1 UNIVERSITÉ DU QUEBÉC À MONTRÉAL INTEGRATING A USABLE SECURITY PROTOCOL FOR USER AUTHENTICATION INTO THE REQUIREMENTS AND DESIGN PROCESS DISSERTATION PRESENTED AS PARTIAL FULFILLMENT OF THE DOCTORATE IN COGNITIVE COMPUTlNG BY CHRISTINA BRAZ SEPTEMBER 201 1
2 UNIVERSITÉ DU QUÉBEC À MONTRÉAL Service des bibliothèques Avertissement La diffusion de cette thèse se fait dans le respect des droits de son auteur, qui a signé le formulaire Autorisation de reproduire et de diffuser un travail de recherche de cycles supérieurs (SDU-522 Rév ). Cette autorisation stipule que «conformément à l'article 11 du Règlement no 8 des études de cycles supérieurs, (l'auteur) concède à "Université du Québec à Montréal une licence non exclusive d'utilisation et de publication de la totalité ou d'une partie importante de (son) travail de recherche pour des fins pédagogiques et non commerciales. Plus précisément, (l'auteur) autorise l'université du Québec à Montréal à reproduire, diffuser, prêter, distribuer ou vendre des copies de (son) travail de recherche à des fins non commerciales sur quelque support que ce soit, y compris l'internet. Cette licence et cette autorisation n'entraînent pas une renonciation de (la) part (de l'auteur) à (ses) droits moraux ni à (ses) droits de propriété intellectuelle. Sauf entente contraire, (l'auteur) conserve la liberté de diffuser et de commercialiser ou non ce travail dont (il) possède un exemplaire.
3 lt1'jiversité DU QUÉBEC À MONTRÉAL L'INTÉGRATION D'UN PROTOCOLE DE SÉCURITÉ ET D'UTILISABILITÉ POUR L'AUTHENTIFICATION DES UTILISATEURS/TRICES DANS LA PHASE D'ANALYSE DES BESOINS ET DE CONCEPTION THÈSE PRÉSENTÉE COMME EXIGENCE PARTIELLE DU DOCTORAT EN INFOR1vfATIQUE COGNITIVE PAR CHRISTINA BRAZ SEPTEMBRE 20Il
4 ACKNOWLEDGMENTS A doctoral thesis is not a work of a single person; every thesis is inevitably the outcome of many interactions between the author, the author's advisors, peers, colleagues, friends, and family. My thanks to my thesis advisors Prof. Dr. Pierre Poirier and Prof. Dr. Ahmed Seffah for whom 1 have a profound admiration. They have worked with me for years to produce this research work. They have shared with me their time, resources, and judgment. They have guided me and helped me improve several sections of my thesis with regards of errors in thinking, purpose and presentation. Finally, 1 would like to express my thanks, appreciation and gratitude to my family who have sustained me on this colossal project.
5 TABLE OF CONTENTS ACKNOWLEDGMENTS TABLE OF CONTENTS LIST OF FIGURES LIST OF TABLES ABSTRACT RÉSUMÉ CHAPTER 1 INTRODUCTION Creating Systems that are Both Secure and Usable 1 J.2 Justification for the Research The Challenging Issues - Why Authentication? Strong Authentication Il Authentication Methods - Vulnerabilities Still Remain 14 J.3 Research Objectives Assumptions and Hypotheses Human Computer Interaction Security (HCISec) Conferences in Usable Security Types ofusers Thesis Roadmap 23 CHAPTER II REVlEW OF THE STATE OF THE ART Introduction User Authentication The context of Authentication in Computer Security Elements of User Authentication Architectural Design Patterns in Authentication Authentication Factors User Authentication Methods Passwords and PINs Authentication Tokens Non-Contact Tokens One-Time Passwords (OTP) C-R Authentication Contact Tokens Digest Access Authentication Out-Of-Band Authentication (OOBA) 53 ii iii viii x XI XII
6 Risk-Based Authentieation (REA) Public Key Authentieation Eneryption Digital Signatures No Usability Features ofpki Single Sign-On (SSO) Kerberos Biometries Fingerprint Recognition Optieal Recognition Facial Recognition Voice/Speaker Recognition Signature Recognition Keystroke Recognition Under-Skin RFlD Chip - AuthenLink Biometries Trade-Offs - Usable Seeurity To Whom Authentieation ls Targeted? Comparative Analysis of User Authentieation Methods The GOMS Model Engineering Models for Usable Interface Design GOMS: A Method for Cognitive Task Analysis How to Develop a GOMS Model? Natural GOMS Language (NGOMSL) Cognitive Complexity Theory NGOMSL Steps Development Proeess Learning Time Predictions Execution time predictions NGOMSL Methodology NGOMSL Limitations Usability and Usable Seeurity Usability Inspection Methods l General usability principles ("heuristics") for User Interface Design Cognitive Walkthrough GOMS Model Additional Usability Evaluation Methods Usable Security Principles and Guidelines Computer Security Design Principles Design Guidelines For Security Management Systems Guidelines and Strategies For Secure Interaction Design Design Principles and Patterns for Aligning Security and Usability Criteria for Security Software to Be Usable Additional Criteria for Security Software to Be Usable General Security Usability Principles 125 IV
7 v CHAPTER III THE USABLE SECURITY PROTOCOL Introduction The Usable Security Protocol Methodology Introduction The Usable Security Protocol Architecture and Methodology Step 1: Define the mission and conceptual design objective Step 2: Identify the most representative user authentication methods categories Step 3: Develop the NGOMSL Model (Natural Goals, Methods, Selection Language) Standard Primitive External Operators Standard Primitive Mental Operators Analyst-Defined Mental Operators Total Execution Time and Total Learning Time A Time Level Analysis of the NGOMSL Step 4: Develop the Authcntication Risk Assessment Matrix Step 5: Generate the usable security principles Step 6: Formulate the Usable Security Symmetry (USS) Step 7: Demonstrate the Usable Security Symmetry (USS) The Usable Security Protocol Methodology Reuse 211 CHAPTERIV THE COGNITIVE SCIENCE AXIS Introduction Cognitive Ergonomies Methods The Cognitive Approach Gathering information Information processing Process Modeling Simulation Main Cognitive Areas offocus Relating to User Authentication Perception Memory Encoding Storage Sensory Memory Working Memory (or Short-Term Memory) Long-Term Memory (LTM) Information Retrieval Recall Recognition 234
8 VI Password Memorability Issues Password Policies Varying Systems Mental Models The Cognitive Model of User Authentication (CMUA) Why to Use a Cognitive Architecture? GLEAN3 Cognitive Architecture SOAR Cognitive Architecture CMUA Cognitive Architecture CM UA Components CMUA Processing Cycle 253 CHAPTER V THE COMPUTER SCIENCE AXIS Introduction Security as a Usability Characteristic Usability Factors and Usability Criteria Mapping 261 5J.l User Authentication Use Cases 265 5J.2 Demonstrating the USS using a Multifunction Teller Machine The Usable Security Symmetry (USS) Inspection Method Definition Usable Security Protocol (USP) Sub-Methodology Usable Security Symmetry (USS) Inspection Method Severity Ratings Usability Severity Ratings Usability Severity Ratings and Recommendations for MTM Security Severity Ratings Security Severity Ratings and Recommendations for MTM Applicability ofuss in the AMDLC The Demonstrational Approach Demonstration ofone-time-password (OTP) Wireless Network Hardware Token with OTP Functionality Personalldentification Number (PIN) Tokencode How the OTP Demonstration Works? System Requirements Demonstration Steps One-Time-Password (OTP) Usability Testing Objectives of the OTP Usability Testing Testing Tools Testing session Testing Methods - Participant Tasks 388
9 VII Data Results Findings Summary One-Time-Password (OTP) Usability Issues - Discussion 390 CHAPTER VI CONCLUSIONS AND FUTURE WORK Summary of the Research Work Scientific Contributions Practical Observations on the Impact of USS in Corporate and Academie Environments 400 6A Limitations Future Work and Recommendations The Future of User Authentication.407 REFERENCES APPENDIX A COMPARATIVE ANALYSIS OF USER AUTHENTICATION METHOOS.425 A.I Introduction 425 APPENDIX B DATA GATHERING.452 B.] Introduction 452 APPENDIX C CHECKLlST DEVELOPMENT C.l Introduction APPENDIX 0 USABLE SECURITY PROTOCOL (USP) REUSE METHODOLOGY Introduction Design Artifacts for Reuse Usable Security Symmetry (USS) Inspection Method Quick Setup.464 APPENDIX E THE GOMS FAMILY: WHICH TECHNIQUE TO USE?.466 E.l NGOMSL versus CPM-GOMS, KLM, and CMN-GOMS.466 E.2 GOMS Models Comparative Analysis.467 E.3 Why GOMS Model When Compared With Other CTAs?.473 E.3.1 Characterizing the User's Tasks.474 E.3.I.l Locus ofcontrol.475 E Goal-Directness 475 E Skill Dimension of Tasks 475 E Sequential Versus Parallel Activity.476 EA Why GOMS? 476 EA.l During Design - GOMS Analysis Guiding the Design.478
10 LIST OF FIGURES 1.1 Usability and Security trade-off: A coounon solution based on a compromise Artifacts with which users might interact with: An authentication token, a wireless device, and a Web interface 1.3 Percentages of key types of incident 9 la Levels of security AutoFill Code improving usability in user authentication User authentication in an ideal organization's security framework The Authentication Marketplace 31 2A The elements of the authentication process Direct Authentication when a client and service share a trust relationship Broker Authentication RSA SecurlD 700 hardware authenticator with One-Time Password (OTP) The password authentication process RSA SecurlD Token for BlackBerry SafeWord RemoteAccess RSA SecurID for iphones DigiPass Go Authentication via OTP CAPTCHA: Tel1ing Humans and Computers Apart Automatically SiteKey helps prevent unauthorized access to lisers' accollnts RSA SecurlD 800 with One-Time Password Magnetic stripe token VeriSign Secure StorageToken Digest Access Authentication's window login in Firefox SafePass Mobile The RSA Engine 56 6
11 IX 2.22 A network authentication method: Kerberos Biometrie authentication process Eikon To Go fingerprint reader Fingerprint recognition scheme BioEnable Facelt Argus: facial recognition system from Llldentity This is a voiceprint for the passphrase: "My voice is my password" Dynamic signature verification from Cyber SIGN Balancing security and usability The GOMS Model Method for selecting a word The optimal number ofusability evaluators: benefits versus costs The USP architecture and methodology USP Input, Process, Output Hard-coded password Java code snippet Reusability Pyramid (Gautam & al 2007) Worksystem and a domain The three-stage processing model of memory Classification ofmemory Mental Models A basic cognitive architecture The GLEAN3 cognitive architecture The SOAR (State Operator And Result) architecture The CMUA cognitive architecture \ Authentication Method Development Life Cycle Security as a usability characteristic Tokencode: a six-digit number 381
12 LIST OF TABLES 1.1 Percentages of key types of incident Guide to Understanding Identification and Authentication in Trusted Systems 2.2 Do the 8 golden rules of user interface design apply to security systems? The "six password broken rules", and their corresponding usability and security mismatches 2.4 Summarized comparative analysis of user authentication methods Total Execution Time by task scenario Execution time by task scenario, authentication method type, and method for goal 3.3 Authentication Risk-Assessment Matrix Username and Password Guessing ' Usability Factors and Usability Criteria Mapping for a MTM User authentication use cases Usable Security Symmetry inspection method - data visualization Usable Security Symmetry checklist Example of a usability problem and its severity rate Example of a security problem and its usability criterion and severity rate
13 ABSTRACT Security and usability are both essentiaj in user authentication processes. One of the biggest challenges facing heterogeneous organizations is providing access control systems, to logical as we]] as physical resources, that are both secure and usable. To achieve this, it is initially necessary to implement three indispensable components such as Identification (Who does this user claims 10 be?), Authentication (ls this user infact who s/he claims to he?), and Authorization (Is this user authorized to have the resource or service that s/he is requesling?). Inquiry particularly on user authentication is vital. Without authentication, a computer system often has no foundation for establishing if access should be granted or not. So far, there has been very little research on usabje security of user authentication methods although a considerable body of research work has been made for computer security mechanisms in general other than authentication methods. Therefore a usable security protocol is needed for user authentication. My thesis is that there is an intrinsic conflict between creating systems that are secure and systems that are usable. But usability and security can be made synergistic by providing requirements and design tools with specific usable security principles earlier in the requirements and design phase. ln certain situations it is -possible to concurrently increase usability and security by revisiting design decisions that were made in the pasto ln other situations it is possible to align security and usability by changing the regulatory environment in which the computers operate. To these ends, this thesis's main goal is not to address usability and security after the product (authentication method) has been manufactured, but to make security a natural outcome of the requirements and design phase of the authentication method development life cycle. Keywords: user authentication, usability, computer security, access control.
14 RÉSUMÉ L'utilisabilité et la sécurité sont des éléments cruciaux dans le processus d'authentification des utilisateurs. L'un des défis majeurs auquel font face les organisations aujourd'hui est d'offrir des systèmes d'accès aux ressources logiques (par exemple, une application informatique) et physiques (par exemple, un bâtiment) qui soient à la fois sécurisées et utilisables. Afin d'atteindre ces objectifs, il faut d'abord mettre en œuvre les trois composantes indispensables que sont l'identification (c.-à-d., définir [' identité d'un uti! isateur), l'authenti fication (c.-à-d., vérifier l'identité d'un uti 1isateur) et l'autorisation (c.-à-d., accorder des droits d'accès à un utilisateur). Plus particulièrement, la recherche en authentification de l'utilisateur est essentielle. Sans authentification, par exemple, des systèmes informatiques ne sont pas capables de vérifier si un utilisateur demandant l'accès à une ressource possède les droits de le faire. Bien que plusieurs travaux de recherche aient porté sur divers mécanismes de sécurité, très peu de recherches jusqu'à présent ont porté sur l'utilisabilité et la sécurité des méthodes d'authentification des utilisateurs,. Pour cette raison, il nous paraît nécessaire de développer un protocole d'utilisabilité et de sécurité pour concevoir les méthodes d'authentification des utilisateurs. La thèse centrale de ce travail de recherche soutient qu'il y a un conflit intrinsèque entre la création de systèmes qui soient sécurisés et celle de systèmes qui soient facile d'utilisation. Cependant, ]'utilisabilité et la sécurité peuvent être construites de manière synergique en uti lisant des outi ls d'analyse et de conception qu i incluent des principes d'utilisabilité et de sécurité dès l'étape d'analyse et de Conception de la méthode d'authentification. Dans certaines situations il est possible d'améliorer simultanément l'utilisabilité et la sécurité en revisitant les décisions de conception prises dans le passé. Dans d'autres cas, il est plus avantageux d'aligner l'utilisabilité et la sécurité en changeant l'environnement régulateur dans lequel les ordinateurs opèrent. Pour cette raison, cette thèse a comme objectif principal non pas d'adresser l'utilisabilité et la sécurité postérieurement à la fabrication du produit final, mais de faire de la sécurité un résultat naturel de l'étape d'analyse et de Conception du cycle de vie de la méthode d'authentification. Mots-clé: authentification de ['utilisateur, utilisabilité, sécurité informatique, contrôle d'accès.
15 CHAPTER 1 INTRODUCTION 1.1 Creating Systems that are 80th Secure and Usable This chapter describes the research objectives and approach, the justification for the research, the economics of strong user authentication, and the main hypothesis of this research. AIl systems demand sorne form of user account. A user is a single entity whose behavior is solely identified within a computer-based system (i.e. Personal Digital Assistant (PDA), workstation, server login, Web sites, etc.). Individual users classically correspond to individual people, but they might also represent particular system services or resources. Most accounts are protected by an easy keyboard password that even a novice hacker can crack in less than 10 minutes. Once inside, hackers use the attacked account for a diversity of nefarious activities, such as launching distributed denial of service (DOS) attacks, distorting Web sites, stealing billing and credit card information or making counterfeit purchases. A new report from Penn (2008) Forrester Research shows that security spending is on the rise in sorne enterprises. The Cambridge, Massachusetts-based research firm interviewed practically 1,000 firms for its State of Enterprise IT Security: report and found that the security segment of lnformation Technology (IT) budgets is expected to increase 12.6 percent in 2009, up from 7.2 percent in 2007 and Il.7 percent in As a matter of fact even during difficult economic conditions, IT security remains an essential portion of business operations as enterprises try to preserve their current environment as well as plans for the implementation of novel initiatives. Security is getting a bigger portion of the IT pie, with the focus less on reactive vulnerability defenses and more on looking at what is required to protect businesses. The focus now is more on protecting the data itself which means information security.
16 2 Distribution of budget for new security initiatives, information security, has increased from 17.7 percent in 2008 to 18.5 percent in There has been a major shift from what was the broadly recognized state of security just a few years ago. Protecting the organization's information assets is the top concern facing security programs: data security (90 percent) is most frequently mentioned as a vital concern for IT security organizations, followed by application security (86 percent), and business continuity/disaster recovery (84 percent). Data security as weil tops the list of business objectives for security, with 89 percent mentioning protection of corporate data and 87 percent mentioning protection of persona! data as essential business objectives. Most of this 2008 spending on information security countermeasures has purchased confidentiality and integrity solutions: products like firewal1s to protect the information perimeter of an enterprise (or encryption), Virtual Private Networks (VPNs)!, and anti-virus and intrusion detection to safeguard the actual information. Spending on user authentication products to safely identify users has foljowed in the security market. Inefficient user authentication marginalizes perimeter security and access controls, showing vulnerabilities in the confidentiality and integrity areas. The growing trend toward identity theft, or employing stolen names, birthdays and identification numbers to perpetrate fraud, would meet firm resistance if strong authentication practices were universally employed. Privacy violations take place as weil due to compromised user authentication. Authentication is behind confidentiality and integrity because exactly identifying huge numbers of users has proven a costly and overwhelming task. The central research question of this thesis is the foljowing: How is it possible to ensure usability of user authentication without compromising security and vice-versa? Security and usability are both essential 111 the authentication process. 1t is broadly held that security and usability are two opposing goals in system design 1 A YPN is a network that uses a public telecommunication infrastructure, such as the Internet. to provide remote offices or individual users wilh secure access 10 their organizalion's network.
17 3 (Cranor and Garfinkel, 2005; J0sang et 01.,2007; Nielsen, 2000) but there are several cases in which security and usability can be synergistically enhanced by reviewing the usable security approach. In addition, the human portion of computer security is effortlessly exploited and continually overlooked. Companies spend millions of dollars on firewalls, encryption and secure access devices, but most of the time they forget to address issues related to the weakest link in the security chain: the human being. In considering the extent that users are important in the authentication process, a company's goal is to select an Authentication Method (AM) that is suitable to the risk involved and as easy to use as possible. Applying too Iowa level of security might compromise the integrity of the company's process. But applying too high a level for a low-risk process means the process will be too hard and will confront low adoption rates. As stated by Penn (2()O~), the key criteria when assessing such solutions are ease of use, portabil ity, cost, security, manageabili ty, and cross-channel utility. My thesis is that there is an intrinsic conflict between creating systems that are secure and systems that are usable. But usability and security can be made synergistic by providing requirements and design tools with specifie usability and security principles earlier in the requirements and design phase. In certain situations it is possible to concurrently increase usability and security by revisiting design decisions that were made in the past. ln other situations it is possible to align security and usability by changing the regulatory environment in which the computers operate. To these ends, this thesis's goal is not to address usability and security after the product (authentication method) has been manufactured, but to make security a natural outcome of the requirements and design phase of the authentication method development life cycle.
18 4 1.2 Justification for the Research Security and usability are both essential in user authentication processes. One of the biggest challenges facing heterogeneous organizations is providing access control systems, to logical as weil as physical resources, that are both secure and usable. To achieve this, it is initially necessary to implement three indispensable components such as Identification (Who does this user daims to be?), Authentication (1s this user infact who s/he daims to be?), and Authorization (1s this user authorized to have the resource or service that s/he is requesting?). Inquiry particularly on user authentication is vital. Without authentication, a computer system often has no foundation for establishing if access should be granted or not. Furthermore, the majority of contemporary computer users for example need to authenticate to a company network several times during their work day. Another particular concern in authentication according to Cranor and Garfinkel (2005) is that authentication systems do not fai! gracefully. It means that if an average consumer computer user forgets her usemame but gets right the password the system does not enable her partial access to an online magazine, for instance, or for an average corporate computer user access to the system's less important files, or an emergency or temporary access. However there are a few companies that are in the initial stages of implementing sorne of these ''fai! grace[ully" functionalities 2 in the corporate area. There is no established and recognized mechanism to accommodate user error, which means that most likely the productivity will be strongly compromised and the user's dissatisfaction with the system will be high. Figure 1.\ models the relationship between usability and security. General princip les for User Interface Design (UID) have already been weil recognized in the Human Computer Interaction (HCI) field. These general principles 2 Users who have lost their hardware authenticator, for instance, can still log in to their accounts with an emergency access code through the on-demand authentication method, without having to contact the system administrator. RSA SecurlD On-demand (SMS) Authenticator. RSA - The Security Division of EMC <http://www.rsa.com/node.aspx?id=348)>
19 5 are called "heuristics" because they are more in the nature of rules of thumb than specifie usability guidelines (Molich and Nielsen, 1990) (e.g. "User Control and Freedom" is one ofthese principles). Context of Use Intimate Causes Effects Relationship, , Problem ~ Problem Usability Scenario Security Scenario Ideal Solution based on HCI Principle and Measures, -- Ideal Solution based on Security Principle and Measur;? Figure 1.1: Usability and Security Trade-off: A Common Solution Based on a Compromise (Braz and Seffah, 2007). So far, there has been very little research on the security usability of user authentication methods, although a considerable body of research work in usable security (a terminology adopted in this thesis when referring to security and usability) has been made for computer security mechanisms in general other than authentication methods. Therefore a usable security protocol is needed for user authentication. This thesis defines the concept of Usable Security as the study of how security infonnation and usability factors should be handled in either front-end or back-end user authentication processes, taking into consideration resources and costs. But why take front-end/back-end processes into consideration? Graphical User Interface (GUI) Developers should have knowledge of user interface design, and tools for implementing designs correctly. This knowledge will result in better front-end design, minimize the number of bugs in the software, and result in lower development costs per feature. GUI Developers should be assigned responsibility for accurate
20 6 implementation of front-end design, as well as back-end functionality. GUI Developers should understand interface issues sufficiently weil to know when to raise design issues during implementation, rather than disregarding them or implementing them inaccurately. lt is crucial to note that the tenn -interface- in this thesis is not only related ta GUI, but also to a shared limit through which the information flows (Maffezzini, 2006). It consists of a hardware or software component that makes the junction between the interface and the user with the purpose of transiting information between them (e.g. an atp token is an interface between the autbentication server and the user) (Figure 1.2). Hardware Token User VVeb Interface Figure 1.2: abjects with which users might interact: An authentication token J, a wireless device, and a Web interface. According to Sasse (2004), one of the most recognized researchers in usable security-, "Don't focus on Uis to security tools - the big problems are in security requirements, job design and user involvement." That is exactly what this thesis is ail about: requirements and design. Additionally, according to Whitten and Tygar (1999), most of the research in HCISec focuses on providing better UIs, but it is obvious that usability problems with secure systems are more than only Uis and need application of HCI factors and design methodology. Whitten and Tygar (1999) claim that using conventional methods for usabi lity evaluation that concentrate on the 3
21 7 impact of usability on security effectiveness will assist developers to discover usability probjems that threaten-i security. Both analytical and empiricaj evaluations were performed in testing the usability goals of Pretty Good Privacy (PG P) Desktop software (i.e. public keyencryption software for desktops and laptops) (Whitten and Tygar, 1998). A number of usability problems causing security failures were discovered in the study, providing the foundation in the Whitten and Tygar (1999) study that specifie usability goals are needed for usability evaluation of security mechanisms. It is important to note that the PGP software has been cited throughout this dissertation as an example of public key authentication. This is due ta the fact that PGP is one of the most common solutions for encryption, supports -major security standards, and interoperates with most accepted security software solutions. The value of usable security was pointed out as early as 1883 by the Belgian cryptographer and linguist Auguste Kerckhoffs in two articles on cryptography. Kerckhoffs is most famous for establishing the principle that security should not be based on obscurity. Moreover, four out of six of Kerckhoffs' cipher principles of design (Kerckhoffs, 1883) are related to usable security (3 to 6) in bold) as follows: 1. The system must be practically, ifnot mathematically, indecipherable; 2. It must not be required to be secret, and it must be able to fall into the hands of the enemy without inconvenience; 3. lts key must be communicable and retainable without the help of written notes, and changeable or modifiable at the will of the correspondents; 4. It must be applicable to telegraphic correspondence; 5. It must be portable, and its usage and function must not require the concourse of several people; 6. Finally, it is necessary, given the circumstances that command its application that the system should be easy to use, requiring neither mental strain nor the knowledge of a long series of rules to observe.