IEEE Transactions on Software Engineering - Special issue on computer security and privacy
Design for conversation: lessons from Cognoter
International Journal of Man-Machine Studies - Computer-supported cooperative work and groupware. Part 1
Access control for collaborative environments
CSCW '92 Proceedings of the 1992 ACM conference on Computer-supported cooperative work
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Real time groupware as a distributed system: concurrency control and its effect on the interface
CSCW '94 Proceedings of the 1994 ACM conference on Computer supported cooperative work
Pulsar: an extensible tool for monitoring large Unix sites
Software—Practice & Experience
Cryptanalysis of Microsoft's point-to-point tunneling protocol (PPTP)
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
Flexible meta access-control for collaborative applications
CSCW '98 Proceedings of the 1998 ACM conference on Computer supported cooperative work
NSPW '96 Proceedings of the 1996 workshop on New security paradigms
Communications of the ACM
Security service level agreements: quantifiable security for the enterprise?
Proceedings of the 1999 workshop on New security paradigms
Privacy in e-commerce: examining user scenarios and privacy preferences
Proceedings of the 1st ACM conference on Electronic commerce
Operating system enhancements to prevent the misuse of system calls
Proceedings of the 7th ACM conference on Computer and communications security
End-to-end arguments in system design
ACM Transactions on Computer Systems (TOCS)
Proceedings of the 2000 workshop on New security paradigms
Design and evaluation of a wide-area event notification service
ACM Transactions on Computer Systems (TOCS)
Rethinking the design of the Internet: the end-to-end arguments vs. the brave new world
ACM Transactions on Internet Technology (TOIT)
E-privacy in 2nd generation E-commerce: privacy preferences versus actual behavior
Proceedings of the 3rd ACM conference on Electronic Commerce
Pretty good persuasion: a first step towards effective password security in the real world
Proceedings of the 2001 workshop on New security paradigms
Secrets & Lies: Digital Security in a Networked World
Secrets & Lies: Digital Security in a Networked World
Privacy critics: UI components to safeguard users' privacy
CHI '99 Extended Abstracts on Human Factors in Computing Systems
Unpacking "privacy" for a networked world
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Usability and privacy: a study of Kazaa P2P file-sharing
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Making Passwords Secure and Usable
HCI 97 Proceedings of HCI on People and Computers XII
Toward a Taxonomy and Costing Method for Security Services
ACSAC '99 Proceedings of the 15th Annual Computer Security Applications Conference
Calculating costs for quality of security service
ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference
An approach to usable security based on event monitoring and visualization
Proceedings of the 2002 workshop on New security paradigms
Visualizing the global topology of the MBone
INFOVIS '96 Proceedings of the 1996 IEEE Symposium on Information Visualization (INFOVIS '96)
Incremental assurance for multilevel applications
ACSAC '97 Proceedings of the 13th Annual Computer Security Applications Conference
An infrastructure for supporting ubiquitous awareness
An infrastructure for supporting ubiquitous awareness
The design of a configurable, extensible and dynamic notification service
Proceedings of the 2nd international workshop on Distributed event-based systems
Security in the wild: user strategies for managing security as an everyday, practical problem
Personal and Ubiquitous Computing
Listening in: practices surrounding iTunes music sharing
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Two experiences designing for effective security
SOUPS '05 Proceedings of the 2005 symposium on Usable privacy and security
Déjà Vu: a user study using images for authentication
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
Why Johnny can't encrypt: a usability evaluation of PGP 5.0
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
Two experiences designing for effective security
SOUPS '05 Proceedings of the 2005 symposium on Usable privacy and security
Social navigation as a model for usable security
SOUPS '05 Proceedings of the 2005 symposium on Usable privacy and security
Towards an architectural treatment of software security: a connector-centric approach
SESS '05 Proceedings of the 2005 workshop on Software engineering for secure systems—building trustworthy applications
Striving for versatility in publish/subscribe infrastructures
SEM '05 Proceedings of the 5th international workshop on Software engineering and middleware
Seeing further: extending visualization as a basis for usable security
SOUPS '06 Proceedings of the second symposium on Usable privacy and security
Looking for trouble: understanding end-user security management
Proceedings of the 2007 symposium on Computer human interaction for the management of information technology
End user concern about security and privacy threats
Proceedings of the 3rd symposium on Usable privacy and security
The Journal of Strategic Information Systems
Why file sharing networks are dangerous?
Communications of the ACM - Inspiring Women in Computing
Collective information practice: emploring privacy and security as social and cultural phenomena
Human-Computer Interaction
Designing for Diagnosing: Introduction to the Special Issue on Diagnostic Work
Computer Supported Cooperative Work
Enhancing research into usable privacy and security
Proceedings of the 27th ACM international conference on Design of communication
A sense of security in pervasive computing: is the light on when the refrigerator door is closed?
FC'07/USEC'07 Proceedings of the 11th International Conference on Financial cryptography and 1st International conference on Usable Security
Policy framework for security and privacy management
IBM Journal of Research and Development
Value conflicts for information security management
The Journal of Strategic Information Systems
The information security policy unpacked: A critical study of the content of university policies
International Journal of Information Management: The Journal for Information Professionals
Hi-index | 0.00 |
Computer system security is traditionally regarded as a primarily technological concern; the fundamental questions to which security researchers address themselves are those of the mathematical guarantees that can be made for the performance of various communication and computational challenges. However, in our research, we focus on a different question. For us, the fundamental security question is one that end-users routinely encounter and resolve for themselves many times a day--the question of whether a system is secure enough for their immediate needs.In this paper, we will describe our explorations of this issue. In particular, we will draw on three major elements of our research to date. The first is empirical investigation into everyday security practices, looking at how people manage security as a practical, day-to-day concern, and exploring the context in which security decisions are made. This empirical work provides a foundation for our reconsideration of the problems of security to a large degree as an interactional problem. The second is our systems approach, based on visualization and event-based architectures. This technical approach provides a broad platform for investigating security and interaction, based on a set of general principles. The third is our initial experiences in a prototype deployment of these mechanisms in an application for peer-to-peer file sharing in face-to-face collaborative settings. We have been using this application as the basis of an initial evaluation of our technology in support of everyday security practices in collaborative workgroups.