Evoking comprehensive mental models of anonymous credentials

Authors:
Erik Wästlund;Julio Angulo;Simone Fischer-Hübner
Affiliations:
Karlstad University, Karlstad, Sweden;Karlstad University, Karlstad, Sweden;Karlstad University, Karlstad, Sweden
Venue:
iNetSec'11 Proceedings of the 2011 IFIP WG 11.4 international conference on Open Problems in Network Security
Year:
2011

Citing 8
Cited 0

Security without identification: transaction systems to make big brother obsolete

Communications of the ACM
Mental models: towards a cognitive science of language, inference, and consciousness

Mental models: towards a cognitive science of language, inference, and consciousness
Operationalizing mental models: strategies for assessing mental models to support meaningful learning and design-supportive learning environments

CSCL '95 The first international conference on Computer support for collaborative learning
An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation

EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Making PRIME usable

SOUPS '05 Proceedings of the 2005 symposium on Usable privacy and security
Securing user inputs for the web

Proceedings of the second ACM workshop on Digital identity management
Why Johnny can't encrypt: a usability evaluation of PGP 5.0

SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
Mental Models: Aligning Design Strategy with Human Behavior

Mental Models: Aligning Design Strategy with Human Behavior

Quantified Score

Hi-index	0.00

Visualization

Abstract

Anonymous credentials are a fundamental technology for preserving end users' privacy by enforcing data minimization for online applications. However, the design of user-friendly interfaces that convey their privacy benefits to users is still a major challenge. Users are still unfamiliar with the new and rather complex concept of anonymous credentials, since no obvious real-world analogies exists that can help them create the correct mental models. In this paper we explore different ways in which suitable mental models of the data minimization property of anonymous credentials can be evoked on end users. To achieve this, we investigate three different approaches in the context of an e-shopping scenario: a card-based approach, an attribute-based approach and an adapted card-based approach. Results show that the adapted card-based approach is a good approach towards evoking the right mental models for anonymous credential applications. However, better design paradigms are still needed to make users understand that attributes can be used to satisfy conditions without revealing the value of the attributes themselves.