Access control for collaborative environments
CSCW '92 Proceedings of the 1992 ACM conference on Computer-supported cooperative work
Communications of the ACM
The cognitive walkthrough method: a practitioner's guide
Usability inspection methods
Safeware: system safety and computers
Safeware: system safety and computers
Evaluating a multimedia authoring tool
Journal of the American Society for Information Science - Special issue on current research in human-computer interaction
An analysis of security incidents on the Internet 1989-1995
An analysis of security incidents on the Internet 1989-1995
NSPW '96 Proceedings of the 1996 workshop on New security paradigms
PGP: Pretty Good Privacy
More than Screen Deep: Toward Every-Citizen Interface to the Nation's Information Infrastructure
More than Screen Deep: Toward Every-Citizen Interface to the Nation's Information Infrastructure
Compliance defects in public-key cryptography
SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
Obstacles to freedom and privacy by design
Proceedings of the tenth conference on Computers, freedom and privacy: challenging the assumptions
Multilateral security a concept and examples for balanced security
Proceedings of the 2000 workshop on New security paradigms
Safe and sound: a safety-critical approach to security
Proceedings of the 2001 workshop on New security paradigms
Pretty good persuasion: a first step towards effective password security in the real world
Proceedings of the 2001 workshop on New security paradigms
CHI '01 Extended Abstracts on Human Factors in Computing Systems
Proceedings of the 11th USENIX Security Symposium
Lessons Learned in Implementing and Deploying Crypto Software
Proceedings of the 11th USENIX Security Symposium
Deanonymizing Users of the SafeWeb Anonymizing Service
Proceedings of the 11th USENIX Security Symposium
Revised Papers from the 8th International Workshop on Security Protocols
User interface requirements for authentication of communication
AUIC '03 Proceedings of the Fourth Australasian user interface conference on User interfaces 2003 - Volume 18
Security in mobile communications: challenges and opportunities
ACSW Frontiers '03 Proceedings of the Australasian information security workshop conference on ACSW frontiers 2003 - Volume 21
An approach to usable security based on event monitoring and visualization
Proceedings of the 2002 workshop on New security paradigms
Moving from the design of usable security technologies to the design of useful secure applications
Proceedings of the 2002 workshop on New security paradigms
Humans in the Loop: Human-Computer Interaction and Security
IEEE Security and Privacy
Public-key support for group collaboration
ACM Transactions on Information and System Security (TISSEC)
Technologies for Trust in Electronic Commerce
Electronic Commerce Research
Bringing security home: a process for developing secure and usable systems
Proceedings of the 2003 workshop on New security paradigms
Public key distribution through "cryptoIDs"
Proceedings of the 2003 workshop on New security paradigms
Proceedings of the 2003 workshop on New security paradigms
Privacy in electronic commerce and the economics of immediate gratification
EC '04 Proceedings of the 5th ACM conference on Electronic commerce
Cryptographic File Systems Performance: What You Don't Know Can Hurt You
SISW '03 Proceedings of the Second IEEE International Security in Storage Workshop
Misuse and Abuse Cases: Getting Past the Positive
IEEE Security and Privacy
Development and evaluation of emerging design patterns for ubiquitous computing
DIS '04 Proceedings of the 5th conference on Designing interactive systems: processes, practices, methods, and techniques
Guest Editors' Introduction: Secure or Usable?
IEEE Security and Privacy
In Search of Usable Security: Five Lessons from the Field
IEEE Security and Privacy
A PIN-entry method resilient against shoulder surfing
Proceedings of the 11th ACM conference on Computer and communications security
Personal privacy through understanding and action: five pitfalls for designers
Personal and Ubiquitous Computing
Security in the wild: user strategies for managing security as an everyday, practical problem
Personal and Ubiquitous Computing
ssmail: Opportunistic Encryption in sendmail
LISA '99 Proceedings of the 13th USENIX conference on System administration
How to make secure email easier to use
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Hardening Web browsers against man-in-the-middle and eavesdropping attacks
WWW '05 Proceedings of the 14th international conference on World Wide Web
A generic anti-spyware solution by access control list at kernel level
Journal of Systems and Software - Special issue: Software engineering education and training
ACM Transactions on Information and System Security (TISSEC)
The user non-acceptance paradigm: INFOSEC's dirty little secret
NSPW '04 Proceedings of the 2004 workshop on New security paradigms
Omnivore: risk management through bidirectional transparency
NSPW '04 Proceedings of the 2004 workshop on New security paradigms
Using Mobile Phones for Secure, Distributed Document Processing in the Developing World
IEEE Pervasive Computing
Johnny 2: a user test of key continuity management with S/MIME and Outlook Express
SOUPS '05 Proceedings of the 2005 symposium on Usable privacy and security
Two experiences designing for effective security
SOUPS '05 Proceedings of the 2005 symposium on Usable privacy and security
Usable security and privacy: a case study of developing privacy management tools
SOUPS '05 Proceedings of the 2005 symposium on Usable privacy and security
The battle against phishing: Dynamic Security Skins
SOUPS '05 Proceedings of the 2005 symposium on Usable privacy and security
Social navigation as a model for usable security
SOUPS '05 Proceedings of the 2005 symposium on Usable privacy and security
A Framework for Evaluating Storage System Security
FAST '02 Proceedings of the 1st USENIX Conference on File and Storage Technologies
Information visualization for an intrusion detection system
Proceedings of the sixteenth ACM conference on Hypertext and hypermedia
Gathering evidence: use of visual security cues in web browsers
GI '05 Proceedings of Graphics Interface 2005
In the eye of the beholder: a visualization-based approach to information system security
International Journal of Human-Computer Studies - Special isssue: HCI research in privacy and security is critical now
Improving user-interface dependability through mitigation of human error
International Journal of Human-Computer Studies - Special isssue: HCI research in privacy and security is critical now
Security and usability engineering with particular attention to electronic mail
International Journal of Human-Computer Studies - Special isssue: HCI research in privacy and security is critical now
Bridging the gap between organizational and user perspectives of security in the clinical domain
International Journal of Human-Computer Studies - Special isssue: HCI research in privacy and security is critical now
Keeping ubiquitous computing to yourself: a practical model for user control of privacy
International Journal of Human-Computer Studies - Special isssue: HCI research in privacy and security is critical now
Uncovering privacy attitudes and practices in instant messaging
GROUP '05 Proceedings of the 2005 international ACM SIGGROUP conference on Supporting group work
The pynchon gate: a secure method of pseudonymous mail retrieval
Proceedings of the 2005 ACM workshop on Privacy in the electronic society
Establishing and protecting digital identity in federation systems
Proceedings of the 2005 workshop on Digital identity management
Securing distributed storage: challenges, techniques, and systems
Proceedings of the 2005 ACM workshop on Storage security and survivability
Usable privacy and security for personal information management
Communications of the ACM - Personal information management
Spy-resistant keyboard: more secure password entry on public touch screen displays
OZCHI '05 Proceedings of the 17th Australia conference on Computer-Human Interaction: Citizens Online: Considerations for Today and the Future
Enabling email confidentiality through the use of opportunistic encryption
dg.o '03 Proceedings of the 2003 annual national conference on Digital government research
Secrecy, flagging, and paranoia: adoption criteria in encrypted email
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Do security toolbars actually prevent phishing attacks?
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
interactions - A contradiction in terms?
Byzantine fault tolerant public key authentication in peer-to-peer systems
Computer Networks: The International Journal of Computer and Telecommunications Networking - Management in peer-to-peer systems
Aligning usability and security: a usability study of Polaris
SOUPS '06 Proceedings of the second symposium on Usable privacy and security
SOUPS '06 Proceedings of the second symposium on Usable privacy and security
Intentional access management: making access control usable for end-users
SOUPS '06 Proceedings of the second symposium on Usable privacy and security
SOUPS '06 Proceedings of the second symposium on Usable privacy and security
Divide and conquer: the role of trust and assurance in the design of secure socio-technical systems
NSPW '05 Proceedings of the 2005 workshop on New security paradigms
TrustNeighborhoods in a nutshell
SoftVis '06 Proceedings of the 2006 ACM symposium on Software visualization
USEable security: interface design strategies for improving security
Proceedings of the 3rd international workshop on Visualization for computer security
Usability evaluation of multi-modal biometric verification systems
Interacting with Computers
From access and integration to mining of secure genomic data sets across the Grid
Future Generation Computer Systems
User help techniques for usable security
Proceedings of the 2007 symposium on Computer human interaction for the management of information technology
Establishing and protecting digital identity in federation systems
Journal of Computer Security - The First ACM Workshop on Digital Identity Management -- DIM 2005
Security user studies: methodologies and best practices
CHI '07 Extended Abstracts on Human Factors in Computing Systems
Laboratory experiments for network security instruction
Journal on Educational Resources in Computing (JERIC)
Déjà Vu: a user study using images for authentication
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
PGP in constrained wireless devices
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
Cryptographic voting protocols: a systems perspective
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
WindowBox: a simple security model for the connected desktop
WSS'00 Proceedings of the 4th conference on USENIX Windows Systems Symposium - Volume 4
Usability and privacy in identity management architectures
ACSW '07 Proceedings of the fifth Australasian symposium on ACSW frontiers - Volume 68
Tracking website data-collection and privacy practices with the iWatch web crawler
Proceedings of the 3rd symposium on Usable privacy and security
Usability of anonymous web browsing: an examination of Tor interfaces and deployability
Proceedings of the 3rd symposium on Usable privacy and security
Lessons learned from the deployment of a smartphone-based access-control system
Proceedings of the 3rd symposium on Usable privacy and security
Facemail: showing faces of recipients to prevent misdirected email
Proceedings of the 3rd symposium on Usable privacy and security
Getting users to pay attention to anti-phishing education: evaluation of retention and transfer
Proceedings of the anti-phishing working groups 2nd annual eCrime researchers summit
Improved user authentication in off-the-record messaging
Proceedings of the 2007 ACM workshop on Privacy in electronic society
End-user privacy in human-computer interaction
Foundations and Trends in Human-Computer Interaction
Communications of the ACM - The psychology of security: why do good users make bad decisions?
Memorability of persuasive passwords
CHI '08 Extended Abstracts on Human Factors in Computing Systems
Integrating security and usability into the requirements and design process
International Journal of Electronic Security and Digital Forensics
AISC '08 Proceedings of the sixth Australasian conference on Information security - Volume 81
Security and identification indicators for browsers against spoofing and phishing attacks
ACM Transactions on Internet Technology (TOIT)
Improving text passwords through persuasion
Proceedings of the 4th symposium on Usable privacy and security
Analyzing websites for user-visible security design flaws
Proceedings of the 4th symposium on Usable privacy and security
Reflecting on the invisible: understanding end-user perceptions of ubiquitous computing
UbiComp '08 Proceedings of the 10th international conference on Ubiquitous computing
Persuasion for Stronger Passwords: Motivation and Pilot Study
PERSUASIVE '08 Proceedings of the 3rd international conference on Persuasive Technology
Panel: Usable Cryptography: Manifest Destiny or Oxymoron?
Financial Cryptography and Data Security
Embodied conversational agents for voice-biometric interfaces
ICMI '08 Proceedings of the 10th international conference on Multimodal interfaces
Exploring User Reactions to New Browser Cues for Extended Validation Certificates
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
Collective information practice: emploring privacy and security as social and cultural phenomena
Human-Computer Interaction
Privacy analysis and enhancements for data sharing in *nix systems
International Journal of Information and Computer Security
ACM Transactions on Computer-Human Interaction (TOCHI)
International Journal of Human-Computer Studies
Designing user studies for security applications: a case study with wireless network configuration
International Journal of Security and Networks
Usability for IT: manageability of data security technologies for client devices
ICCOMP'08 Proceedings of the 12th WSEAS international conference on Computers
Shibboleth-based Access to and Usage of Grid Resources
GRID '06 Proceedings of the 7th IEEE/ACM International Conference on Grid Computing
Waterhouse: enabling secure e-mail with social networking
CHI '09 Extended Abstracts on Human Factors in Computing Systems
Lessons from brain age on persuasion for computer security
CHI '09 Extended Abstracts on Human Factors in Computing Systems
Usable trust anchor management
Proceedings of the 8th Symposium on Identity and Trust on the Internet
Usable secure mailing lists with untrusted servers
Proceedings of the 8th Symposium on Identity and Trust on the Internet
Influencing users towards better passwords: persuasive cued click-points
BCS-HCI '08 Proceedings of the 22nd British HCI Group Annual Conference on People and Computers: Culture, Creativity, Interaction - Volume 1
International Journal of Human-Computer Studies
Usability meets access control: challenges and research opportunities
Proceedings of the 14th ACM symposium on Access control models and technologies
Not-a-Bot: improving service availability in the face of botnet attacks
NSDI'09 Proceedings of the 6th USENIX symposium on Networked systems design and implementation
Revealing hidden context: improving mental models of personal firewall users
Proceedings of the 5th Symposium on Usable Privacy and Security
Challenges in supporting end-user privacy and security management with social navigation
Proceedings of the 5th Symposium on Usable Privacy and Security
Usability and security of out-of-band channels in secure device pairing protocols
Proceedings of the 5th Symposium on Usable Privacy and Security
The compliance budget: managing security behaviour in organisations
Proceedings of the 2008 workshop on New security paradigms
Choose the red pill and the blue pill: a position paper
Proceedings of the 2008 workshop on New security paradigms
Security and usability: the gap in real-world online banking
NSPW '07 Proceedings of the 2007 Workshop on New Security Paradigms
Adaptive Security Dialogs for Improved Security Behavior of Users
INTERACT '09 Proceedings of the 12th IFIP TC 13 International Conference on Human-Computer Interaction: Part I
A spotlight on security and privacy risks with future household robots: attacks and lessons
Proceedings of the 11th international conference on Ubiquitous computing
Enhancing research into usable privacy and security
Proceedings of the 27th ACM international conference on Design of communication
Soramame: what you see is what you control access control user interface
Proceedings of the Symposium on Computer Human Interaction for the Management of Information Technology
Byzantine fault tolerant public key authentication in peer-to-peer systems
Computer Networks: The International Journal of Computer and Telecommunications Networking - Management in peer-to-peer systems
Multiple password interference in text passwords and click-based graphical passwords
Proceedings of the 16th ACM conference on Computer and communications security
Mixed-initiative security agents
Proceedings of the 2nd ACM workshop on Security and artificial intelligence
Browser interfaces and extended validation SSL certificates: an empirical study
Proceedings of the 2009 ACM workshop on Cloud computing security
Building robust authentication systems with activity-based personal questions
Proceedings of the 2nd ACM workshop on Assurable and usable security configuration
A Genetic Algorithms-Based Approach for Optimized Self-protection in a Pervasive Service Middleware
ICSOC-ServiceWave '09 Proceedings of the 7th International Joint Conference on Service-Oriented Computing
Generative usability: security and user centered design beyond the appliance
NSPW '09 Proceedings of the 2009 workshop on New security paradigms workshop
The infrastructure problem in HCI
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
How to build awareness-supported systems without sacrificing privacy
CSCWD'06 Proceedings of the 10th international conference on Computer supported cooperative work in design III
Creating home network access for the elderly
UAHCI'07 Proceedings of the 4th international conference on Universal access in human computer interaction: coping with diversity
Usability improvements for WLAN access
HCI'07 Proceedings of the 12th international conference on Human-computer interaction: interaction design and usability
Security in practice - security-usability chasm
ICISS'07 Proceedings of the 3rd international conference on Information systems security
An evaluation of extended validation and picture-in-picture phishing attacks
FC'07/USEC'07 Proceedings of the 11th International Conference on Financial cryptography and 1st International conference on Usable Security
Empirical studies on software notices to inform policy makers and usability designers
FC'07/USEC'07 Proceedings of the 11th International Conference on Financial cryptography and 1st International conference on Usable Security
A sense of security in pervasive computing: is the light on when the refrigerator door is closed?
FC'07/USEC'07 Proceedings of the 11th International Conference on Financial cryptography and 1st International conference on Usable Security
A meta-model for usable secure requirements engineering
Proceedings of the 2010 ICSE Workshop on Software Engineering for Secure Systems
An effective crypto-biometric system for secure email in wireless environment
Proceedings of the 7th International Conference on Advances in Mobile Computing and Multimedia
A survey of confidential data storage and deletion methods
ACM Computing Surveys (CSUR)
Towards understanding ATM security: a field study of real world ATM use
Proceedings of the Sixth Symposium on Usable Privacy and Security
Visualizing your key for secure phone calls and language independence
Proceedings of the Seventh International Symposium on Visualization for Cyber Security
Secure and usable P2P VoIP for mobile devices
Proceedings of the 12th international conference on Human computer interaction with mobile devices and services
Secure passwords through enhanced hashing
LISA'09 Proceedings of the 23rd conference on Large installation system administration
Security-Aware Service Composition for End Users of Small Enterprises
Proceedings of the 2010 conference on New Trends in Software Methodologies, Tools and Techniques: Proceedings of the 9th SoMeT_10
Proceedings of the 4th Symposium on Computer Human Interaction for the Management of Information Technology
Towards privacy-enhancing identity management in mashup-providing platforms
DBSec'10 Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy
The last mile: parallel programming and usability
Proceedings of the FSE/SDP workshop on Future of software engineering research
Identity in the Information Society
Proceedings of the 2010 workshop on New security paradigms
Proceedings of the 2010 workshop on New security paradigms
ABUSE: PKI for real-world email trust
EuroPKI'09 Proceedings of the 6th European conference on Public key infrastructures, services and applications
Informing security indicator design in web browsers
Proceedings of the 2011 iConference
The usability of end user cryptographic products
2009 Information Security Curriculum Development Conference
Small trusted primitives for dependable systems
ACM SIGOPS Operating Systems Review
Keypad: an auditing file system for theft-prone devices
Proceedings of the sixth conference on Computer systems
A framework for evaluating storage system security
FAST'02 Proceedings of the 1st USENIX conference on File and storage technologies
Does MoodyBoard make internet use more secure?: evaluating an ambient security visualization tool
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Does domain highlighting help people identify phishing sites?
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Data type based security alert dialogs
CHI '11 Extended Abstracts on Human Factors in Computing Systems
Quantifying the quality of web authentication mechanisms: a usability perspective
Journal of Web Engineering
Secure online game play with token: a case study in the design of multi-factor authentication device
HCD'11 Proceedings of the 2nd international conference on Human centered design
Scramble! your social network data
PETS'11 Proceedings of the 11th international conference on Privacy enhancing technologies
PorKI: portable PKI credentials via proxy certificates
EuroPKI'10 Proceedings of the 7th European conference on Public key infrastructures, services and applications
Shining chrome: using web browser personas to enhance SSL certificate visualization
INTERACT'11 Proceedings of the 13th IFIP TC 13 international conference on Human-computer interaction - Volume Part IV
Johnny in internet café: user study and exploration of password autocomplete in web browsers
Proceedings of the 7th ACM workshop on Digital identity management
Unicorn: two-factor attestation for data security
Proceedings of the 18th ACM conference on Computer and communications security
PKI and access control in office environments
Proceedings of the 2011 Information Security Curriculum Development Conference
The security cost of cheap user interaction
Proceedings of the 2011 workshop on New security paradigms workshop
Proceedings of the 2011 Workshop on Governance of Technology, Information, and Policies
An empirical study of visual security cues to prevent the SSLstripping attack
Proceedings of the 27th Annual Computer Security Applications Conference
Using data type based security alert dialogs to raise online security awareness
Proceedings of the Seventh Symposium on Usable Privacy and Security
LoKey: leveraging the SMS network in decentralized, end-to-end trust establishment
PERVASIVE'06 Proceedings of the 4th international conference on Pervasive Computing
Views, reactions and impact of digitally-signed mail in e-commerce
FC'05 Proceedings of the 9th international conference on Financial Cryptography and Data Security
On diffusion and confusion – why electronic signatures have failed
TrustBus'06 Proceedings of the Third international conference on Trust, Privacy, and Security in Digital Business
Bringing the user back into control: a new paradigm for usability in highly dynamic systems
TrustBus'06 Proceedings of the Third international conference on Trust, Privacy, and Security in Digital Business
Barry is not the weakest link: eliciting secure system requirements with personas
BCS '10 Proceedings of the 24th BCS Interaction Specialist Group Conference
Experiences of applying advanced grid authorisation infrastructures
EGC'05 Proceedings of the 2005 European conference on Advances in Grid Computing
Keeping Found Things Found: The Study and Practice of Personal Information Management: The Study and Practice of Personal Information Management
An implementation and evaluation of online disk encryption for windows systems
ICISS'06 Proceedings of the Second international conference on Information Systems Security
The structure of the sense of security, anshin
CRITIS'07 Proceedings of the Second international conference on Critical Information Infrastructures Security
The sense of security and a countermeasure for the false sense
SP'11 Proceedings of the 19th international conference on Security Protocols
Mercury: recovering forgotten passwords using personal devices
FC'11 Proceedings of the 15th international conference on Financial Cryptography and Data Security
Evoking comprehensive mental models of anonymous credentials
iNetSec'11 Proceedings of the 2011 IFIP WG 11.4 international conference on Open Problems in Network Security
Musubi: disintermediated interactive social feeds for mobile devices
Proceedings of the 21st international conference on World Wide Web
Analyzing Internet e-mail date-spoofing
Digital Investigation: The International Journal of Digital Forensics & Incident Response
Graphical passwords: Learning from the first twelve years
ACM Computing Surveys (CSUR)
Helping Johnny 2.0 to encrypt his Facebook conversations
Proceedings of the Eighth Symposium on Usable Privacy and Security
Computer security research with human subjects: risks, benefits and informed consent
FC'11 Proceedings of the 2011 international conference on Financial Cryptography and Data Security
Modelling trusted web applications
KES-AMSTA'12 Proceedings of the 6th KES international conference on Agent and Multi-Agent Systems: technologies and applications
Risk communication design: video vs. text
PETS'12 Proceedings of the 12th international conference on Privacy Enhancing Technologies
Why trust seals don't work: a study of user perceptions and behavior
TRUST'12 Proceedings of the 5th international conference on Trust and Trustworthy Computing
Vis-à-vis cryptography: private and trustworthy in-person certifications
HealthSec'12 Proceedings of the 3rd USENIX conference on Health Security and Privacy
Studying access-control usability in the lab: lessons learned from four studies
Proceedings of the 2012 Workshop on Learning from Authoritative Security Experiment Results
TrustNeighborhoods: visualizing trust in distributed file sharing systems
EUROVIS'07 Proceedings of the 9th Joint Eurographics / IEEE VGTC conference on Visualization
CleanOS: limiting mobile data exposure with idle eviction
OSDI'12 Proceedings of the 10th USENIX conference on Operating Systems Design and Implementation
Exploring user preferences for privacy interfaces in mobile sensing applications
Proceedings of the 11th International Conference on Mobile and Ubiquitous Multimedia
For some eyes only: protecting online information sharing
Proceedings of the third ACM conference on Data and application security and privacy
The usability of truecrypt, or how i learned to stop whining and fix an interface
Proceedings of the third ACM conference on Data and application security and privacy
Sophisticated phishers make more spelling mistakes: using URL similarity against phishing
CSS'12 Proceedings of the 4th international conference on Cyberspace Safety and Security
SP'12 Proceedings of the 20th international conference on Security Protocols
Usability issues in security (transcript of discussion)
SP'12 Proceedings of the 20th international conference on Security Protocols
User Perceptions of Security Technologies
International Journal of Information Security and Privacy
International Journal of Information Security and Privacy
A method for incorporating usable security into computer security courses
Proceeding of the 44th ACM technical symposium on Computer science education
Supporting visual security cues for WebView-based Android apps
Proceedings of the 28th Annual ACM Symposium on Applied Computing
Confused Johnny: when automatic encryption leads to confusion and mistakes
Proceedings of the Ninth Symposium on Usable Privacy and Security
Proceedings of the 2013 ACM international symposium on New ideas, new paradigms, and reflections on programming & software
An empirical study of cryptographic misuse in android applications
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Secure, usable biometric authentication systems
UAHCI'13 Proceedings of the 7th international conference on Universal Access in Human-Computer Interaction: design methods, tools, and interaction techniques for eInclusion - Volume Part I
Investigating Users’ Perspectives of Web Single Sign-On: Conceptual Gaps and Acceptance Model
ACM Transactions on Internet Technology (TOIT)
"Who decides?": security and privacy in the wild
Proceedings of the 25th Australian Computer-Human Interaction Conference: Augmentation, Application, Innovation, Collaboration
Leveraging Social Feedback to Verify Online Identity Claims
ACM Transactions on the Web (TWEB)
Hi-index | 0.00 |
User errors cause or contribute to most computer security failures, yet user interfaces for security still tend to be clumsy, confusing, or near-nonexistent. Is this simply due to a failure to apply standard user interface design techniques to security? We argue that, on the contrary, effective security requires a different usability standard, and that it will not be achieved through the user interface design techniques appropriate to other types of consumer software. To test this hypothesis, we performed a case study of a security program which does have a good user interface by general standards: PGP 5.0. Our case study used a cognitive walkthrough analysis together with a laboratory user test to evaluate whether PGP 5.0 can be successfully used by cryptography novices to achieve effective electronic mail security. The analysis found a number of user interface design flaws that may contribute to security failures, and the user test demonstrated that when our test participants were given 90 minutes in which to sign and encrypt a message using PGP 5.0, the majority of them were unable to do so successfully. We conclude that PGP 5.0 is not usable enough to provide effective security for most computer users, despite its attractive graphical user interface, supporting our hypothesis that user interface design for effective security remains an open problem. We close with a brief description of our continuing work on the development and application of user interface design principles and techniques for security.