trenton schulz: repairing trust in our toasters + trust to the internet of things

www.nr.no

Repairing Trust in Our Toasters

Trenton SchulzSenior Research ScientistNorwegian Computing Center

2014-10-20

Advertisement

2

3

About NR

4

Statistics

Technology

5

6

6

Information Security

6

Information Securitye-Inclusion

Smart Information Systems

6

Information Securitye-Inclusion

7

How many devices are connected to the Internet at home?

8

How many devices are connected to the Internet at home?

8

How many talk to each other over Bluetooth, NFC, etc.?

Internet of Things?

9

12

Many small networks…

11

12

Speaking together…

12

A force for good…

13

14

Meet David

15

Meet Paul

16

17

A force for bad…

18

19

20

SALE

21

SALE

21

Sale

SALE

21

SaleSale

SALE

21

Sale

SaleSale

SALE

21

Sale

SaleSale

Sale

12

Many small networks…

22

12

Speaking together…

23

14

Can We Trust These Networks?24

15

How can we find out?

25

26

10

What is trust?

27

In information security?

28

…the correct function of a technical component that is important for the system security.

29

—Quirin,  Fritsch,  Husseiki,  and  Samson

In social sciences…

30

Interpersonal trust and risk

31

A user’s confidence in an entity’s reliability, including that user’s acceptance of vulnerability in a potentially risky situation.

32

—Döbelt,  Busch,  and  Hochleitner

Universal Design

33

Two Aspects

34

1. The process

35

2. The result

36

Guidelines are not enough…

37

Use a user-centered design process…

38

ISO 9241-210:2010

39

40

40

Understand and specify context

40

Understand and specify context

Specify user requirements

40

Understand and specify context

Specify user requirements

Produce Design Solutions

40

Understand and specify context

Specify user requirements

Produce Design Solutions

Evaluate against requirements

40

Understand and specify context

Specify user requirements

Produce Design Solutions

Evaluate against requirements

Specify user requirements

41

42

43

44

Produce Design Solutions

45

46

47

48

Evaluate against requirements

49

Vi

50

Virtual Reality Testing…

51

51

52

52

The Final Result

53

The Security Assistant

54

55

55

Layer  1

55

Layer  1

Layer  2

55

Layer  1

Layer  2Layer  3

55

Layer  1

Layer  2Layer  3

Layer  4

56

56

56

1. 2. 3. 4.

56

56

Security Level 1 of 4, low security

Findings from the project

57

Accepted the advice

58

But… why should I trust this?

59

Changing the security level

60

Changing the security level

60

Accessibility Issues

61

62

62

62

62

TalkBack

63

Future Work

64

65

Add trust to the security assistant

66

What about when I don’t have a smartphone?

67

Guidelines

68

69

Have we fixed our toasters?

Contact

70

Trenton SchulzSenior Research ScientistNorwegian Computing Centertrenton.schulz@nr.no+47 22 85 25 68http://ict.nr.no

Image Credits

71

Slide 2, Untillde!

Slides 4–7, 15–17, 19, 24–25, 43–44, 50, 69 Copyright 2014, thinkstockphotos.ca, a division of Getty Images!

Slide 20, EMVCo!

Slide 52, Copyright 2013, aftenposten.no (http://www.aftenposten.no/nyheter/iriks/Ville-du-bodd-i-et-hus-hvor-alt-er-koblet-til-Internett--7192204.html)!

All other images, Norsk Regnesentral or uTRUSTit