Usability, Validation and Abuse (G11b)
You’ve verified your system has implemented cryptography correctly, but can a general user be trusted to configure the system correctly? How much acrobatics did you employ in your security policy? Who verifies your system is actually useable? That it doesn’t have any backdoors? Thinking about the missile launch warning system deployed in Hawaii, and how we could do better. Valerie will discuss a more holistic approach to critical system design and how leveraging standards can help.