sa

[ASAP] Describing Meta-Atoms Using the Exact Higher-Order Polarizability Tensors

ACS Photonics
DOI: 10.1021/acsphotonics.9b01776




sa

[ASAP] White Light Emission from a Zero-Dimensional Lead Chloride Hybrid Material

ACS Photonics
DOI: 10.1021/acsphotonics.9b01817




sa

[ASAP] Plasmon-Mediated Coherent Superposition of Discrete Excitons under Strong Exciton–Plasmon Coupling in Few-Layer MoS<sub>2</sub> at Room Temperature

ACS Photonics
DOI: 10.1021/acsphotonics.0c00233




sa

[ASAP] Room Temperature Graphene Mid-Infrared Bolometer with a Broad Operational Wavelength Range

ACS Photonics
DOI: 10.1021/acsphotonics.0c00028




sa

[ASAP] Modulation of the Visible Absorption and Reflection Profiles of ITO Nanocrystal Thin Films by Plasmon Excitation

ACS Photonics
DOI: 10.1021/acsphotonics.9b01825




sa

[ASAP] Size, Ligand, and Defect-Dependent Electron–Phonon Coupling in Chalcogenide and Perovskite Nanocrystals and Its Impact on Luminescence Line Widths

ACS Photonics
DOI: 10.1021/acsphotonics.0c00034




sa

[ASAP] Development of Lipid-Coated Semiconductor Nanosensors for Recording of Membrane Potential in Neurons

ACS Photonics
DOI: 10.1021/acsphotonics.9b01558




sa

[ASAP] Ultrafast Dynamics of Optically Induced Heat Gratings in Metals

ACS Photonics
DOI: 10.1021/acsphotonics.0c00224




sa

[ASAP] Hierarchical Plasmon Resonances in Fractal Structures

ACS Photonics
DOI: 10.1021/acsphotonics.0c00110




sa

[ASAP] Large Wavelength Response to Pressure Enabled in InGaN/GaN Microcrystal LEDs with 3D Architectures

ACS Photonics
DOI: 10.1021/acsphotonics.0c00251




sa

[ASAP] Quasinormal-Mode Non-Hermitian Modeling and Design in Nonlinear Nano-Optics

ACS Photonics
DOI: 10.1021/acsphotonics.0c00014




sa

[ASAP] Directional off-Normal Photon Streaming from Hybrid Plasmon-Emitter Coupled Metasurfaces

ACS Photonics
DOI: 10.1021/acsphotonics.0c00196




sa

[ASAP] Colloidal Quantum-Dots/Graphene/Silicon Dual-Channel Detection of Visible Light and Short-Wave Infrared

ACS Photonics
DOI: 10.1021/acsphotonics.0c00247




sa

[ASAP] Update to Our Reader, Reviewer, and Author Communities—April 2020

ACS Photonics
DOI: 10.1021/acsphotonics.0c00628




sa

[ASAP] Goodbye Juan José Sáenz (1960–2020): A Bright Scientific Mind, an Unusually Prolific Friend, and a Family Man

ACS Photonics
DOI: 10.1021/acsphotonics.0c00526




sa

[ASAP] Multifunctional Metasurface: Coplanar Embedded Design for Metalens and Nanoprinted Display

ACS Photonics
DOI: 10.1021/acsphotonics.9b01795




sa

[ASAP] Terahertz Spectroscopy of Gas Mixtures with Dual Quantum Cascade Laser Frequency Combs

ACS Photonics
DOI: 10.1021/acsphotonics.9b01758




sa

[ASAP] Near-Field Radiative Heat Transfer between Dissimilar Materials Mediated by Coupled Surface Phonon- and Plasmon-Polaritons

ACS Photonics
DOI: 10.1021/acsphotonics.0c00404




sa

[ASAP] Chip-Scale Reconfigurable Optical Full-Field Manipulation: Enabling a Compact Grooming Photonic Signal Processor

ACS Photonics
DOI: 10.1021/acsphotonics.0c00103




sa

[ASAP] Exciton-Polaritons with Magnetic and Electric Character in All-Dielectric Metasurfaces

ACS Photonics
DOI: 10.1021/acsphotonics.0c00063




sa

[ASAP] Colored Radiative Cooling Coatings with Nanoparticles

ACS Photonics
DOI: 10.1021/acsphotonics.0c00513




sa

[ASAP] Persistent Currents in Half-Moon Polariton Condensates

ACS Photonics
DOI: 10.1021/acsphotonics.9b01779




sa

[ASAP] Gain-Assisted Optomechanical Position Locking of Metal/Dielectric Nanoshells in Optical Potentials

ACS Photonics
DOI: 10.1021/acsphotonics.0c00213




sa

[ASAP] Strain-Correlated Localized Exciton Energy in Atomically Thin Semiconductors

ACS Photonics
DOI: 10.1021/acsphotonics.0c00626




sa

[ASAP] Probing the Radiative Electromagnetic Local Density of States in Nanostructures with a Scanning Tunneling Microscope

ACS Photonics
DOI: 10.1021/acsphotonics.0c00264




sa

[ASAP] Line-Scan Hyperspectral Imaging Microscopy with Linear Unmixing for Automated Two-Dimensional Crystals Identification

ACS Photonics
DOI: 10.1021/acsphotonics.0c00050




sa

[ASAP] Ultrafast Colloidal Quantum Dot Infrared Photodiode

ACS Photonics
DOI: 10.1021/acsphotonics.0c00363




sa

[ASAP] Strong Optical Feedback Stabilized Quantum Cascade Laser

ACS Photonics
DOI: 10.1021/acsphotonics.0c00189




sa

Usability and Security; Better Together

Divya Sasidharan calls into question the trade-offs often made between security and usability. Does a secure interface by necessity need to be hard to use? Or is it the choice we make based on years of habit? Snow has fallen, snow on snow.


Security is often synonymous with poor usability. We assume that in order for something to be secure, it needs to by default appear impenetrable to disincentivize potential bad actors. While this premise is true in many instances like in the security of a bank, it relies on a fundamental assumption: that there is no room for choice.

With the option to choose, a user almost inevitably picks a more usable system or adapts how they interact with it regardless of how insecure it may be. In the context of the web, passwords are a prime example of such behavior. Though passwords were implemented as a way to drastically reduce the risk of attack, they proved to be marginally effective. In the name of convenience, complex, more secure passwords were shirked in favor of easy to remember ones, and passwords were liberally reused across accounts. This example clearly illustrates that usability and security are not mutually exclusive. Rather, security depends on usability, and it is imperative to get user buy-in in order to properly secure our applications.

Security and Usability; a tale of broken trust

At its core, security is about fostering trust. In addition to protecting user accounts from malicious attacks, security protocols provide users with the peace of mind that their accounts and personal information is safe. Ironically, that peace of mind is incumbent on users using the security protocols in the first place, which further relies on them accepting that security is needed. With the increased frequency of cyber security threats and data breaches over the last couple of years, users have grown to be less trusting of security experts and their measures. Security experts have equally become less trusting of users, and see them as the “the weakest link in the chain”. This has led to more cumbersome security practices such as mandatory 2FA and constant re-login flows which bottlenecks users from accomplishing essential tasks. Because of this break down in trust, there is a natural inclination to shortcut security altogether.

Build a culture of trust not fear

Building trust among users requires empowering them to believe that their individual actions have a larger impact on the security of the overall organization. If a user understands that their behavior can put critical resources of an organization at risk, they will more likely behave with security in mind. For this to work, nuance is key. Deeming that every resource needs a similarly high number of checks and balances diminishes how users perceive security and adds unnecessary bottlenecks to user workflows.

In order to lay the foundation for good security, it’s worth noting that risk analysis is the bedrock of security design. Instead of blindly implementing standard security measures recommended by the experts, a better approach is to tailor security protocols to meet specific use cases and adapt as much as possible to user workflows. Here are some examples of how to do just that:

Risk based authentication

Risk based authentication is a powerful way to perform a holistic assessment of the threats facing an organization. Risks occur at the intersection of vulnerability and threat. A high risk account is vulnerable and faces the very real threat of a potential breach. Generally, risk based authentication is about calculating a risk score associated with accounts and determining the proper approach to securing it. It takes into account a combination of the likelihood that that risk will materialize and the impact on the organization should the risk come to pass. With this system, an organization can easily adapt access to resources depending on how critical they are to the business; for instance, internal documentation may not warrant 2FA, while accessing business and financial records may.

Dynamically adaptive auth

Similar to risk based auth, dynamically adaptive auth adjusts to the current situation. Security can be strengthened and slackened as warranted, depending on how risky the access point is. A user accessing an account from a trusted device in a known location may be deemed low risk and therefore not in need of extra security layers. Likewise, a user exhibiting predictive patterns of use should be granted quick and easy access to resources. The ability to adapt authentication based on the most recent security profile of a user significantly improves the experience by reducing unnecessary friction.

Conclusion

Historically, security failed to take the user experience into account, putting the onus of securing accounts solely on users. Considering the fate of password security, we can neither rely on users nor stringent security mechanisms to keep our accounts safe. Instead, we should aim for security measures that give users the freedom to bypass them as needed while still protecting our accounts from attack. The fate of secure systems lies in the understanding that security is a process that must constantly adapt to face the shifting landscape of user behavior and potential threats.


About the author

Divya is a web developer who is passionate about open source and the web. She is currently a developer experience engineer at Netlify, and believes that there is a better workflow for building and deploying sites that doesn’t require a server—ask her about the JAMstack. You will most likely find her in the sunniest spot in the room with a cup of tea in hand.

More articles by Divya




sa

Cigarette taxes and smoking among sexual minority adults [electronic resource] / Christopher Carpenter, Dario Sansone

Cambridge, Mass. : National Bureau of Economic Research, 2020




sa

The effects of e-cigarette taxes on e-cigarette prices and tobacco product sales [electronic resource] : evidence from retail panel data / Chad D. Cotti, Charles J. Courtemanche, Johanna Catherine Maclean, Erik T. Nesson, Michael F. Pesko, Nathan Tefft

Cambridge, Mass. : National Bureau of Economic Research, 2020




sa

Cigarette taxes and teen marijuana use [electronic resource] / D. Mark Anderson, Kyutaro Matsuzawa, Joseph J. Sabia

Cambridge, Mass. : National Bureau of Economic Research, 2020




sa

The evolving consequences of OxyContin reforumulation on drug overdoses [electronic resource] / David Powell, Rosalie Liccardo Pacula

Cambridge, Mass. : National Bureau of Economic Research, 2020




sa

Reluctant warriors: Germany, Japan, and their U.S. alliance dilemma / Alexandra Sakaki, Hanns W. Maull, Kerstin Lukner, Ellis S. Krauss, Thomas U. Berger

Dewey Library - UA710.S135 2020




sa

How to democratize Europe / Stephanie Hennette, Thomas Piketty, Guillaume Sacriste, Antoine Vauchez

Online Resource




sa

Homeland security and public safety: research, applications and standards / editors, Philip J. Mattson and Jennifer L. Marshall

Barker Library - UA23.H538 2019




sa

Why they marched: untold stories of the women who fought for the right to vote / Susan Ware

Dewey Library - JK1896.W37 2019




sa

Arendt on the political / David Arndt, Saint Maryʹs College, California

Dewey Library - JC251.A74 A83 2019




sa

The suspect: an Olympic bombing, the FBI, the media, and Richard Jewell, the man caught in the middle / Kent Alexander & Kevin Salwen

Dewey Library - HV8079.B62 A44 2019




sa

The politics of war powers: the theory and history of Presidential unilateralism / Sarah Burns

Dewey Library - JK560.B87 2019




sa

Beyond smart and connected governments: sensors and the internet of things in the public sector / J. Ramon Gil-Garcia, Theresa A. Pardo, Mila Gasco-Hernandez, editors

Online Resource




sa

Resisting dispossession: the Odisha story / Ranjana Padhi, Nigamananda Sadangi

Online Resource




sa

Dying for rights: putting North Korea's human rights abuses on the record / Sandra Fahy

Dewey Library - JC599.K7 F34 2019




sa

Venice's secret service: organizing intelligence in the Renaissance / Ioanna Iordanou

Dewey Library - JF1525.I6 I65 2019




sa

Brazil: neoliberalism versus democracy / Alfredo Saad-Filho and Lecio Morais

Rotch Library - JL2431.S23 2018




sa

The class of '74: Congress after Watergate and the roots of partisanship / John A. Lawrence

Dewey Library - JK1059 94th.L39 2018




sa

Responsible parties: saving democracy from itself / Frances McCall Rosenbluth and Ian Shapiro

Dewey Library - JF2051.R67 2018




sa

Gender equality in politics: implementing party quotas in Germany and Austria / Petra Ahrens, Katja Chmilewski, Sabine Lang, Birgit Sauer

Online Resource




sa

Loaded: a disarming history of the Second Amendment / Roxanne Dunbar Ortiz

Dewey Library - HV7436.D86 2018




sa

21st century Prometheus: managing CBRN safety and security affected by cutting-edge technologies / Maurizio Martellini, Ralf Trapp, editors

Online Resource