A discrete control model of operator function: A methodology for information dislay design
IEEE Transactions on Systems, Man and Cybernetics
Paradigms for intelligent decision support
Proceedings of the NATO Advanced Study Institute on Intelligent Decision Support on Intelligent decision support in process environments
Usability inspection methods
A representational analysis of relational information displays
International Journal of Human-Computer Studies
Controlling access in multiuser interfaces
ACM Transactions on Computer-Human Interaction (TOCHI)
NSPW '96 Proceedings of the 1996 workshop on New security paradigms
Communications of the ACM
Usability and privacy: a study of Kazaa P2P file-sharing
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
User Interaction Design for Secure Systems
ICICS '02 Proceedings of the 4th International Conference on Information and Communications Security
The human-computer interaction handbook
Access Control for Active Spaces
ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
Usable Access Control for the World Wide Web
ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
Why Johnny can't encrypt: a usability evaluation of PGP 5.0
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
Memory representations in natural tasks
Journal of Cognitive Neuroscience
Intentional access management: making access control usable for end-users
SOUPS '06 Proceedings of the second symposium on Usable privacy and security
USEable security: interface design strategies for improving security
Proceedings of the 3rd international workshop on Visualization for computer security
Looking for trouble: understanding end-user security management
Proceedings of the 2007 symposium on Computer human interaction for the management of information technology
User help techniques for usable security
Proceedings of the 2007 symposium on Computer human interaction for the management of information technology
The role of errors in learning computer software
Computers & Education
Lessons learned from the deployment of a smartphone-based access-control system
Proceedings of the 3rd symposium on Usable privacy and security
A user study of policy creation in a flexible access-control system
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Expandable grids for visualizing and authoring computer security policies
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
A framework for reasoning about the human in the loop
UPSEC'08 Proceedings of the 1st Conference on Usability, Psychology, and Security
User-controllable learning of security and privacy policies
Proceedings of the 1st ACM workshop on Workshop on AISec
Error recovery in human-computer interaction: a preliminary study in a database learning environment
Proceedings of the 2nd PhD workshop on Information and knowledge management
Family accounts: a new paradigm for user accounts within the home environment
Proceedings of the 2008 ACM conference on Computer supported cooperative work
Towards improving mental models of personal firewall users
CHI '09 Extended Abstracts on Human Factors in Computing Systems
Usability meets access control: challenges and research opportunities
Proceedings of the 14th ACM symposium on Access control models and technologies
Revealing hidden context: improving mental models of personal firewall users
Proceedings of the 5th Symposium on Usable Privacy and Security
Proceedings of the 5th Symposium on Usable Privacy and Security
The effects of introspection on creating privacy policy
Proceedings of the 8th ACM workshop on Privacy in the electronic society
The infrastructure problem in HCI
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Access Control for Home Data Sharing: Attitudes, Needs and Practices
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Making policy decisions disappear into the user's workflow
CHI '10 Extended Abstracts on Human Factors in Computing Systems
Usability challenges in security and privacy policy-authoring interfaces
INTERACT'07 Proceedings of the 11th IFIP TC 13 international conference on Human-computer interaction - Volume Part II
Optimizing a policy authoring framework for security and privacy policies
Proceedings of the Sixth Symposium on Usable Privacy and Security
Principles for applying social navigation to collaborative systems
Proceedings of the 4th Symposium on Computer Human Interaction for the Management of Information Technology
More than skin deep: measuring effects of the underlying model on access-control system usability
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Exploring reactive access control
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
An empirical study on configuration errors in commercial and open source systems
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
Tag, you can see it!: using tags for access control in photo sharing
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Why do migrations fail and what can we do about it?
LISA'11 Proceedings of the 25th international conference on Large Installation System Administration
Relating declarative semantics and usability in access control
Proceedings of the Eighth Symposium on Usable Privacy and Security
Physical access control administration using building information models
CSS'12 Proceedings of the 4th international conference on Cyberspace Safety and Security
| Hi-index | 0.00 |
Security may be compromised when humans make mistakes at the user interface. Cleartext is mistakenly sent to correspondents, sensitive files are left unprotected, and erroneously configured systems are left vulnerable to attackers. Such mistakes may be blamed on human error, but the regularity of human error suggests that mistakes may be preventable through better interface design. Certain user-interface constructs drive users toward error, while others facilitate success.Two security-sensitive user interfaces were evaluated in a laboratory user study: the Windows XP file-permissions interface and an alternative interface, called Salmon, designed in accordance with an error-avoiding principle to counteract the misleading constructs in the XP interface. The alternative interface was found to be more dependable; it increased successful task completion by up to 300%, reduced commission of a class of errors by up to 94%, and provided a nearly 3× speed-up in task completion time. Moreover, users spent less time searching for information with the alternative interface, and a greater proportion of time on essential task steps. An explanatory theory in its early stages of development is presented.