商品描述
This book makes the case that traditional security design does not take the end-user into consideration, and therefore, fails. This book goes on to explain, using a series of examples, how to rethink security solutions to take users into consideration. By understanding the limitations and habits of users - including malicious users, aiming to corrupt the system - this book Illustrates how better security technologies are made possible.
Traditional security books focus on one of the following areas: cryptography, security protocols, or existing standards. They rarely consider the end user as part of the security equation, and when they do, it is in passing. This book considers the end user as the most important design consideration, and then shows how to build security and privacy technologies that are both secure and which offer privacy. This reduces the risk for social engineering and, in general, abuse.
Advanced-level students interested in software engineering, security and HCI (Human Computer Interaction) will find this book useful as a study guide. HCI (Human Computer Interaction) practitioners designing user interfaces and privacy researchers and practitioners working in security, as well as software engineers designing software solutions (that can be abused) will also be interested in this book.
Traditional security books focus on one of the following areas: cryptography, security protocols, or existing standards. They rarely consider the end user as part of the security equation, and when they do, it is in passing. This book considers the end user as the most important design consideration, and then shows how to build security and privacy technologies that are both secure and which offer privacy. This reduces the risk for social engineering and, in general, abuse.
Advanced-level students interested in software engineering, security and HCI (Human Computer Interaction) will find this book useful as a study guide. HCI (Human Computer Interaction) practitioners designing user interfaces and privacy researchers and practitioners working in security, as well as software engineers designing software solutions (that can be abused) will also be interested in this book.
作者簡介
Dr. Markus Jakobsson has spent more than 20 years as a security researcher, scientist and entrepreneur, studying phishing, crimeware, mobile security, privacy and user interaction. He spearheaded research in malware and mobile security technologies at Qualcomm, after his startup, FatSkunk, was acquired by Qualcomm. He performed email security research and helped track Nigerian scammers as the Chief Scientist at Agari. In addition, Dr. Jakobsson has held key roles as Principal Scientist at PayPal, Xerox PARC, and RSA Security, and as Chief of Security and Data Analytics at Amber Solutions. He has also worked as a testifying expert witness in a range of high-profile patent litigation cases, covering digital rights management, Internet and mobile security, authentication, and spam detection. He has a PhD in Computer Science from University of California at San Diego.
