Jul 29

There is an old English folk saying that goes, "If you can't stand the heat, get out of the kitchen." I have a different approach: Do something about the heat. The folk saying would have us accept the poor designs of the world. Why? After all, if people were responsible for the "heat" in the first place, then people should be able to do something about it. Is the kitchen too hot? Redesign it.

-- Don Norman

 
 

Featured chapter

Marc Hassenzahl explains the fascinating concept of User Experience and Experience Design. Commentaries by Don Norman, Eric Reiss, Mark Blythe, and Whitney Hess

User Experience and Experience Design !

 
 

Our Latest Books

Kumar and Herger 2013: Gamification at Work: Designing Engaging Business Software...
by Janaki Mythily Kumar and Mario Herger

 
Start reading

Whitworth and Ahmad 2013: The Social Design of Technical Systems: Building technologies for communities...
by Brian Whitworth and Adnan Ahmad

 
Start reading

Soegaard and Dam 2013: The Encyclopedia of Human-Computer Interaction, 2nd Ed....
by Mads Soegaard and Rikke Friis Dam

 
Start reading
 
 

Help us help you!

 
 

Shujun Li

Add description
Add publication

Publications by Shujun Li (bibliography)

 what's this?
2011
 
Edit | Del

Perković, Toni, Li, Shujun, Mumtaz, Asma, Khayam, Syed Ali, Javed, Yousra and Čagalj, Mario (2011): Breaking undercover: exploiting design flaws and nonuniform human behavior. In: Proceedings of the 2011 Symposium on Usable Privacy and Security 2011. p. 5.

This paper reports two attacks on Undercover, a human authentication scheme against passive observers proposed at CHI 2008. The first attack exploits nonuniform human behavior in responding to authentication challenges and the second one is based on information leaked from authentication challenges or responses visible to the attacker. The second attack can be generalized to break two alternative Undercover designs presented at Pervasive 2009. All the attacks exploit design flaws of the Undercover implementations. Theoretical and experimental analyses show that both attacks can reveal the user's password with high probability with O(10) observed login sessions. Both attacks were verified by using the login data collected in a user study with 28 participants. We also propose some enhancements to make Undercover secure against the attacks reported in this paper. Our research in breaking and improving Undercover leads to two broader implications. First, it reemphasizes the principle of "devil is in details" for the design of security-related human-computer interface. Secondly, it reveals a subtle relationship between security and usability: human users may behave in an insecure way to compromise the security of a system. To design a secure human-computer interface, designers should pay special attention to possible negative influence of any detail of the interface including how human users interact with the system.

© All rights reserved Perković et al. and/or ACM Press

 
Add publication
Show list on your website
 

Join our community and advance:

Your
Skills

Your
Network

Your
Career

 
 
 
 

Changes to this page (author)

05 Apr 2012: Added

Page Information

Page maintainer: The Editorial Team
URL: http://www.interaction-design.org/references/authors/shujun_li.html
Jul 29

There is an old English folk saying that goes, "If you can't stand the heat, get out of the kitchen." I have a different approach: Do something about the heat. The folk saying would have us accept the poor designs of the world. Why? After all, if people were responsible for the "heat" in the first place, then people should be able to do something about it. Is the kitchen too hot? Redesign it.

-- Don Norman

 
 

Featured chapter

Marc Hassenzahl explains the fascinating concept of User Experience and Experience Design. Commentaries by Don Norman, Eric Reiss, Mark Blythe, and Whitney Hess

User Experience and Experience Design !

 
 

Our Latest Books

Kumar and Herger 2013: Gamification at Work: Designing Engaging Business Software...
by Janaki Mythily Kumar and Mario Herger

 
Start reading

Whitworth and Ahmad 2013: The Social Design of Technical Systems: Building technologies for communities...
by Brian Whitworth and Adnan Ahmad

 
Start reading

Soegaard and Dam 2013: The Encyclopedia of Human-Computer Interaction, 2nd Ed....
by Mads Soegaard and Rikke Friis Dam

 
Start reading
 
 

Help us help you!