• Usable Security - Tipniques and Practfalls (Tips and Techniques, Pitfalls and Practices)


    Start Time:

    Jun 13, 2012 11:00 PM


    For a long time, computer security was mainly concerned with the design of various technical mechanisms for defending against adversaries, as well as with the underlying mathematical foundations such as cryptography primitives. However, the usability of such technical mechanisms was largely ignored, producing technical solutions that were theoretically sound but practically insecure because of their poor usability. More and more people agree that we need usable security systems - unusable secure systems are not used properly or at all, and thus only usable systems can provide effective security. However, there is less agreement about how to design systems that are both usable and secure. This talk will give an overview of the field of usable security with the focus on issues to avoid, techniques to use, and useful case studies. It aims to enable participants to both evaluate and produce high-quality work in usable security. We will start with a definition of usable security, and examples of how security has failed due to usability. We will then outline common approaches to and relevant design principles for security usability. Methods for improving security usability and methods for empirically establishing such improvement will be discussedl. Usability techniques successfully applied to security will be discussed, including usable design (with an emphasis on error handling), lab user studies, field user studies, and techniques for evaluating organizational cultures. Finally, we'll conclude with case studies illustrating how security and usability can be simultaneously improved, and how the principles and methods introduced in the previous part were applied. Topics that have received much attention will be highlighted, including authentication, access control and authorization, phishing defenses, and the utility of education of the user.



NEJUG Calendar

Recent Events
    • So What’s Going On With Java EE?


      Thursday March, 12, 2020 06:00 PM
      Microsoft
      5 Wayside Rd Burlington MA 01803
      0

    NOTE: Registration is ONLY via MeetUp:

    MeetUp Registration: So What’s Going On With Java EE?.


    What does JavaEE’s reincarnation as JakartaEE mean for developers? Author and JakartaEE ambassador Reza Rahman will discuss the recent history and present-day state of JakartaEE. He will then demonstrate the latest JakartaEE updates and coming attractions in Servlets, JPA, CDI, Jakarta REST, Security features, and other technologies.

    • Creating Resilient Micro-Services


      Thursday February, 13, 2020 06:00 PM

      1

    NOTE: Registration is ONLY via MeetUp:

    MeetUp Registration: Creating Resilient Micro-Services.


    The foundation of Application Resiliency is often found in the application code where Fault Tolerance is baked into the application at the time of designing and coding….

    This presentation starts with building resiliency ground-up by baking the basic crucial patterns into the application. Resiliency4j provides the out of the box integration with Spring Boot, a defacto standard micro-service framework.

    The patterns discussed include:

    • Rate Limiter
    • Retry
    • Bulkhead
    • Circuit Breaker
    • Timeouts
    • Distilling Java Containers


      Thursday January, 09, 2020 06:00 PM
      Microsoft
      5 Wayside Rd Burlington MA 01803
      1

    Register at our NEJUG MeetUp events page

    Three evolutionary ecosystems work well together: Java, Containers, and Kubernetes. Past versions of Java were never designed to be "container aware." This has led some to stray from the JVM to consider other shiny languages for Containers.

    But wait, let’s discover what Java 9, 10, 11, 12, 13 (…) has done to get our applications into efficiently distilled containers that pack nicely into Kubernetes.

    • Annual NEJUG Holiday Party - 2019!


      Thursday December, 12, 2019 06:00 PM
      Bertucci's
      475 Winter St Waltham MA 02451
      3

    The NEJUG Holiday Party is scheduled for our normal second Thursday of the month, December 12, 2019, but it is not a normal presentation meeting. Instead, it's an "all fun time" event where we get to chat, eat, drink, network, and socialize. Come, join us for dinner, great conversation and raffle prizes. Buy your tickets now and get the early bird discount!

    CLICK HERE 🡆  NEJUG Holiday Party Tickets (at EventBrite)

    Menu items include:

    • Appetizers
    • Salad
    • Bread Rolls
    • Chicken Parma
    • Four Cheese Ravioli
    • Rigatoni with Broccoli & Chicken
    • Desserts
    • Soft drinks, tea, and coffee are included.
    • Cash bar also available.
    • NO PIZZA - That's for regular meetings...

     

    Space is limited to 50 guests so buy your tickets early! Tickets for yourself and your guests are available here: https://www.eventbrite.com/e/nejug-holiday-2019-tickets-72434753297

     

    Corporate Sponsors:

    We are looking for additional corporate sponsors to help maximize the fun! Contact Avi Neer at avineer@gmail.com / (508) 523-2884 to share a sponsor idea or contact for monetary support, raffles items, or door prizes. Sponsors will be acknowledged with a logo and link on our website, and will have a short time slot during the event to speak directly with the attendees.

     

    Thanks to our primary Holiday Party sponsor:

    John Galt contributes to the success of organizations and individuals throughout the United States by expertly matching them with one another. Founded in 1997, they have worked with thousands of organizations and individuals over the years to enable them to achieve success. Their focus is on contract technology professionals in disciplines which are critical to an organization’s success.