Principle of psychological acceptability: Difference between revisions

From Citizendium
Jump to navigation Jump to search
imported>Howard C. Berkowitz
(Fixed metadata)
mNo edit summary
 
(3 intermediate revisions by 3 users not shown)
Line 1: Line 1:
{{subpages}}
{{subpages}}
<!-- Please ignore (but don't delete) any formatting that you are not familiar with. Others will probably chime in to help you set things up. -->
{{TOC|right}}
The principle of psychological acceptability was proposed as one of the [[design patterns]] for [[computer security]] by Jerome Saltzer and Michael Schroeder in their seminal paper ''The Protection of Information in Computer Systems''<ref>http://web.mit.edu/Saltzer/www/publications/protection/</ref>.  Psychological acceptability is a the idea that the security mechanisms of a computer system should align as closely as possible to the functional expectations of system users.  By providing security mechanisms that do not burden or inconvenience users, architects can achieve security without alienation users or encouraging them to find ways to avoid security mechanisms.  
The principle of psychological acceptability was proposed as one of the [[design patterns]] for [[computer security]] by Jerome Saltzer and Michael Schroeder in their seminal paper ''The Protection of Information in Computer Systems''<ref>http://web.mit.edu/Saltzer/www/publications/protection/</ref>.  Psychological acceptability is a the idea that the security mechanisms of a computer system should align as closely as possible to the functional expectations of system users.  By providing security mechanisms that do not burden or inconvenience users, architects can achieve security without alienation users or encouraging them to find ways to avoid security mechanisms.  
An example of violating the principle would be to have a software system that requires extremely complex, non-repeatable passwords and ''also'' requires the selection of a new password frequently, such as every three weeks.  Invariably, some people will end of writing such passwords down on paper and taping them to their monitors.


==References==
==References==
<references/>
<references/>[[Category:Suggestion Bot Tag]]

Latest revision as of 06:01, 7 October 2024

This article is a stub and thus not approved.
Main Article
Discussion
Related Articles  [?]
Bibliography  [?]
External Links  [?]
Citable Version  [?]
 
This editable Main Article is under development and subject to a disclaimer.

The principle of psychological acceptability was proposed as one of the design patterns for computer security by Jerome Saltzer and Michael Schroeder in their seminal paper The Protection of Information in Computer Systems[1]. Psychological acceptability is a the idea that the security mechanisms of a computer system should align as closely as possible to the functional expectations of system users. By providing security mechanisms that do not burden or inconvenience users, architects can achieve security without alienation users or encouraging them to find ways to avoid security mechanisms.

An example of violating the principle would be to have a software system that requires extremely complex, non-repeatable passwords and also requires the selection of a new password frequently, such as every three weeks. Invariably, some people will end of writing such passwords down on paper and taping them to their monitors.

References