Usable Security

Many people believe that you cannot have both security and ease of use. However, PARC researchers are working to build new technologies that allow users to easily manage their own security.  The core concept behind these technologies is providing user actions with "intuitive security".

Core Concepts

• Discover useful and convenient user-interaction primitives that enable users to manage their devices securely. For example, a user can simply point out which device he wants to communicate with and a connection is conveniently secured without further involving the user (as opposed to typing PINs in both devices, which is less user-friendly and less secure).
  
  
• Identify situations in which security intuitively follows from simple user actions (it may not be necessary to invent new user-interaction primitives if security requirements can be inferred from user actions). For example, if a user types "ssh foo.bar.com", the system can figure out that the user is trying to do log onto foo.bar.com, and the SSH protocol allows the user to log on securely (contrast this with the work required to share files securely through a Web server, which usually doesn't follow this intuitive model and requires the user to expose the file to a server, specify how the file should be protected, and configure controlled access to it accordingly).
  
  
• Remove redundant security steps from the setup process to reduce the risk of users forgetting or incorrectly applying them.

Solutions

PARC's wireless security technology solutions are designed to be easy to use and still be secure—they do not require users to be networking experts.

For example, PARC's Network-in-a-Box security solution is based on an intuitive physical step that instantly makes sense to users. The user adds a device to a wireless network by literally "introducing" it to the network's access point—e.g., by touching the two devices together or by indicating the desired device through infrared pointing (as opposed to setting up network connections by navigating through multiple setup screens and filling out forms on the computer).

Network-in-a-Box Features
-	Puts today's strongest-available industrial security technology into the hands of non-expert users
-	Allows an average user to add a computer to an 802.1x-secured wireless network in less than 60 seconds, by following two simple steps
-	Can be applied to consumer use, small- and home-office settings, and ad-hoc networks
-	Can be scaled to manage enterprise-class wireless networks

How Network-in-a-Box Works/ View Demonstration