Embed Size (px)
Citation preview
Module U1:Human Capability and IA
Azene Zenebe, Ph.D., and
Lola Staples, M.Sc.Management of Information Systems Department
Center for Business and Graduate Studies, Room 3330
14000 Jericho Park Road, Bowie, MD 20715
1
Presentation Outline
Overview Introduction Human Capability and Security Factors for Human Capability Models in Human Computer Interaction (HCI) Importance to Usability of Security Systems Human Behavior and Security Summary Discussion Questions
2
Overview Users are not always capable of performing the
right decisions regarding security.
If users have to invest too much mental effort in working out how to operate security systems, they will be less efficient and make more errors.
Human – security system interaction is a cognitive activity.
3
ObjectivesWhen you complete this module, you will be
able to: Describe human capability Discuss factors that determine human capability Describe the relationship between usability of security
systems and human capability Discuss human behavior in security systems Determine factors affecting human behaviors in
security systems Conduct a study of user behaviors in a security
system 4
Introduction
Users interact with computer and information security systems differently and have different behavior.
The purpose of this module is to provide definitions, background and theoretical framework for human capability and behavior in relationship to the usability of computer and information security systems.
5
Human Capability and Security
Humans carry out tasks in which information is created, accessed and/or manipulated.
The more complicated the interaction with the computer systems the more frustrated users become and the more distracted they are from their real tasks.
Users are not always capable of performing the right decisions regarding security.
6
Human Capability and Security Several studies indicated that:
ˉ The mechanism for encryption, authorization or authentication can be difficult for people to understand or use.
ˉ People often fail to recognize security risks or the information provided to alert them.
Computer interaction is a cognitive activity that involves processing of information in the mind
7
Human Capability and Security - What is Cognition?
What is cognition?
According to the Encyclopædia Britannica’s definition, cognition includes “all processes of consciousness by which knowledge is accumulated, such as perceiving, recognizing, conceiving, and reasoning.”
8
Factors for Human Capacity Key factors that affect the way users
interact with computer systems are (Benyon, 1993):ˉ our sensorsˉ attention ˉ memory
ˉ sensory, ˉ short term or working and ˉ long term
ˉ learning andˉ mental models
9
Factors - Sensors Perception – The process of seeing an active
process: ˉ mainly visual environmental informationˉ can be previously stored knowledge ˉ provides a more constant view of the world ˉ highly related to user interface with security
systems should be legible distinguishable comprehensible uncluttered and meaningfully structured
10
Factors – Attention
Attention - Our capability to attend to amass of information at one time
ˉ We can see, hear, and smell at one time.
ˉ We are multi-tasking
ˉ Hence few tasks or decisions receive our full attention at any given time
11
Factors - Memory
Memory - Our ability to store and remember.
There are three main types of meory:ˉ sensory memory (SM)ˉ short term or working memory (STM) ˉ long-term memory (LTM)
12
Factors - Sensory-Memory (SM)
SM retains an exact copy of what is seen, heard or touchedˉ mainly visual and auditory
SM lasts only a few seconds and has unlimited capacity
13
Factors-Short Term Memory(STM)
STM works like RAM memory STM provides a working space and is
vulnerable to interruption or interference STM has the ability to retain a limited
capacity of up to 7 pieces of independent information with a single aspect, i.e., actually, 7 +/- 2 “chunks.”7 is called the Millers Magic Number.
Items in STM last from 3 to 20 seconds
14
Factors - STM: “Chunking” “Chunking” allows the brain to
automatically group certain items together, e.g., a telephone number.
We remember phone numbers by their aspects of 2 or more groupings.
We don't really remember "seven" numbers
15
Factors - Long Term Memory (LTM)
LTM defined as relatively permanent storage…ˉ information is stored by meaning and
importance. ˉ Information can be stored for extended
periods of time ˉ capacity limits are unknown
Information moves from STM to LTM
16
Factors - Long Term Memory Information moves from STM to LTM
by ˉ rehearsal ˉ practice …and ˉ use in context.
“LTM stores interrelated networks of mental models of the world that form intricate knowledge structures.”
17
Factors - Long Term Memory (Con’t)
According to Clark (2004):ˉ LTM has a strong influence on perception
through top-down processing…
ˉ Our prior knowledge affects how we perceive sensory information…
ˉ Our expectations regarding a particular sensory experience influence how we interpret it….this is how we develop bias.
18
Factors - Learning According to the Merriam-Webster Online
Dictionary, learning is defined as “ … 2 : knowledge or skill acquired by instruction or study. 3 : modification of a behavioral tendency by experience (as exposure to conditioning) “
The ability to learn is possessed by humans, animals and some machines
19
Factors - Mental Model (MM) (Norman, 1988).
MM is a set of beliefs about how a system works.
Users interact with systems based on their MM. Some properties of MM:
ˉ Enable users to understand the working of a security system.
ˉ Can be built-on-the-fly from knowledge of prior system experience, training, and interaction
ˉ Is unstable and subject to changeˉ Contains minimal information
20
Factors -Human Processors (HP)
Information processing in HP involves (Card, Moran & Newell,1983):ˉ Encoding the information into some form of
internal representationˉ This is related to perception
ˉ Comparing this representation with previously stored representations in the brain
ˉ this is related to attention and memory
ˉ Deciding on appropriate responses; andˉ Organizing a response and necessary action
21
The Information Processing Model
22
Figure 1. The Information Processing Model (Clark, 2004; used with permission). http://www.nwlink.com/~donclark/hrd/learning/memory.html
Models of Human Performance
Models of Human Performance A simple model of human cognition is
empirically developed by Card, Moran, Newell in 1983.
The components are Senses, Sensory store, Short-term memory, Long-term memory, and processors.ˉ Processors cycle time of 50-200msˉ Memories have type, capacity and decay time ˉ See Figure for the Model Summary
23
Human Performance – Summary of empirical study by Card, Moran, Newell in 1983.
Components Function Decay Time CapacitySenses processor- Perceptual
Continuously capture data
Decay: 100ms [50 – 200] ms
unlimited
Senses processor - - Motor
Continuously capture data
Decay: 70ms [30 – 100] ms
unlimited
Senses processor - - Cognitive
Continuously capture data
Decay: 70ms [25– 170] ms
unlimited
Sensor store – Visual Stores most recent input unrecognized
Decay: 200ms [70 - 1000]ms
17 letters of text [7 - 17] letters
Sensor store- AudioStores most recent input unrecognized
Decay: 1500ms [900 - 3500]ms
5 letters of text [4.4-6.6] letters
STM Gets basic recognition from Sensory Store
Decay: 7 seconds [5 - 226] seconds
7 chunks [5 - 9] chunks
LTM Store Episodic & Semantic information
Not estimated Unlimited
24
Importance to Usability of Security Systems
Knowledge of human capability helps:ˉ Predict what users will remember, retain,
understand and use.ˉ Plan on how to make new security related
knowledge and information retained in user’s Long Term Memory during training.
ˉ Use chunking in presentation of security information and codes such as passwords, access codes, etc. to users.
25
Amount of Human Effort Required – Examples PKI
Things PKI end-users have to learn(Sasse & Flechais, 2006):ˉ How to create keysˉ How to import a trust anchorˉ How to import a certificateˉ How to protect private keysˉ How to apply for a certificate
26
Amount of Human Effort and Security – Examples PKI (Con't)
Things PKI end-users have to learn(Sasse & Flechais, 2006):ˉ How to turn on digital signingˉ How to get and import someone’s public keyˉ How to export a certificate
27
Models in Human Computer Interaction (Norman (1988), Cooper (1995) & IBM (1992) )
Designer’s Model: The way the designer represents the application.
Programmer’s Model: The actual way that a system works from a programmer’s perspective.
User’s Mental Modelˉ The way that the user perceives how the
systems works. User model: incorporates the cognitive and
performance characteristics of a user.28
Interaction-Design Model
29
Designer’s Model, User’s Mental Model and System images
Source: http://www.interaction-design.org/encyclopedia/mental_models_glossary.html)
Importance of Mental Models to Usability
For Learning & retaining systems’ operationsˉ Correct mental models => more usable =>
users are effective, efficient, and satisfied
An inaccurate mental model of what is happening in a system leads to errors.
Ideally, interface and system shall be consistent with our mental models about computers, environment and everyday objects.
30
Quick Quiz Why do we have difficulty in remembering some of our
passwords? Where do humans store passwords and how do we
recall them? Explain the role of STM, LTM, and Chunking while using
simple and complex passwords. What are the different tasks to be completed to use a
firewall a) by end-user, b) by system administrator? Compare and contrast user model, mental model,
designer’s model and programmer model. What is the mental model of a user about a firewall?
31
Human Behavior and Security –Risks
People exaggerate risks that are (Schneier, 2007 ) :ˉ Rareˉ Personifiedˉ Beyond their controlˉ Intentional or man-madeˉ Immediateˉ Rapidly occurring
32
Human Behavior and Security – Risks (Con’t)
Users minimize their risk and tend to (West, 2008):ˉ Not think they are at risk ˉ Not give security their full attentionˉ Focus on their goals, such as completing a
task….e.g., completing their on-line paymentˉ Think of security and safety as abstract
concepts resulting in quick decisions without considering all the risks, consequences and options
33
Human Behavior and Security – Risks (Con’t)
Examples of risky behavior: ˉ Opening a file with attachments from
unknown sources where a user does have a great interest in the content of the file from its subject heading
ˉ Download and installation of an ActiveX control from an unknown source in order to view the Web page content
34
Human Behavior and Security - Risks (Con’t)
To improve security behavior, designers and developers of security systems can (West, 2008):ˉ Include a means to reward pro-security behavior,
i.e., notify them of unauthorized attempts to access files
ˉ Improve risk awareness using message alerts and sounds.
ˉ Catch security policy violators using auditing and monitoring techniques
ˉ Reduce the cost by making security systems easy to install, configure and use.
35
Quiz
What are the common attitudes of users with regard to risks associated with computer?
Discuss how users make decisions when they face security challenges.
36
Framework for Studying User Behavior in Security
The Social-cognitive Theory (Bandura, 1986) can be used as a theoretical framework forˉ studying experiences related to security
behavior and ˉ identifying factors that influence user’s
behavior It is based on a reciprocal relationship
between: behavior, cognition and environmental factors
37
Social–Cognitive Theory
38
Figure: Social Cognitive Theory (Bandura, 1986) (Source: http://www.des.emory.edu/mfp/eff.html)
Framework for Studying User Behavior (con’t)
Applying the Theory:ˉ The behavior of users of security systems
depends on the individual’s cognitions and emotions by observing and exploiting the environment (e.g. other co-workers’ behavior).
ˉ It is expected that self-efficacy (belief to execute behavior to achieve an outcome) has strong influence with use of security systems
39
Framework for Studying User Behavior – Social-cognitive Theory
The Social-cognitive Theory also presents:ˉ The possibility of learning from experienceˉ And learning from the behavior of respected
individuals like colleagues and leaders.ˉ Finally, knowledge or information about
security risks is expected to have impact on security related behavior of users.
40
Framework for Studying User Behavior – Social-cognitive Theory
Therefore, to study experience and factors influencing user behavior, a model should consider: ˉ the personal characters of users including:
ˉ cognitive capacity; ˉ socio-demographic factors, ˉ attitudes, beliefs, values, experience, education
and knowledge;
ˉ the environmental factors of users
41
Quiz
What SCT? How can SCT be used in studying the
behavior of Security systems?
42
Takeaway Slides - Summary
Analysts, designers, programmers and system administrators of information security systems need to consider facts about ˉ human capability and ˉ human behavior during their activities.
Security threats can arise from human errors and cognitive limitations during the installation, configuration, use and maintenance of these computer and information security systems
43
Summary - Human Capabilities Demanding too much mental effort by users
in operating the computer equates to less efficiency and more errors.
People often fail to recognize security risks or the information provided to them.
Users are not always capable of performing the right decisions regarding security
ˉ Security mechanisms such as encryption and authorization can be difficult for people to understand or use.
44
Summary -Human Capabilities Factors Key factors are: sensors, attention,
processor/information processing, memory, learning and mental models of users
Humans are multitasking, therefore, few tasks or decisions receive full attention at a given time.
45
Summary Human Capacity - Cognition Model
Human Cognition Model comprised of:ˉ Senses, sensory store, short term
memory, long-term memory and ˉ processors.
Humans have limited capacity for information processing
Empirical model developed by Card, Moran and Newell in 1983 estimated various capabilities, decay times, etc.
46
Summary -Human Capabilities
Security threats can arise from human errors and cognitive limitations during the:ˉ installationˉ configurationˉ use and maintenance of computers and
information security systems.
47
Summary – Chunking Chunking allows the brain to automatically
group certain items together. Human beings have a limited capacity of
remembering up to seven pieces of independent information
ˉ These seven pieces of information are remembered with a single aspect and one exposure. Actually represents 7+/-2 “chunks,” or (7 plus or minus two pieces of information, or between 5 and 9 items)
48
Summary -Human Capability Knowledge
Knowledge of human capability helps:ˉ predict what users will remember, retain,
understand and use.ˉ in understanding how to retain new
security related knowledge and information in user’s Long Term Memory.
ˉ In using “chunking” when presenting security information and codes such as passwords and access codes.
49
Summary - Models
Designer and user mental models of security systems should match
Burden should be on the system designers to build user expectations into the system.
Accurate model lead to effective, efficient and satisfied customers….
Inaccurate models lead to errors.
50
Summary -Human Behavior and Security
Users (West, 2008)ˉ Are not good decision makersˉ Tend to take risksˉ Do not give full attention to security risksˉ Think security and safety are abstract
conceptsˉ Make quick decisions without considering
all of the risks, consequences and options.
51
Summary -Human Behavior and Security
To Improve user security behavior, designers of security systems (West, 2008):ˉ Should create a mechanism to reward pro-
security behavior of users.
ˉ Improve the awareness of risk through
training about risks, using message alerts and sounds with security systems that capture the attention of users.
52
Summary -Human Behavior and Security
To Improve user security behavior, personnel in security systems can (West, 2008):ˉ Catch corporate security policy violators using
auditing and monitoring capabilities of security system and automatic notification of violators using via e-mail.
ˉ Reduce the cost of implementing security by making security systems easy to install, configure and use and/or by employing good secure default settings.
53
Summary -Human Behavior and Security
Applying the Social-cognitive theory (Bandura, 1986), to study the experiences and factors influencing users’ behavior on the use of security systems, a model should consider: ˉ the personal characters of users including
cognitive capacity; socio-demographic factors, attitudes, beliefs, values, experience, education and knowledge; and the environmental factors of users.
54
Discussion Topics Discuss the magic 7 number in the context of
computer and information security. Compare and contrast mental model, design
model and system model. Discuss why mental model is important to
security systems. Determine what Firewall Users Have to Learn
55
References1. Encyclopædia Britannica.2009. Cognition. Accessed on June 26th,2009,
accessed from http://www.britannica.com/EBchecked/topic/124474/cognition
2. Merriam-Webster Online Dictionary.2009. Learning. Accessed on June 26th,2009, accessed from http://www.merriam-webster.com/dictionary/learning
3. Bahn, D. Social Learning Theory: its application in the context of nurse education. Nurse Education Today, 21 (2). 110-117.
4. Bandura, A. Self-efficacy. in Ramachaudran, V.S. ed. Encyclopedia of human behavior, Academic Press, New York, 1994, 71-81.
5. Bandura, A. Social foundations of thought and action: A scoial cognitive theory. Prentice-Hall , Inc., New Jersey, 1986.
6. Benyon, D., Davies, G., Keller, L., Preece, J. and Rogers, Y. A Guide to Usability: Human Factors in Computing. Addison Wesley Publishing Company, Workingham, England, 1993.
56
References7. Card, S.K., Moran, T.P. and Newell, A. The psychology of human-
computer interaction. Lawrence Erlbaum Associates, Inc., Hillsdale, New Jersey, 1983.
8. 2004. Instructional System Design Concept Map. Accessed on January 13,2009, accessed from http://nwlink.com/~donclark/hrd/ahold/isd.html
9. Cooper, A. About Face - The Essentials of User Interface Design. IDG Books Worldwide, Foster City, CA, 1995.
10.Norman, D.A. The psychology of everyday things. Basic Books, New York, 1988.
11. Sasse, A. and Flechais, I. Usable Security. in Cranor, L.F. and Garfinkel, S. eds. Security and Usability: Designing Secure Systems That People Can, O'Reilly Media, California, 2005.
12.Schneier, B. The psychology of security. Commun. ACM 50 (5 ), 128
13.Tversky, A. and Kahneman, D. Rational Choice and the Framing of Decisions. The Journal of Business, 59 (s4). S251.
14.West, R. The psychology of security. Commun. ACM 51 (4 ), 34-4057
