Security without identification: transaction systems to make big brother obsolete
Communications of the ACM
Proceedings of the 11th ACM conference on Computer and communications security
Improving understanding of website privacy policies with fine-grained policy anchors
WWW '05 Proceedings of the 14th international conference on World Wide Web
SOUPS '05 Proceedings of the 2005 symposium on Usable privacy and security
The battle against phishing: Dynamic Security Skins
SOUPS '05 Proceedings of the 2005 symposium on Usable privacy and security
Identity Theft Solutions Disagree on Problem
IEEE Distributed Systems Online
Security and Usability
PIAFF: un outil d'aide à la saisie d'informations personnelles pour les formulaires électroniques
Proceedings of the 21st International Conference on Association Francophone d'Interaction Homme-Machine
Exploring the feasibility of web form adaptation to users' cultural dimension scores
User Modeling and User-Adapted Interaction
Interacting with Computers
An approach and tool support for assisting users to fill-in web forms with personal information
Proceedings of the 29th ACM international conference on Design of communication
Evoking comprehensive mental models of anonymous credentials
iNetSec'11 Proceedings of the 2011 IFIP WG 11.4 international conference on Open Problems in Network Security
Hi-index | 0.00 |
The goal of this paper is to study secure and usable methods for providing user input to a website. Three principles define security for us: certification, awareness, and privacy. Four principles define usability: contextual awareness, semantic awareness, prodigious use of screen space, and the availability of recommended choices.We first describe how current approaches to the solicitation of user input on the web fail on both fronts: they either can not handle certified data, do not respect user privacy, or have various usability problems which frustrate and perhaps even mislead the user.To address security, we suggest the use of more sophisticated private certificate systems. To address usability, we propose a new contextual, browser-integrated interface for using private certificate systems. Our system incorporates many recent design principles discussed in the security and usability space. It works in the main content area of a webpage; it focuses on making the user aware of the who, what, where, when and why of a data request, and it does not use valuable screen space when it is not relevant.