Skip to Main content Skip to Navigation
New interface
Conference papers

Models-Based Analysis of Both User and Attacker Tasks: Application to EEVEHAC

Abstract : The design and development of security mechanisms, such as authentication, requires analysis techniques that take into account usability along with security. Although techniques that are grounded in the security domain target the identification and mitigation of possible threats, user centered design approaches have been proposed in order to also take into account the user’s perspective and needs. Approaches dealing with both usability and security focus on the extent to which the user can perform the authentication tasks, as well as on the possible types of attacks that may occur and the potential threats on user tasks. However, to some extent, attacker can be considered as user of the system (even if undesirable), and the analysis of attacker tasks provides useful information for the design and development of an authentication mechanism. We propose a models-based approach to analyse both user and attacker tasks. The modeling of attacker tasks enables to go deeper when analysing the threats on an authentication mechanism and the trade-offs between usability and security. We present the results of the application of this models-based approach to the EEVEHAC security mechanism, which enables the setup of a secure communication channel for users of shared public computers.
Complete list of metadata

https://hal.archives-ouvertes.fr/hal-03772286
Contributor : Célia MARTINIE Connect in order to contact the contributor
Submitted on : Thursday, September 8, 2022 - 10:34:23 AM
Last modification on : Friday, September 9, 2022 - 3:52:13 AM

Identifiers

Citation

Sara Nikula, Célia Martinie, Philippe Palanque, Julius Hekkala, Outi-Marja Latvala, et al.. Models-Based Analysis of Both User and Attacker Tasks: Application to EEVEHAC. 9th IFIP WG 13.2 International Working Conference on Human-Centered Software Engineering (HCSE 2022), Aug 2022, Eindhoven, Netherlands. pp.70-89, ⟨10.1007/978-3-031-14785-2_5⟩. ⟨hal-03772286⟩

Share

Metrics

Record views

13