UKUUG home

UKUUG

(the UK's Unix & Open Systems User Group)

Home

Events

About UKUUG

UKUUG Diary

Membership

Book Discounts

Other Discounts

Mailing lists

Sponsors

Newsletter

Consulting

 


 

Security and Usability

Lorrie Faith Cranor and Simson Garfinkel (Eds)
Published by O'Reilly Media
ISBN:0-596-00827-9
738 pages
£ 31.95
Published: September 2, 2005
reviewed by Lindsay Marshall
   in the June 2006 issue (pdf), (html)
bookcover  

This one is a little different from your usual O'Reilly book in that it is a collection of papers devoted to five aspects of security and usability. There are thirty four papers in all and the five areas are ``Realigning Usability and Security'', ``Authentication Mechanisms'', ``Secure Systems'', ``Privacy and Anonymity Systems'' and ``Commercializing Usability'', plus a section devoted to three classic papers in the field.

There are some well known and respected names amongst the authors as well as newcomers with the papers being a slightly odd mix of theory and practice. The editors (rightly) justify this because of the youth of the field, and they also emphasise the security focused nature of much of the material. Their feeling is that the main push in improving the usability of secure systems must come from the security people, and I would have to agree: systems must be secure first of all, but that is no excuse for neglecting (or at least finding out about) users' experiences with systems. And so often, of course, a poor usability leads to security horrors like people leaving passwords written on whiteboards and such like.

This is a book to dip into rather than read at one sitting -- I certainly haven't got to everything in it yet. As you would expect the quality of the papers is variable, though all are at least good. Your interest in the relevant area will also influence your perception of some of the material quite dramatically (I can't get excited about security on Lotus Notes for example.) The book is also pretty expensive: something to have in the project library rather to have as a personal copy. My biggest complaint is the lack of material on Trust and/or Reputation, this is an area with a lot of relevance to security and usability and where there is much interesting work. It could easily have filled another section, though by then the book would have been reaching Harry Potter dimensions.

It's good. Buy it for your team library.

Back to reviews list

Tel: 01763 273 475
Fax: 01763 273 255
Web: Webmaster
Queries: Ask Here
Join UKUUG Today!

UKUUG Secretariat
PO BOX 37
Buntingford
Herts
SG9 9UQ
More information

Page last modified 02 Apr 2007
Copyright © 1995-2011 UKUUG Ltd.