Helping Johnny 2.0 to encrypt his Facebook conversations

S. Fahl, M. Harbach, T. Muders, Matthew Smith, U. Sander
{"title":"Helping Johnny 2.0 to encrypt his Facebook conversations","authors":"S. Fahl, M. Harbach, T. Muders, Matthew Smith, U. Sander","doi":"10.1145/2335356.2335371","DOIUrl":null,"url":null,"abstract":"Several billion Facebook messages are sent every day. While there are many solutions to email security whose usability has been extensively studied, little work has been done in the area of message security for Facebook and even less on the usability aspects in this area. To evaluate the need for such a mechanism, we conducted a screening study with 514 participants, which showed a clear desire to protect private messages on Facebook. We therefore proceeded to analyse the usability of existing approaches and extracted key design decisions for further evaluation. Based on this analysis, we conducted a laboratory study with 96 participants to analyse different usability aspects and requirements of a Facebook message encryption mechanism. Two key findings of our study are that automatic key management and key recovery capabilities are important features for such a mechanism. Following on from these studies, we designed and implemented a usable service-based encryption mechanism for Facebook conversations. In a final study with 15 participants, we analysed the usability of our solution. All participants were capable of successfully encrypting their Facebook conversations without error when using our service, and the mechanism was perceived as usable and useful. The results of our work suggest that in the context of the social web, new security/usability trade-offs can be explored to protect users more effectively.","PeriodicalId":273244,"journal":{"name":"Symposium On Usable Privacy and Security","volume":"21 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-07-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"65","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Symposium On Usable Privacy and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2335356.2335371","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 65

Abstract

Several billion Facebook messages are sent every day. While there are many solutions to email security whose usability has been extensively studied, little work has been done in the area of message security for Facebook and even less on the usability aspects in this area. To evaluate the need for such a mechanism, we conducted a screening study with 514 participants, which showed a clear desire to protect private messages on Facebook. We therefore proceeded to analyse the usability of existing approaches and extracted key design decisions for further evaluation. Based on this analysis, we conducted a laboratory study with 96 participants to analyse different usability aspects and requirements of a Facebook message encryption mechanism. Two key findings of our study are that automatic key management and key recovery capabilities are important features for such a mechanism. Following on from these studies, we designed and implemented a usable service-based encryption mechanism for Facebook conversations. In a final study with 15 participants, we analysed the usability of our solution. All participants were capable of successfully encrypting their Facebook conversations without error when using our service, and the mechanism was perceived as usable and useful. The results of our work suggest that in the context of the social web, new security/usability trade-offs can be explored to protect users more effectively.
帮约翰尼2.0加密他的脸书对话
Facebook每天发送数十亿条信息。虽然有许多电子邮件安全的解决方案,其可用性已经被广泛研究,但在Facebook的消息安全领域做的工作很少,在这一领域的可用性方面就更少了。为了评估这种机制的必要性,我们对514名参与者进行了一项筛选研究,这些参与者明显希望保护Facebook上的私人信息。因此,我们开始分析现有方法的可用性,并提取关键设计决策以供进一步评估。基于此分析,我们对96名参与者进行了一项实验室研究,以分析Facebook消息加密机制的不同可用性方面和需求。我们研究的两个主要发现是,自动密钥管理和密钥恢复能力是这种机制的重要特征。根据这些研究,我们为Facebook会话设计并实现了一个可用的基于服务的加密机制。在最后一项有15名参与者的研究中,我们分析了我们解决方案的可用性。当使用我们的服务时,所有参与者都能够成功地加密他们的Facebook对话,而不会出现错误,并且该机制被认为是可用的和有用的。我们的工作结果表明,在社交网络的背景下,可以探索新的安全性/可用性权衡,以更有效地保护用户。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信