Looking for trouble: understanding end-user security management
Proceedings of the 2007 symposium on Computer human interaction for the management of information technology
Improving security decisions with polymorphic and audited dialogs
Proceedings of the 3rd symposium on Usable privacy and security
End user concern about security and privacy threats
Proceedings of the 3rd symposium on Usable privacy and security
Sesame: informing user security decisions with system visualization
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Exploring User Reactions to New Browser Cues for Extended Validation Certificates
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
Privacy and security: Usable security: how to get it
Communications of the ACM - Scratch Programming for All
Adaptive Security Dialogs for Improved Security Behavior of Users
INTERACT '09 Proceedings of the 12th IFIP TC 13 International Conference on Human-Computer Interaction: Part I
THE WAY I SEE IT: When security gets in the way
interactions - Catalyzing a Perfect Storm
Multitasking and monotasking: the effects of mental workload on deferred task interruptions
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Malicious interface design: exploiting the user
Proceedings of the 19th international conference on World wide web
How and why pop-ups don't work: Pop-up prompted eye movements, user affect and decision making
Computers in Human Behavior
Informing security indicator design in web browsers
Proceedings of the 2011 iConference
Reinforcing bad behaviour: the misuse of security indicators on popular websites
Proceedings of the 22nd Conference of the Computer-Human Interaction Special Interest Group of Australia on Computer-Human Interaction
Hi-index | 0.00 |
States of the science and practice agree on the failure of security application to engage end users in the assurance of security and privacy in everyday personal computing. We propose as the cause an underlying irrational interface model of security related applications. Irrational Interfaces are counterproductive because they minimize the intended software utility and pay-off. In the case of security interactions, utility is minimized by the assumption of security primacy and the alienation of end user from the decision making process through disruptive messaging and disengaging content. Therefore effective security dialogues must be based on a rational interaction model. We present a small set of simple guidelines based on cognitive psychological research for polite interactions that appropriately optimize user engagement during tasks that users perceive as secondary. The guidelines for secure applications that politely interact with the end user are supported by a pay-off matrix that can be used to predict and evaluate rational secure interface performance. The rational, polite interface is a radical paradigm shift for security applications' design because it integrates end users as active stakeholders and resources in the assurance of security and privacy.