If HTTPS Were Secure I Wouldn't Need 2FA - End User and Administrator Mental Models of HTTPS
Offered By: IEEE via YouTube
Course Description
Overview
Explore a comprehensive analysis of end user and administrator mental models of HTTPS in this 20-minute IEEE conference talk. Delve into the findings of a qualitative study involving 18 end users and 12 administrators, revealing misconceptions about security benefits and threat models. Examine the differences between end user and administrator mental models, with end users tending towards more conceptual understanding and administrators focusing on protocol-based knowledge. Discover how end users often confuse encryption with authentication, underestimate HTTPS security benefits, and disregard security indicators. Learn about administrators' challenges in understanding the interplay of functional protocol components. Gain insights into the implications of these mental models and receive actionable recommendations for improving user interfaces and protocols in the future.
Syllabus
"If HTTPS Were Secure I wouldn't Need 2FA" End User and Administrator Mental Models of HTTPS
Taught by
IEEE Symposium on Security and Privacy
Tags
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network