Jean-Louis Huynen

Socio-Technical Study on the Effect of Trust and Context When Choosing WiFi Names

We study trust and context as factors influencing how people choose wireless network names. Our approach imagines the mindset of a hypothetical attacker whose goal is to ensnare unsuspecting victims into accessing dishonest WiFi access points. For this purpose, we conducted an online survey. We used two separate forms. The first form asked a random group of participants to rate a list of wireless names according to their preferences (some real and others purposely made-up) and afterwards with implied trust in mind. The second form was designed to assess the effect of context and it asked a different set of respondents to rate the same list of wireless names in relation to four different contexts. Our results provide some evidence confirming the idea that trust and context can be exploited by an attacker by purposely, or strategically, naming WiFi access points with reference to trust or within certain contexts. We suggest, in certain cases, possible defence strategies.

Studies in Socio-technical Security Analysis: Authentication of Identities with TLS Certificates

Authenticating web identities with TLS certificates is a typical problem whose security depends on both technical and human aspects, and that needs, to be fully grasped, a socio-technical analysis. We performed such an analysis, and in this paper we comment on the tools and methodology we found appropriate. We first analysed the interaction ceremonies between users and the most used browsers in the market. Then we looked at users understanding of those interactions. Our tools and our methodology depend on whether the user model has a non-deterministic or a realistic behaviour. We successfully applied formal methods in the first case. In the second, we had to define a security framework consistent with research methods of experimental cognitive science.

Do Graphical Cues Effectively Inform Users

We study whether the padlock and the signal strength bars, two visual cues shown in network managers, convey their intended messages. Since users often choose insecure networks when they should not, finding the answer is not obvious; in our study we clarify whether the problem lies in uninformative and ambiguous cues or in the user who, despite understanding the cues, chooses otherwise. This paper describes experiments and comments the results that bring evidence to our study.

From Situation Awareness to Action: An Information Security Management Toolkit for Socio-Technical Security Retrospective and Prospective Analysis

Inspired by the root cause analysis procedures common in safety, we propose a methodology for a prospective and a retrospective analysis of security and a tool that implements it. When applied prospectively, the methodology guides analysts to assess socio-technical vulnerabilities in a system, helping them to evaluate their choices in designing security policies and controls. But the methodology works also retrospectively. It assists analysts in retrieving the causes of an observed socio-technical attack, guiding them to understand where the information security management of the system has failed. The methodology is tuned to find causes that root in the human-related factors that an attacher can exploit to execute its intrusion.

In Cyber-Space No One Can Hear You S\cdot CREAM

Inspired by the root cause analysis techniques that in the field of safety research and practice help investigators understand the reasons of an incident, this paper investigates the use of root cause analysis in security. We aim at providing a systematic method for the security analyst to identify the socio-technical attack modes that can potentially endanger a system’s security.Inspired by the root cause analysis techniques that in the field of safety research and practice help investigators understand the reasons of an incident, this paper investigates the use of root cause analysis in security. We aim at providing a systematic method for the security analyst to identify the socio-technical attack modes that can potentially endanger a systems security.

In Cyber-Space No One Can Hear You S·CREAM, A Root Cause Analysis for Socio-Technical Security

Inspired by the root cause analysis techniques that in the field of safety research and practice help investigators understand the reasons of an incident, this paper investigates the use of root cause analysis in security. We aim at providing a systematic method for the security analyst to identify the socio-technical attack modes that can potentially endanger a system’s security.Inspired by the root cause analysis techniques that in the field of safety research and practice help investigators understand the reasons of an incident, this paper investigates the use of root cause analysis in security. We aim at providing a systematic method for the security analyst to identify the socio-technical attack modes that can potentially endanger a systems security.

An Information Security Management for Socio-Technical Analysis of System Security

Concerned about the technical and social aspects at the root causes of security incidents and how they can hide security vulnerabilities we propose a methodology compatible with the Information Security Management life-cycle. Retrospectively, it supports analysts to reason about the socio-technical causes of observed incidents; prospectively, it helps designers account for human factors and remove potential socio-technical vulnerabilities from a system’s design. The methodology, called \(\text {S}{\cdot }\text {CREAM}\), stems from practices in safety, but because of key differences between the two disciplines migrating concepts, techniques, and tools from safety to security requires a complete re-thinking. \(\text {S}{\cdot }\text {CREAM}\) is supported by a tool, which we implemented. When available online it will assist security analysts and designers in their tasks. Using \(\text {S}{\cdot }\text {CREAM}\), we discuss potential socio-technical issues in the Yubikey’s two-factor authentication device.

In Cyber-Space No One Can Hear You S∙CREAM

Inspired by the root cause analysis techniques that in the field of safety research and practice help investigators understand the reasons of an incident, this paper investigates the use of root cause analysis in security. We aim at providing a systematic method for the security analyst to identify the socio-technical attack modes that can potentially endanger a system’s security.Inspired by the root cause analysis techniques that in the field of safety research and practice help investigators understand the reasons of an incident, this paper investigates the use of root cause analysis in security. We aim at providing a systematic method for the security analyst to identify the socio-technical attack modes that can potentially endanger a systems security.