Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Line of Trust Seminar Presentation

Sam Havron
May 02, 2017
Education
1
410

Line of Trust Seminar Presentation

A project talk for https://tlseminar.github.io/

Sam Havron

May 02, 2017
Tweet

More Decks by Sam Havron

See All by Sam Havron
STS Thesis Proposal: Privacy and Trust of Password Managers
samuelhavron
0
760

Other Decks in Education

See All in Education
Data Processing and Visualisation Frameworks - Lecture 6 - Information Visualisation (4019538FNR)
signer
PRO
1
1.7k
Monaca Educationを活用した課題解決型の探究学習の実践
asial_edu
0
200
HCL Notes 14.0 「スタイルの変更」で「3 設定の確認」を深掘り
harunakano
0
1.8k
ISMSってどんなもの?
fbei_ot
0
160
アプリ開発を目指した授業づくりについて
asial_corp
0
420
パフォーマンス・チューニング入門
oracle4engineer
PRO
2
540
Earthquake and Disaster Prevention Information for UTokyo International Students
utokyoissr2360
0
610
Data Representation - Lecture 3 - Information Visualisation (4019538FNR)
signer
PRO
1
1.7k
Родина моя Беларусь в лицах
programmer_sch2np
0
150
Virtual and Augmented Reality - Lecture 8 - Next Generation User Interfaces (4018166FNR)
signer
PRO
0
1.2k
STEAM教育の枠組で行うプログラミング学習
asial_edu
0
200
執筆テーマの決め方
sapi_kawahara
1
170

Featured

See All Featured
What's in a price? How to price your products and services
michaelherold
237
11k
Fantastic passwords and where to find them - at NoRuKo
philnash
36
2.5k
Into the Great Unknown - MozCon
thekraken
10
980
The Psychology of Web Performance [Beyond Tellerrand 2023]
tammyeverts
5
1.5k
Facilitating Awesome Meetings
lara
40
5.6k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
243
20k
Typedesign – Prime Four
hannesfritz
36
2k
Building a Modern Day 
E-commerce SEO Strategy
aleyda
16
6.3k
Designing the Hi-DPI Web
ddemaree
276
33k
Building an army of robots
kneath
300
41k
Scaling GitHub
holman
457
140k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
153
14k

Transcript

  1. CLIENT UI IMPROVING WEB BROWSER

  2. CLIENT UI MOTIVATION Trusted UI Authentication Identity Validation

  3. MOTIVATION … TRUSTED UI

  4. TRUSTED UI Trust is pixel-thin All your zones are belong

    to us AND THAT’S NOT ALL…

  5. CLIENT UI MOTIVATION Trusted UI Authentication Identity Validation

  6. MOTIVATION IDENTITY VALIDATION Who are we talking to? How are

    we talking? Where are we? Our stuff Settings Menu Security category The steering wheel IDENTITY NAVIGATION SECURITY SECURITY USER-DEFINED CONFIGURATION NAVIGATION TOO MUCH?

  7. CLIENT UI MOTIVATION Trusted UI Authentication Identity Validation

  8. STORY TIME THIS IS BOB

  9. LINE OF TRUST PICTURE-IN-PICTURE

  10. LINE OF TRUST VERIFICATION ENGINE

  11. LINE OF TRUST ACTIVE SECURITY INDICATORS TRUST ME

  12. LINE OF TRUST ACTIVE SECURITY SPOOFING TRUST ME ALWAYS UNSAFE

    NOW YOU'RE SAFE ▸ Active INsecurity

  13. LINE OF TRUST SPOOFGUARD

  14. LINE OF TRUST GUARDROID

  15. LINE OF TRUST BUILT-IN BROWSER ALERTS But is this enough

    to catch the attention of a desensitized user?

  16. LINE OF TRUST bob ************ But if this page was

    spoofed, would Bob be sufficiently suspicious of being asked to manually enter his password? PASSWORD MANAGERS The heroes no one expected

  17. LINE OF TRUST INVISIBLE SECURITY ▸ Make it "just work"

    invisibly, make security/privacy understandable (visible and intuitive), train the user, a combination of these

  18. LINE OF TRUST USER STUDY ▸ How do we answer

    these questions? Through user studies ▸ User studies are the gold standard for evaluating user interfaces ▸ Motivate potential of research area

  19. CONCLUDING THOUGHTS WHAT ELSE? Computer Vision UI Redesign Simple Idea?

    Easy to adopt?

  20. CONCLUDING THOUGHTS UI REDESIGN Who are we talking to? How

    are we talking? Where are we? Our stuff Settings Menu Security category The steering wheel IDENTITY NAVIGATION SECURITY SECURITY USER-DEFINED CONFIGURATION NAVIGATION

  21. CONCLUDING THOUGHTS GOAL: SECURITY OBJECTIVES - Send encrypted data -

    Distribute Keys - Authenticate What should a properly-designed web UI guarantee? - Minimal false positives - Understand Intent - Authenticate website.com

  22. QUESTIONS?