O.15 User Experience (UX)/Human Computer Interface (HCI) Security

From CyberEdWiki
Jump to: navigation, search

HCI is the practice and study of human interaction with machines. This includes usability, machine interaction design, and psychological reactions to the interface. UX deals with the entirety of the user experience relative to a product (not just the user interface). UX includes HCI but also encompasses the emotional, physical, and behavioral perception of a product or service. Cyber security professionals must acknowledge that while they need to give utmost precedence to system security, they cannot overlook user experience, and vice versa.

Specific topics to be included in this knowledge unit include, but are not limited to:

  • Authentication interfaces and passwords
  • Implicit and explicit policies in systems
  • Policies that users control and hidden policies controlled by the system
  • The role of social engineering and how it continues to be the primary attack vector
  • How implementing security affects the user experience.

Outcome: Students will understand user interface issues that will affect the implementation of and perception of security mechanisms and the behavioral impacts of various security "policies."

Outcome: Students will understand the tension between user security and convenience which results in user behavior that undermines system security. Students will learn how to develop approaches which have the right balance.