Security-Centered Design

A session at Dutch PHP Conference 2010

Security is more than filtering input and escaping output (FIEO), and it's more than cross-site scripting (XSS) and cross-site request forgeries (CSRF). Security isn't even always black and white. In order to create a more secure user experience, we need to understand how people think. Perception is as important as reality, and meeting user expectations is a fundamental of good security. In this multifarious talk, I'll explore topics such as change blindness and ambient signifiers, and I'll show some real-world examples that demonstrate the profound impact human behavior can have on security.

About the speaker

This person is speaking at this event.
Chris Shiflett

Apologetic pedant. Partner at @fictivekin. Husband to @christinabklyn. Father to @teganshiflett, @killianshiflett, and @rileyshiflett. Just moved to Boulder.

Coverage of this session

Sign in to add slides, notes or videos to this session

Tell your friends!

Short URL


Official event site


View the schedule



Books by speaker

  • Essential PHP Security
  • HTTP Developer's Handbook

See something wrong?

Report an issue with this session