Home
Program
- OSCON Schedule
- Sessions
  - Administration
  - Apache
  - Business
  - Cloud Computing
  - Databases
  - Design & Usability
  - Desktop Applications
  - Emerging Topics
  - Fundamentals
  - Government
  - Java
  - Legal
  - Linux
  - Mobile
  - Mozilla
  - People
  - Perl
  - PHP
  - Products & Services
  - Programming
  - Python
  - Ruby
  - Security
  - Ubuntu
  - Web Applications
- Tutorials
- Keynotes
- Speakers
- Events
- What's FREE at OSCON
- Birds of a Feather Sessions
- Speaker Presentation Files
- Onsite Info Guide
About
Expo
Connect
Your Account
- Log in
- Attendee Directory

Join Attendee Network

Add to Your Schedule

Security-Centered Design: Exploring the Impact of Human Behavior

Chris Shiflett (Analog)

11:35am Thursday, 07/23/2009

Security
Location: Ballroom A7

Presentation File:
Security-Centered Design_ Exploring the Impact of Human Behavior Presentation [PDF]

Average rating:

(4.67, 6 ratings)

Security is more than filtering input and escaping output (FIEO), and it’s more than cross-site scripting (XSS) and cross-site request forgeries (CSRF). Security isn’t even always black and white. In order to create a more secure user experience, we need to understand how people think. Perception is as important as reality, and meeting user expectations is a fundamental of good security. In this multifarious talk, I’ll introduce some of what I have learned about cognitive psychology, exploring topics such as change blindness and ambient signifiers, and I’ll show some real-world examples that demonstrate the profound impact human behavior can have on security.

People planning to attend this session also want to see:

Chris Shiflett

Analog

Chris Shiflett is the Chief Technology Officer of OmniTI, where he leads the web application security practice and guides web development initiatives.

Chris is a thought leader in the PHP and web application security communities — a widely-read blogger at shiflett.org, a popular speaker at industry conferences worldwide, and the founder of the PHP Security Consortium.

His books include the critically-acclaimed Essential PHP Security (O’Reilly) and HTTP Developer’s Handbook (Sams). His writing has also appeared in a number of other popular books including Programming PHP (O’Reilly), PHP Cookbook (O’Reilly), and PHP in Action (Manning).

Web site

Comments on this page are now closed.

Comments

Burvil N/A

07/23/2009 11:42pm PDT

Very entertaining, a lot of good, applicable examples that make you think and really get the point across.

Chris Sontag

07/23/2009 5:01pm PDT

This was an excellent talk. The speaker is articulate, engaging and clearly intelligent. This was, BY FAR, one of the most interesting sessions of OSCON09.

Schedule views

Diamond Sponsors

Platinum Sponsor

Gold Sponsors

Silver Sponsors

Sponsorship Opportunities

For information on exhibition and sponsorship opportunities at the conference, contact Sharon Cordesse at scordesse@oreilly.com

Download the OSCON Sponsor/Exhibitor Prospectus

Media Partner Opportunities

Download the Media & Promotional Partner Brochure (PDF) for information on trade opportunities with O'Reilly conferences or contact mediapartners@ oreilly.com

Press and Media

For media-related inquiries, contact Maureen Jennings at maureen@oreilly.com

OSCON Newsletter

To stay abreast of conference news and to receive email notification when registration opens, please sign up for the OSCON newsletter (login required)

Contact Us

View a complete list of OSCON contacts