Go to DBLP homepageToward a (Secure) Path of Least Resistance: An Examination of Usability Challenges in Secure Sandbox Systems
Abstract: The computing hardware and software tools for virtualizing and isolating execution environments have matured, enabling a paradigm shift towards cloud computing and containerization. Unfortunately, the use of these technologies in traditional computing is largely limited to servers and systems administered by professional IT teams. At another extreme, mobile device operating systems extensively leverage isolation to prevent malicious activity from mobile applications. In stark contrast, despite possessing the resources to support virtual machines, traditional endpoint systems tend to have a single execution environment for all of a user's activity. In this work, we explore the usability challenges that may prevent widespread use of isolation mechanisms, such as virtual machines, on traditional computing endpoints. We explore systems using a common workflow, where a user wants to experiment with a new software tool, to compare existing virtualization systems and motivate a new design. We use keystroke-level modeling to quantitatively compare systems and identify optimization opportunities.
Loading