The Cranor model framework was proposed by CMU Professor Lorrie Faith Cranor to identify and analyze security issues caused due to human error. The human-in-the-loop security framework is introduced in this model to analyze the human role in a secure system, identify potential failure modes and find ways to reduce the likelihood of failure (Cranor, 2008). This framework analyzes systematically the role of human on wide range of secure systems and their design problems, including anti-phishing warnings and password policies in a conceptual way.
It consists of four components communication, communication impediments, human receiver and behavior.
In the context of security, communication can be categorized into warnings, notices, status indicators, training, and policies. Warnings are used to alert user about hazard and convince them to take necessary action to mitigate it. Notices give information of a particular object which helps in making appropriate decisions. Status indicators give system status information. Training and Policies when effectively implemented gives users the ability to react and respond to the situation appropriately.
Communication though sent can be lost due to interference and environmental stimuli. Attackers can introduce malicious code or divert user’s attention by external factors thus being successful in destroying the communication. Human receiver Since we have human on the receiving end of security communication, six different attributes are considered — Communication delivery, Communication processing, Application, Personal variables, Intentions and Capabilities.
When a communication is received, the basic goal is to understand the commands and implement them properly. The human-in-the-loop security framework is designed to use in human threat identification and mitigation process.
It consists of task identification, task automation, failure identification in two ways (her framework and user studies), and mitigating those failures. This process has to be implemented at the design phase to reduce human security failures.
Cranor, L.F. (2008). A Framework for Reasoning About the Human in the Loop. UPSEC. Garfinkel, S., & Lipford, H. R. (2014). Usable Security: History, Themes, and Challenges. Morgan & Claypool Publishers.
Remember! This is just a sample.
You can get a custom paper by one of our expert writers.
Get your custom essay
Helping students since 2015
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download