Security Centered Design
Chris Shiflett (20.May.2009 at 05:00)
Talk at php|tek 2009 (English - US)
Security is more than filtering input and escaping output (FIEO). It's more than cross-site scripting (XSS) and cross-site request forgeries (CSRF). Security isn't even always black and white. In order to create a more secure user experience, we need to understand how people think. Perception can be as important as reality, and meeting user expectations is a fundamental of good security. In this multifarious talk, I'll introduce some of what I have learned about cognitive psychology, exploring topics such as change blindness and ambient signifiers, and I'll show some real-world examples that demonstrate the profound impact human behavior can have on security.
Quicklink: https://joind.in/192
By clicking this button you are declaring that you are the speaker responsible for it and a claim request will be sent to the administrator of the event.
If the claim is approved you will be able to edit the information for this talk.
Are you sure?
27.May.2009 at 15:07 by Philip Daly
A memorable presentation that gave me things to take home with me.
Only recommendation would be to possibly have a summary side (or two) that quickly summarizes the concepts explained and the particular practices that the developer community should think about implementing.