A brick wall, a locked door, and a bandit: a physical security metaphor for firewall warnings

Authors:
Fahimeh Raja;Kirstie Hawkey;Steven Hsu;Kai-Le Clement Wang;Konstantin Beznosov
Affiliations:
University of British Columbia, Vancouver, Canada;Dalhousie University, Halifax, Canada;University of British Columbia, Vancouver, Canada;University of British Columbia, Vancouver, Canada;University of British Columbia, Vancouver, Canada
Venue:
Proceedings of the Seventh Symposium on Usable Privacy and Security
Year:
2011

Citing 18
Cited 1

Minimising conceptual baggage: making choices about metaphor

HCI '94 Proceedings of the conference on People and computers IX
Conceptual Design Reconsidered: The Case of the Internet Session Directory Tool

HCI 97 Proceedings of HCI on People and Computers XII
Did You Ever Have To Make Up Your Mind? What Notes Users Do When Faced With A Security Decision

ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
Social navigation as a model for usable security

SOUPS '05 Proceedings of the 2005 symposium on Usable privacy and security
Do security toolbars actually prevent phishing attacks?

Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Decision strategies and susceptibility to phishing

SOUPS '06 Proceedings of the second symposium on Usable privacy and security
Security user studies: methodologies and best practices

CHI '07 Extended Abstracts on Human Factors in Computing Systems
The Emperor's New Security Indicators

SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
Sesame: informing user security decisions with system visualization

Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
You've been warned: an empirical study of the effectiveness of web browser phishing warnings

Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
A framework for reasoning about the human in the loop

UPSEC'08 Proceedings of the 1st Conference on Usability, Psychology, and Security
Revealing hidden context: improving mental models of personal firewall users

Proceedings of the 5th Symposium on Usable Privacy and Security
Mental models of security risks

FC'07/USEC'07 Proceedings of the 11th International Conference on Financial cryptography and 1st International conference on Usable Security
Do windows users follow the principle of least privilege?: investigating user account control practices

Proceedings of the Sixth Symposium on Usable Privacy and Security
The impact of social navigation on privacy policy configuration

Proceedings of the Sixth Symposium on Usable Privacy and Security
Folk models of home computer security

Proceedings of the Sixth Symposium on Usable Privacy and Security
Crying wolf: an empirical study of SSL warning effectiveness

SSYM'09 Proceedings of the 18th conference on USENIX security symposium
It's too complicated, so i turned it off!: expectations, perceptions, and misconceptions of personal firewalls

Proceedings of the 3rd ACM workshop on Assurable and usable security configuration

Usability issues in security

SP'12 Proceedings of the 20th international conference on Security Protocols

Quantified Score

Hi-index	0.00

Visualization

Abstract

We used an iterative process to design firewall warnings in which the functionality of a personal firewall is visualized based on a physical security metaphor. We performed a study to determine the degree to which our proposed warnings are understandable for users, and the degree to which they convey the risks and encourage safe behavior as compared to text warnings based on those from a popular personal firewall. The evaluation results show that our warnings facilitate the comprehension of warning information, better communicate the risk, and increase the likelihood of safe behavior. Moreover, they provide participants with a better understanding of both the functionality of a personal firewall and the consequences of their actions.