The Experts below are selected from a list of 102 Experts worldwide ranked by ideXlab platform
Aaron Tiensivu - One of the best experts on this subject based on the ideXlab platform.
-
Securing Windows Server 2008: Prevent Attacks from Outside and Inside Your Organization
2008Co-Authors: Aaron TiensivuAbstract:Microsoft hails the latest version of its flagship server operating system, Windows Server 2008, as "the most secure Windows Server ever". However, to fully achieve this lofty status, system administrators and security professionals must install, configure, monitor, log, and troubleshoot a dizzying array of new features and tools designed to keep the bad guys out and maintain the integrity of their network servers. This is no small task considering the market saturation of Windows Server and the rate at which it is attacked by malicious hackers. According to IDC, Windows Server runs 38% of all network servers. This market prominence also places Windows Server at the top of the SANS top 20 Security Attach Targets. The first five attack targets listed in the SANS top 20 for operating systems are related to Windows Server. This doesn't mean that Windows is inherently less secure than other operating systems; it's simply a numbers game. More machines running Windows Server. More targets for attackers to hack. As a result of being at the top of the "most used" and "most hacked" lists, Microsoft has released a truly powerful suite of security tools for system administrators to deploy with Windows Server 2008. This book is the comprehensive guide needed by system administrators and security professionals to master seemingly overwhelming arsenal of new security tools including: 1. Network Access Protection, which gives administrators the power to isolate computers that don't comply with established security policies. The ability to enforce security requirements is a powerful means of protecting the network. 2. Enhanced solutions for intelligent rules and policies creation to increase Control and protection over networking functions, allowing administrators to have a policy-driven network. 3. Protection of data to ensure it can only be accessed by Users with the correct security context, and to make it available when hardware failures occur. 4. Protection against malicious software with User Account Control with a new authentication architecture. 5. Increased Control over your User settings with Expanded Group Policy. ...to name just a handful of the new security features. In short, Windows Server 2008 contains by far the most powerful and complex suite of security tools ever released in a Microsoft Server product. Securing Windows Server 2008 provides system administrators and security professionals with the knowledge they need to harness this power. * Describes new technologies and features in Windows Server 2008, such as improvements to networking and remote access features, centralized server role management, and an improved file system. * Outlines steps for installing only the necessary components and subsystems of Windows Server 2008 in your environment. No GUI needed. * Describes Windows Server 2008?s security innovations, such as Network Access Protection, Federated Rights Management, and Read-Only Domain Controller * Includes coverage of monitoring, securing, and troubleshooting Windows Server 2008 * Covers Microsoft's Hyper-V virtualization technology, which is offered as an add-on to four of the eight versions of Windows Server 2008 and as a stand-alone product
-
Securing Windows Server 2008: Prevent Attacks from Outside and Inside Your Organization
2008Co-Authors: Aaron TiensivuAbstract:Microsoft hails the latest version of its flagship server operating system, Windows Server 2008, as "the most secure Windows Server ever". However, to fully achieve this lofty status, system administrators and security professionals must install, configure, monitor, log, and troubleshoot a dizzying array of new features and tools designed to keep the bad guys out and maintain the integrity of their network servers. This is no small task considering the market saturation of Windows Server and the rate at which it is attacked by malicious hackers. According to IDC, Windows Server runs 38% of all network servers. This market prominence also places Windows Server at the top of the SANS top 20 Security Attach Targets. The first five attack targets listed in the SANS top 20 for operating systems are related to Windows Server. This doesn't mean that Windows is inherently less secure than other operating systems; it's simply a numbers game. More machines running Windows Server. More targets for attackers to hack. As a result of being at the top of the "most used" and "most hacked" lists, Microsoft has released a truly powerful suite of security tools for system administrators to deploy with Windows Server 2008. This book is the comprehensive guide needed by system administrators and security professionals to master seemingly overwhelming arsenal of new security tools including: 1. Network Access Protection, which gives administrators the power to isolate computers that don't comply with established security policies. The ability to enforce security requirements is a powerful means of protecting the network. 2. Enhanced solutions for intelligent rules and policies creation to increase Control and protection over networking functions, allowing administrators to have a policy-driven network. 3. Protection of data to ensure it can only be accessed by Users with the correct security context, and to make it available when hardware failures occur. 4. Protection against malicious software with User Account Control with a new authentication architecture. 5. Increased Control over your User settings with Expanded Group Policy. ...to name just a handful of the new security features. In short, Windows Server 2008 contains by far the most powerful and complex suite of security tools ever released in a Microsoft Server product. Securing Windows Server 2008 provides system administrators and security professionals with the knowledge they need to harness this power. * Describes new technologies and features in Windows Server 2008, such as improvements to networking and remote access features, centralized server role management, and an improved file system. * Outlines steps for installing only the necessary components and subsystems of Windows Server 2008 in your environment. No GUI needed. * Describes Windows Server 2008?s security innovations, such as Network Access Protection, Federated Rights Management, and Read-Only Domain Controller * Includes coverage of monitoring, securing, and troubleshooting Windows Server 2008 * Covers Microsoft's Hyper-V virtualization technology, which is offered as an add-on to four of the eight versions of Windows Server 2008 and as a stand-alone product
Konstantin Beznosov - One of the best experts on this subject based on the ideXlab platform.
-
do windows Users follow the principle of least privilege investigating User Account Control practices
Symposium On Usable Privacy and Security, 2010Co-Authors: Sara Motiee, Kirstie Hawkey, Konstantin BeznosovAbstract:The principle of least privilege requires that Users and their programs be granted the most restrictive set of privileges possible to perform required tasks in order to limit the damages caused by security incidents. Low-privileged User Accounts (LUA) and User Account Control (UAC) in Windows Vista and Windows 7 are two practical implementations of this principle. To be successful, however, Users must apply due diligence, use appropriate Accounts, and respond correctly to UAC prompts. With a User study and contextual interviews, we investigated the motives, understanding, behaviour, and challenges Users face when working with User Accounts and the UAC. Our results show that 69% of participants did not apply the UAC approach correctly. All 45 participants used an administrator User Account, and 91% were not aware of the benefits of low-privilege User Accounts or the risks of high-privilege ones. Their knowledge and experience were limited to the restricted rights of low-privilege Accounts. Based on our findings, we offer recommendations to improve the UAC and LUA approaches.
-
investigating User Account Control practices
Human Factors in Computing Systems, 2010Co-Authors: Sara Motiee, Kirstie Hawkey, Konstantin BeznosovAbstract:Non-administrator User Accounts and the User Account Control (UAC) approach of Windows Vista are two practical solutions to limit the damage of malware infection. UAC in Windows Vista supports usage of lower privilege Accounts; a UAC prompt allows Users to raise their privileges when required. We conducted a User study and contextual interviews to understand the motives and challenges participants face when using different User Accounts and the UAC approach. Most participants were not aware of or motivated to employ low-privileged Accounts. Moreover, most did not understand or carefully consider the prompts.
-
CHI Extended Abstracts - Investigating User Account Control practices
Proceedings of the 28th of the international conference extended abstracts on Human factors in computing systems - CHI EA '10, 2010Co-Authors: Sara Motiee, Kirstie Hawkey, Konstantin BeznosovAbstract:Non-administrator User Accounts and the User Account Control (UAC) approach of Windows Vista are two practical solutions to limit the damage of malware infection. UAC in Windows Vista supports usage of lower privilege Accounts; a UAC prompt allows Users to raise their privileges when required. We conducted a User study and contextual interviews to understand the motives and challenges participants face when using different User Accounts and the UAC approach. Most participants were not aware of or motivated to employ low-privileged Accounts. Moreover, most did not understand or carefully consider the prompts.
-
SOUPS - Do windows Users follow the principle of least privilege?: investigating User Account Control practices
Proceedings of the Sixth Symposium on Usable Privacy and Security - SOUPS '10, 2010Co-Authors: Sara Motiee, Kirstie Hawkey, Konstantin BeznosovAbstract:The principle of least privilege requires that Users and their programs be granted the most restrictive set of privileges possible to perform required tasks in order to limit the damages caused by security incidents. Low-privileged User Accounts (LUA) and User Account Control (UAC) in Windows Vista and Windows 7 are two practical implementations of this principle. To be successful, however, Users must apply due diligence, use appropriate Accounts, and respond correctly to UAC prompts. With a User study and contextual interviews, we investigated the motives, understanding, behaviour, and challenges Users face when working with User Accounts and the UAC. Our results show that 69% of participants did not apply the UAC approach correctly. All 45 participants used an administrator User Account, and 91% were not aware of the benefits of low-privilege User Accounts or the risks of high-privilege ones. Their knowledge and experience were limited to the restricted rights of low-privilege Accounts. Based on our findings, we offer recommendations to improve the UAC and LUA approaches.
-
The Challenges of Understanding Users' Security-related Knowledge, Behaviour, and Motivations
2010Co-Authors: Sara Motiee, Kirstie Hawkey, Konstantin BeznosovAbstract:In order to improve current security solutions or devise novel ones, it is important to understand Users’ knowledge, behaviour, motivations and challenges in using a security solution. However, achieving this understanding is challenging because of the limitations of current research methodologies. We have been investigating the experiences of Users with two practical implementations of the principle of least privilege (PLP) Windows Vista and Windows 7. PLP requires that Users be granted the most restrictive set of privileges possible for performing the task at hand; in other words, they should not use Accounts with administrator privileges. By following this principle, Users will be better protected from malware, security attacks, accidental or intentional modications to system congurations, and accidental or intentional unauthorized access to condential data. To obtain an understanding of their knowledge, behaviour, motivations and challenges in following PLP, we had participants complete realistic tasks during a lab study that would raise User Account Control prompts and then performed a contextual interview to probe their behaviours. We faced numerous challenges during our study, including reecting the realistic behaviour of participants, understanding their knowledge and challenges managing their User Accounts and dealing with security warnings, and generalizing our results to a wider community. We discuss how we addressed these challenges, how well our methodological design decisions worked, and the ongoing challenges.
Paul Mcfedries - One of the best experts on this subject based on the ideXlab platform.
-
Microsoft® windows® vista™ unleashed, second edition
2008Co-Authors: Paul McfedriesAbstract:Microsoft® Windows Vista™ Unleashed, Second EditionPaul McFedriesSecond EditionIncludes coverage of Windows Vista Service Pack 1!Microsoft Windows Vista Unleashed, Second Edition, is a book for people, like you, who don't consider themselves to be “average Users.” It's a book for anyone who finds that doing things the official way is slower, less efficient, and less powerful because Windows Vista was designed from the ground up to avoid confusing novice Users. The result is default settings that restrict flexibility, interminable wizards that turn 2-step tasks into 12-step sagas, and the hiding of powerful and useful programs behind layers of menus and dialog boxes. To unleash the potential of Windows Vista, you need a different approach that blows away Vista's novice features and scorns the standard way of doing things.This book goes beyond the standard-issue techniques sanctioned by Microsoft and parroted in other Windows Vista books. Instead, this book offers shortcuts for boosting your productivity, customizations for making Windows Vista work the way you do, workarounds for known Windows Vista problems, and warnings for avoiding Windows Vista pitfalls. Along the way, you'll learn about all kinds of insider details, undocumented features, powerful tools, and background facts that help put everything into perspective.Paul McFedries is the president of Logophilia Limited, a technical writing company. He has been working with computers for more than 30 years and has been using Microsoft Windows since version 1. Paul has written more than 50 books that have sold more than 3 million copies worldwide. Learn what's new in Windows Vista Service Pack 1 Customize Windows Vista startup Troubleshoot software and hardware problems Tune Windows Vista's performance Automate Windows Vista with powerful and flexible scripts Implement Internet security and privacy features Configure and administer a small network Get the most out of Control Panel, group policies, the Registry, Device Manager, and other powerful tools Set up a complete maintenance program to keep Windows Vista running smoothly Discover a complete list of Windows Vista shortcut keys, a detailed look at the Command Prompt, and a batch file primer Master the new desktop search engine and learn how to group, stack, and filter files Understand and work with Windows Vista's User Account Control security feature Get the most out of your Tablet PC Take advantage of new Internet features such as RSS feeds, multiple home pages, and tabbed browsing Category:i¾ Microsoft Operating SystemsCovers:i¾ Microsoft Windows VistaUser Level:i¾ Intermediatei¾Advanced
-
Microsoft(R) Windows(R) Vista(TM) Unleashed
2006Co-Authors: Paul McfedriesAbstract:Microsoft® Windows® Vista™ UnleashedPaul McFedriesMicrosoft® Windows® Vista™ Unleashed is a book for people, like you, who don't consider themselves to be “average Users.” It's a book for anyone who finds that doing things the official way is slower, less efficient, and less powerful because Windows Vista was designed from the ground up to avoid confusing novice Users. The result is default settings that restrict flexibility, interminable wizards that turn two-step tasks into twelve-step sagas, and the hiding of powerful and useful programs behind layers of menus and dialog boxes. To unleash the potential of Windows Vista, you need a different approach that blows away Vista's novice features and scorns the standard way of doing things.This book goes beyond the standard-issue techniques sanctioned by Microsoft and parroted in other Windows Vista books. Instead, this book offers shortcuts for boosting your productivity, customizations for making Windows Vista work the way you do, workarounds for known Windows Vista problems, and warnings for avoiding Windows Vista pitfalls. Along the way, you'll learn about all kinds of insider details, undocumented features, powerful tools, and background facts that help put everything into perspective. Learn what's new in Windows Vista Customize Windows Vista startup Troubleshoot software and hardware problems Tune Windows Vista's performance Automate Windows Vista with powerful and flexible scripts Implement Internet security and privacy features Configure and administer a small network Get the most out of Control Panel, group policies, the Registry, Device Manager, and other powerful tools Set up a complete maintenance program to keep Windows Vista running smoothly Discover a complete list of Windows Vista shortcut keys, a detailed look at the Command Prompt, and a batch file primer Master the new desktop search engine and learn how to group, stack, and filter files Understand and work with Windows Vista's User Account Control security feature Get the most out of your Tablet PC Take advantage of new Internet features such as RSS feeds, multiple home pages, and tabbed browsingPaul McFedries is the president of Logophilia Limited, a technical writing company. He has been working with computers for more than 30 years and has been using Microsoft Windows since version 1. Paul has written more than 50 books that have sold over three million copies worldwide.Category:i¾ Microsoft Operating SystemsCovers:i¾ Microsoft Windows VistaUser Level:i¾ Intermediate-Advancedwww.samspublishing.com$49.99 USA / $61.99 CAN / £35.99 Net UK
-
Microsoft Windows Vista Unleashed
2004Co-Authors: Paul McfedriesAbstract:Microsoft Windows Vista Unleashed, Second Edition Paul McFedries Second Edition Includes coverage of Windows Vista Service Pack 1! Microsoft Windows Vista Unleashed, Second Edition, is a book for people, like you, who dont consider themselves to be average Users. Its a book for anyone who finds that doing things the official way is slower, less efficient, and less powerful because Windows Vista was designed from the ground up to avoid confusing novice Users. The result is default settings that restrict flexibility, interminable wizards that turn 2-step tasks into 12-step sagas, and the hiding of powerful and useful programs behind layers of menus and dialog boxes. To unleash the potential of Windows Vista, you need a different approach that blows away Vistas novice features and scorns the standard way of doing things. This book goes beyond the standard-issue techniques sanctioned by Microsoft and parroted in other Windows Vista books. Instead, this book offers shortcuts for boosting your productivity, customizations for making Windows Vista work the way you do, workarounds for known Windows Vista problems, and warnings for avoiding Windows Vista pitfalls. Along the way, youll learn about all kinds of insider details, undocumented features, powerful tools, and background facts that help put everything into perspective. Paul McFedries is the president of Logophilia Limited, a technical writing company. He has been working with computers for more than 30 years and has been using Microsoft Windows since version 1. Paul has written more than 50 books that have sold more than 3 million copies worldwide. Learn whats new in Windows Vista Service Pack 1 Customize Windows Vista startup Troubleshoot software and hardware problems Tune Windows Vistas performance Automate Windows Vista with powerful and flexible scripts Implement Internet security and privacy features Configure and administer a small network Get the most out of Control Panel, group policies, the Registry, Device Manager, and other powerful tools Set up a complete maintenance program to keep Windows Vista running smoothly Discover a complete list of Windows Vista shortcut keys, a detailed look at the Command Prompt, and a batch file primer Master the new desktop search engine and learn how to group, stack, and filter files Understand and work with Windows Vistas User Account Control security feature Get the most out of your Tablet PC Take advantage of new Internet features such as RSS feeds, multiple home pages, and tabbed browsing Category:Microsoft Operating Systems Covers:Microsoft Windows Vista User Level:IntermediateAdvanced
Sara Motiee - One of the best experts on this subject based on the ideXlab platform.
-
do windows Users follow the principle of least privilege investigating User Account Control practices
Symposium On Usable Privacy and Security, 2010Co-Authors: Sara Motiee, Kirstie Hawkey, Konstantin BeznosovAbstract:The principle of least privilege requires that Users and their programs be granted the most restrictive set of privileges possible to perform required tasks in order to limit the damages caused by security incidents. Low-privileged User Accounts (LUA) and User Account Control (UAC) in Windows Vista and Windows 7 are two practical implementations of this principle. To be successful, however, Users must apply due diligence, use appropriate Accounts, and respond correctly to UAC prompts. With a User study and contextual interviews, we investigated the motives, understanding, behaviour, and challenges Users face when working with User Accounts and the UAC. Our results show that 69% of participants did not apply the UAC approach correctly. All 45 participants used an administrator User Account, and 91% were not aware of the benefits of low-privilege User Accounts or the risks of high-privilege ones. Their knowledge and experience were limited to the restricted rights of low-privilege Accounts. Based on our findings, we offer recommendations to improve the UAC and LUA approaches.
-
investigating User Account Control practices
Human Factors in Computing Systems, 2010Co-Authors: Sara Motiee, Kirstie Hawkey, Konstantin BeznosovAbstract:Non-administrator User Accounts and the User Account Control (UAC) approach of Windows Vista are two practical solutions to limit the damage of malware infection. UAC in Windows Vista supports usage of lower privilege Accounts; a UAC prompt allows Users to raise their privileges when required. We conducted a User study and contextual interviews to understand the motives and challenges participants face when using different User Accounts and the UAC approach. Most participants were not aware of or motivated to employ low-privileged Accounts. Moreover, most did not understand or carefully consider the prompts.
-
CHI Extended Abstracts - Investigating User Account Control practices
Proceedings of the 28th of the international conference extended abstracts on Human factors in computing systems - CHI EA '10, 2010Co-Authors: Sara Motiee, Kirstie Hawkey, Konstantin BeznosovAbstract:Non-administrator User Accounts and the User Account Control (UAC) approach of Windows Vista are two practical solutions to limit the damage of malware infection. UAC in Windows Vista supports usage of lower privilege Accounts; a UAC prompt allows Users to raise their privileges when required. We conducted a User study and contextual interviews to understand the motives and challenges participants face when using different User Accounts and the UAC approach. Most participants were not aware of or motivated to employ low-privileged Accounts. Moreover, most did not understand or carefully consider the prompts.
-
SOUPS - Do windows Users follow the principle of least privilege?: investigating User Account Control practices
Proceedings of the Sixth Symposium on Usable Privacy and Security - SOUPS '10, 2010Co-Authors: Sara Motiee, Kirstie Hawkey, Konstantin BeznosovAbstract:The principle of least privilege requires that Users and their programs be granted the most restrictive set of privileges possible to perform required tasks in order to limit the damages caused by security incidents. Low-privileged User Accounts (LUA) and User Account Control (UAC) in Windows Vista and Windows 7 are two practical implementations of this principle. To be successful, however, Users must apply due diligence, use appropriate Accounts, and respond correctly to UAC prompts. With a User study and contextual interviews, we investigated the motives, understanding, behaviour, and challenges Users face when working with User Accounts and the UAC. Our results show that 69% of participants did not apply the UAC approach correctly. All 45 participants used an administrator User Account, and 91% were not aware of the benefits of low-privilege User Accounts or the risks of high-privilege ones. Their knowledge and experience were limited to the restricted rights of low-privilege Accounts. Based on our findings, we offer recommendations to improve the UAC and LUA approaches.
-
The Challenges of Understanding Users' Security-related Knowledge, Behaviour, and Motivations
2010Co-Authors: Sara Motiee, Kirstie Hawkey, Konstantin BeznosovAbstract:In order to improve current security solutions or devise novel ones, it is important to understand Users’ knowledge, behaviour, motivations and challenges in using a security solution. However, achieving this understanding is challenging because of the limitations of current research methodologies. We have been investigating the experiences of Users with two practical implementations of the principle of least privilege (PLP) Windows Vista and Windows 7. PLP requires that Users be granted the most restrictive set of privileges possible for performing the task at hand; in other words, they should not use Accounts with administrator privileges. By following this principle, Users will be better protected from malware, security attacks, accidental or intentional modications to system congurations, and accidental or intentional unauthorized access to condential data. To obtain an understanding of their knowledge, behaviour, motivations and challenges in following PLP, we had participants complete realistic tasks during a lab study that would raise User Account Control prompts and then performed a contextual interview to probe their behaviours. We faced numerous challenges during our study, including reecting the realistic behaviour of participants, understanding their knowledge and challenges managing their User Accounts and dealing with security warnings, and generalizing our results to a wider community. We discuss how we addressed these challenges, how well our methodological design decisions worked, and the ongoing challenges.
Kirstie Hawkey - One of the best experts on this subject based on the ideXlab platform.
-
do windows Users follow the principle of least privilege investigating User Account Control practices
Symposium On Usable Privacy and Security, 2010Co-Authors: Sara Motiee, Kirstie Hawkey, Konstantin BeznosovAbstract:The principle of least privilege requires that Users and their programs be granted the most restrictive set of privileges possible to perform required tasks in order to limit the damages caused by security incidents. Low-privileged User Accounts (LUA) and User Account Control (UAC) in Windows Vista and Windows 7 are two practical implementations of this principle. To be successful, however, Users must apply due diligence, use appropriate Accounts, and respond correctly to UAC prompts. With a User study and contextual interviews, we investigated the motives, understanding, behaviour, and challenges Users face when working with User Accounts and the UAC. Our results show that 69% of participants did not apply the UAC approach correctly. All 45 participants used an administrator User Account, and 91% were not aware of the benefits of low-privilege User Accounts or the risks of high-privilege ones. Their knowledge and experience were limited to the restricted rights of low-privilege Accounts. Based on our findings, we offer recommendations to improve the UAC and LUA approaches.
-
investigating User Account Control practices
Human Factors in Computing Systems, 2010Co-Authors: Sara Motiee, Kirstie Hawkey, Konstantin BeznosovAbstract:Non-administrator User Accounts and the User Account Control (UAC) approach of Windows Vista are two practical solutions to limit the damage of malware infection. UAC in Windows Vista supports usage of lower privilege Accounts; a UAC prompt allows Users to raise their privileges when required. We conducted a User study and contextual interviews to understand the motives and challenges participants face when using different User Accounts and the UAC approach. Most participants were not aware of or motivated to employ low-privileged Accounts. Moreover, most did not understand or carefully consider the prompts.
-
CHI Extended Abstracts - Investigating User Account Control practices
Proceedings of the 28th of the international conference extended abstracts on Human factors in computing systems - CHI EA '10, 2010Co-Authors: Sara Motiee, Kirstie Hawkey, Konstantin BeznosovAbstract:Non-administrator User Accounts and the User Account Control (UAC) approach of Windows Vista are two practical solutions to limit the damage of malware infection. UAC in Windows Vista supports usage of lower privilege Accounts; a UAC prompt allows Users to raise their privileges when required. We conducted a User study and contextual interviews to understand the motives and challenges participants face when using different User Accounts and the UAC approach. Most participants were not aware of or motivated to employ low-privileged Accounts. Moreover, most did not understand or carefully consider the prompts.
-
SOUPS - Do windows Users follow the principle of least privilege?: investigating User Account Control practices
Proceedings of the Sixth Symposium on Usable Privacy and Security - SOUPS '10, 2010Co-Authors: Sara Motiee, Kirstie Hawkey, Konstantin BeznosovAbstract:The principle of least privilege requires that Users and their programs be granted the most restrictive set of privileges possible to perform required tasks in order to limit the damages caused by security incidents. Low-privileged User Accounts (LUA) and User Account Control (UAC) in Windows Vista and Windows 7 are two practical implementations of this principle. To be successful, however, Users must apply due diligence, use appropriate Accounts, and respond correctly to UAC prompts. With a User study and contextual interviews, we investigated the motives, understanding, behaviour, and challenges Users face when working with User Accounts and the UAC. Our results show that 69% of participants did not apply the UAC approach correctly. All 45 participants used an administrator User Account, and 91% were not aware of the benefits of low-privilege User Accounts or the risks of high-privilege ones. Their knowledge and experience were limited to the restricted rights of low-privilege Accounts. Based on our findings, we offer recommendations to improve the UAC and LUA approaches.
-
The Challenges of Understanding Users' Security-related Knowledge, Behaviour, and Motivations
2010Co-Authors: Sara Motiee, Kirstie Hawkey, Konstantin BeznosovAbstract:In order to improve current security solutions or devise novel ones, it is important to understand Users’ knowledge, behaviour, motivations and challenges in using a security solution. However, achieving this understanding is challenging because of the limitations of current research methodologies. We have been investigating the experiences of Users with two practical implementations of the principle of least privilege (PLP) Windows Vista and Windows 7. PLP requires that Users be granted the most restrictive set of privileges possible for performing the task at hand; in other words, they should not use Accounts with administrator privileges. By following this principle, Users will be better protected from malware, security attacks, accidental or intentional modications to system congurations, and accidental or intentional unauthorized access to condential data. To obtain an understanding of their knowledge, behaviour, motivations and challenges in following PLP, we had participants complete realistic tasks during a lab study that would raise User Account Control prompts and then performed a contextual interview to probe their behaviours. We faced numerous challenges during our study, including reecting the realistic behaviour of participants, understanding their knowledge and challenges managing their User Accounts and dealing with security warnings, and generalizing our results to a wider community. We discuss how we addressed these challenges, how well our methodological design decisions worked, and the ongoing challenges.
