Techniques for Visual Feedback of Security State Tara Whalen and Kori Inkpen Faculty of Computer Science Dalhousie University whalen at cs dot dal dot ca DIMACS Workshop on Usable Privacy and Security Software July 8, 2004 Introduction Trying to define an area for doctoral research General focus: visualization of security information Goal: to give users appropriate feedback about security ideas very much in development: feedback welcome and encouraged! aid in assessment and carrying out appropriate actions Dalhousie EDGE Lab focuses on collaboration and visualization initial ideas focused on secure collaboration Security Lens We looked at how to reveal security information for distributed collaboration e.g., using a CSCW tool, or text messaging how to quickly communicate that security configuration was done correctly Led to the idea of a “security lens”: a representation of peering into a channel Consider relevant parties along the path of communication Use lens to show what security (secrecy) looks like from multiple perspectives: self, partner, world (eavesdroppers) Currently a visualization technique, not a real tool Simple example: text message Include a lens in messaging application; user selects this when they want to run a check (preview) Shown below is communication between two parties Set view to self, Bob or world to see what is revealed to each Could represent secrecy as unreadable text. Plaintext should be revealed only for self and partner Advantages At-a-glance view provides snapshot of useful security information Provides a sort of sanity check for configuration Can provide information on demand – not intrusive, gives feedback at appropriate time Application-level data can provide context unavailable at lower level e.g., can provide tailored feedback for specific actions, include info about private versus public keys, info about parties in communication Challenges and Concerns Pragmatically difficult: application-level view requires integration of lens into different programs Simple example is simplistic: does not take into account the complexity of many situations How much approximation is appropriate? Lens perspective might be only useful for transactions, not long-duration activities (monitoring) How to use the lens perspective for one user across multiple programs; potentially many different tasks, data, and roles to incorporate Don’t want abstraction to cloud the facts Correct configuration may not guarantee actual secrecy, and incorrect configuration may succeed if encryption exists at lower level Would users bother to adjust perspective? Future Directions The direction is likely to be set through discussions at this workshop Need to look at viability of perspective view as useful visualization technique Can it be applied effectively across a range of applications and situations? If it seems to be a helpful approach, then we can consider how this visualization might be done in practice We are (in parallel) considering other visualization problems how to present snapshots of host security information (e.g., personal firewall, virus scanner) starting a small stud y on how people use visual security cues in web browsers Conclusions We feel that it is important to provide support for at-a-glance visualization of security information This is not an easy problem: complex area, need to integrate variety of data types and tasks, don’t want to overwhelm user Work is at very early stages: we hope to work with the researchers at this workshop to further refine our approach Thanks! Thanks for your kind attention Thanks to Diana Smetters (PARC) and Paul Dourish (UC Irvine) for feedback on these early ideas Please forward comments, suggestions, flames, etc., to whalen at cs dot dal dot ca