 2005, IEEE Press, pp 352–362

  8. Chung PH, Byrne MD (2004) Visual cues to reduce errors in a routine procedural task. In: Proc 26th ann conf of the Cognitive Science Society, Cognitive Science Society, pp 227–232

  9. Curzon P, Blandford AE (2001) Detecting multiple classes of user errors. In: Little R, Nigay L (eds) Proc EHCI 2001, vol 2254 of LNCS, Springer, Heidelberg, pp 57–71

  10. Curzon P, Rukšėnas R, Blandford A (2007) An approach to formal verification of human-computer interaction. Form Asp Comput 19(4): 513–550

    Article  MATH  Google Scholar 

  11. Denning DE, Denning PJ (1977) Certification of programs for secure information flow. CACM 20(7): 504–513

    MATH  Google Scholar 

  12. de Moura L, Owre S, Ruess H et al (2004) SAL 2. In: Alur R, Peled DA (eds) Computer aided verification: CAV 2004, vol 3114 of LNCS, Springer, Heidelberg, pp 496–500

  13. Goguen JA, Meseguer J (1982) Security policies and security models. In: Proc IEEE symp on security and privacy, April 1982, IEEE Press, pp 11–20

  14. Hollnagel E (1998) Cognitive reliability and error analysis method. Elsevier, Amsterdam

    Google Scholar 

  15. John BE, Kieras DE (1996) The GOMS family of user interface analysis techniques: comparison and contrast. ACM Trans CHI 3(4): 320–351

    Google Scholar 

  16. Ka-Ping Y (2002) User interaction design for secure systems. In: Deng R et al (eds) Proc ICICS 2002, vol 2513 of LNCS. Springer, Heidelberg, pp 278–290

    Google Scholar 

  17. Li SYW, Blandford A, Cairns P, Young RM (2005) Post-completion errors in problem solving. In: Proc 27th ann conf of the Cognitive Science Society, Cognitive Science Society, pp 1278–1283

  18. Li SYW, Cox AL, Blandford A et al (2006) Further investigations into post-completion error: the effects of interruption position and duration. In: Proc 28th ann conf of the Cognitive Science Society, Cognitive Science Society, pp 471–476

  19. Myers AC (1999) JFlow: practical mostly static information flow control. In: Proc of ACM symposium on principles of programming languages, pp 228–241

  20. Newell A (1990) Unified theories of cognition. Harvard University Press, Cambridge

    Google Scholar 

  21. Rukšėnas R, Back J, Curzon P, Blandford A (2008) Formal modelling of salience and cognitive load. In: Proc 2nd int workshop on formal methods for interactive systems: FMIS 2007, Electron Notes Theor Comput Sci 208C:57–75

  22. Rukšėnas R, Curzon P, Back J, Blandford A (2007) Formal modelling of cognitive interpretation. In: Proc. DSVIS 2006, vol 4323 of LNCS, Springer, Heidelberg, pp 123–136

  23. Rukšėnas R, Curzon P, Blandford A (2007) Detecting cognitive causes of confidentiality leaks. In: Proc 1st int workshop on formal methods for interactive systems: FMIS 2006, Electron Notes Theor Comput Sci, vol 183, pp 21–38

  24. Rushby J (2001) Analyzing cockpit interfaces using formal methods. Electron Notes Theor Comput Sci 43: 1–14

    Article  Google Scholar 

  25. Sabelfeld A, Myers AC (2003) Language-based information-flow security. IEEE J Sel Area Comm 21(1): 1–15

    Article  Google Scholar 

  26. Volpano D, Smith G, Irvine C (1996) A sound type system for secure flow analysis. J Comput Secur 4(3): 167–187

    Google Scholar 

  27. Zurko ME (2005) User-centered security: stepping up to the grand challenge. In: Proc ACSAC 2005, IEEE Press, pp 187–202

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, Queen Mary, University of London, Mile End, London, E1 4NS, UK

    Rimvydas Rukšėnas & Paul Curzon

  2. UCL Interaction Centre, UCL, 31-32 Alfred Place, London, WC1E 7DP, UK

    Ann Blandford

Authors
  1. Rimvydas Rukšėnas
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Paul Curzon
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ann Blandford
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Rimvydas Rukšėnas.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Rukšėnas, R., Curzon, P. & Blandford, A. Modelling and analysing cognitive causes of security breaches. Innovations Syst Softw Eng 4, 143–160 (2008). https://doi.org/10.1007/s11334-008-0050-7

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11334-008-0050-7

Keywords

Search

Navigation