Johnny 2: a user test of key continuity management with S/MIME and Outlook Express
SOUPS '05 Proceedings of the 2005 symposium on Usable privacy and security
Why Johnny can't encrypt: a usability evaluation of PGP 5.0
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
Email-Based Identification and Authentication: An Alternative to PKI?
IEEE Security and Privacy
FlyByNight: mitigating the privacy risks of social networking
Proceedings of the 7th ACM workshop on Privacy in the electronic society
Timing is everything?: the effects of timing and placement of online privacy indicators
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Waterhouse: enabling secure e-mail with social networking
CHI '09 Extended Abstracts on Human Factors in Computing Systems
Privacy-enabling social networking over untrusted networks
Proceedings of the 2nd ACM workshop on Online social networks
Research Methods in Human-Computer Interaction
Research Methods in Human-Computer Interaction
Oops, I did it again: mitigating repeated access control errors on facebook
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Scramble! your social network data
PETS'11 Proceedings of the 11th international conference on Privacy enhancing technologies
Third-party apps on Facebook: privacy and the illusion of control
CHIMIT '11 Proceedings of the 5th ACM Symposium on Computer Human Interaction for Management of Information Technology
Using data type based security alert dialogs to raise online security awareness
Proceedings of the Seventh Symposium on Usable Privacy and Security
Privacy: is there an app for that?
Proceedings of the Seventh Symposium on Usable Privacy and Security
Musubi: disintermediated interactive social feeds for mobile devices
Proceedings of the 21st international conference on World Wide Web
All our messages are belong to us: usable confidentiality in social networks
Proceedings of the 21st international conference companion on World Wide Web
TrustSplit: usable confidentiality for social network messaging
Proceedings of the 23rd ACM conference on Hypertext and social media
Confidentiality as a Service -- Usable Security for the Cloud
TRUSTCOM '12 Proceedings of the 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications
A Research Agenda Acknowledging the Persistence of Passwords
IEEE Security and Privacy
Confused Johnny: when automatic encryption leads to confusion and mistakes
Proceedings of the Ninth Symposium on Usable Privacy and Security
Hi-index | 0.00 |
Several billion Facebook messages are sent every day. While there are many solutions to email security whose usability has been extensively studied, little work has been done in the area of message security for Facebook and even less on the usability aspects in this area. To evaluate the need for such a mechanism, we conducted a screening study with 514 participants, which showed a clear desire to protect private messages on Facebook. We therefore proceeded to analyse the usability of existing approaches and extracted key design decisions for further evaluation. Based on this analysis, we conducted a laboratory study with 96 participants to analyse different usability aspects and requirements of a Facebook message encryption mechanism. Two key findings of our study are that automatic key management and key recovery capabilities are important features for such a mechanism. Following on from these studies, we designed and implemented a usable service-based encryption mechanism for Facebook conversations. In a final study with 15 participants, we analysed the usability of our solution. All participants were capable of successfully encrypting their Facebook conversations without error when using our service, and the mechanism was perceived as usable and useful. The results of our work suggest that in the context of the social web, new security/usability trade-offs can be explored to protect users more effectively.