Improving security decisions with polymorphic and audited dialogs

摘要

Welcome to the Third Symposium On Usable Privacy and Security! This year's program features 13 technical papers, a workshop, two tutorials, 16 posters, a panel, three discussion sessions, and an invited talk. Continuing the tradition of interesting SOUPS social events, on Thursday evening SOUPS 2007 attendees will head to the Pittsburgh Athletic Association for dinner and an evening of bowling at the PAA's private bowling facility. >This year we received 41 technical paper submissions. Each paper was refereed by at least three members of the technical papers committee, and through an online discussion process the committee selected 13 papers for presentation and publication. >The technical papers committee selected the paper "A Second Look at the Usability of Click- Based Graphical Passwords" by Sonia Chiasson, Robert Biddle, and P.C. van Oorschot of Carleton University to receive the SOUPS 2007 Best Paper Award. This paper presents the results of the first reported field studyof click-based graphical passwords as well as the first examination of whether interference from having multiple graphical passwords affects usability. >The first day of SOUPS 2007 features two tutorials and a Workshop on Usable IT Security Management (USM'07). This workshop focuses on usable security from the perspective of IT professionals who have to deal with the difficult problem of managing the security of large, complex enterprise systems, where an error could cost a fortune. >SOUPS 2007 includes an invited talk on ballot and election design by award-winning graphic designer Marcia Lausen. Panel discussions will focus on another important area: two-factor authentication for financial services. >Finally, the SOUPS 2007 program includes three parallel "discussion" sessions, featuring moderated discussion on a topic of interest to attendees. Discussion sessions have been organized around the following topics: "UW2SP: Usable Web 2.0 Security & Privacy," "Standardizing Usable Security and Privacy: Taking It To the Next Level, or Settling for Less?" and "One Laptop Per Child Security." Other discussion sessions may be added depending on interest. We hope the informal, small group format will lead to lively and productive interactions.