发布求助
文献互助 智能选刊 最新文献

Symposium On Usable Privacy and Security最新文献

筛选
英文 中文
Goldilocks and the two mobile devices: going beyond all-or-nothing access to a device's applications 金凤花和两个移动设备:超越对设备应用程序的全有或全无访问
Symposium On Usable Privacy and Security Pub Date : 2012-07-11 DOI: 10.1145/2335356.2335359
Eiji Hayashi, Oriana Riva, K. Strauss, A. Brush, Stuart E. Schechter
{"title":"Goldilocks and the two mobile devices: going beyond all-or-nothing access to a device's applications","authors":"Eiji Hayashi, Oriana Riva, K. Strauss, A. Brush, Stuart E. Schechter","doi":"10.1145/2335356.2335359","DOIUrl":"https://doi.org/10.1145/2335356.2335359","url":null,"abstract":"Most mobile phones and tablets support only two access control device states: locked and unlocked. We investigated how well all or-nothing device access control meets the need of users by interviewing 20 participants who had both a smartphone and tablet. We find all-or-nothing device access control to be a remarkably poor fit with users' preferences. On both phones and tablets, participants wanted roughly half their applications to be available even when their device was locked and half protected by authentication. We also solicited participants' interest in new access control mechanisms designed specifically to facilitate device sharing. Fourteen participants out of 20 preferred these controls to existing security locks alone. Finally, we gauged participants' interest in using face and voice biometrics to authenticate to their mobile phone and tablets; participants were surprisingly receptive to biometrics, given that they were also aware of security and reliability limitations.","PeriodicalId":273244,"journal":{"name":"Symposium On Usable Privacy and Security","volume":"28 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-07-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125271123","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 96
Do you see your password?: applying recognition to textual passwords 你看到你的密码了吗?:对文本密码进行识别
Symposium On Usable Privacy and Security Pub Date : 2012-07-11 DOI: 10.1145/2335356.2335367
Nicholas Wright, Andrew S. Patrick, R. Biddle
{"title":"Do you see your password?: applying recognition to textual passwords","authors":"Nicholas Wright, Andrew S. Patrick, R. Biddle","doi":"10.1145/2335356.2335367","DOIUrl":"https://doi.org/10.1145/2335356.2335367","url":null,"abstract":"Text-based password systems are the authentication mechanism most commonly used on computer systems. Graphical passwords have recently been proposed because the pictorial-superiority effect suggests that people have better memory for images. The most widely advocated graphical password systems are based on recognition rather than recall. This approach is favored because recognition is a more effective manner of retrieval than recall, exhibiting greater accuracy and longevity of material. However, schemes such as these combine both the use of graphical images and the use of recognition as a retrieval mechanism. This paper reports on a study that sought to address this confound by exploring the recognition of text as a novel means of authentication. We hypothesized that there would be significant differences between text recognition and text recall conditions. Our study, however, showed that the conditions were comparable; we found no significant difference in memorability. Furthermore, text recognition required more time to authenticate successfully.","PeriodicalId":273244,"journal":{"name":"Symposium On Usable Privacy and Security","volume":"109 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-07-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131054332","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 69
Stories as informal lessons about security 故事是关于安全的非正式课程
Symposium On Usable Privacy and Security Pub Date : 2012-07-11 DOI: 10.1145/2335356.2335364
E. Rader, Rick Wash, Brandon Brooks
{"title":"Stories as informal lessons about security","authors":"E. Rader, Rick Wash, Brandon Brooks","doi":"10.1145/2335356.2335364","DOIUrl":"https://doi.org/10.1145/2335356.2335364","url":null,"abstract":"Non-expert computer users regularly need to make security-relevant decisions; however, these decisions tend not to be particularly good or sophisticated. Nevertheless, their choices are not random. Where does the information come from that these non-experts base their decisions upon? We argue that much of this information comes from stories they hear from other people. We conducted a survey to ask open- and closed- ended questions about security stories people hear from others. We found that most people have learned lessons from stories about security incidents informally from family and friends. These stories impact the way people think about security, and their subsequent behavior when making security-relevant decisions. In addition, many people retell these stories to others, indicating that a single story has the potential to influence multiple people. Understanding how non-experts learn from stories, and what kinds of stories they learn from, can help us figure out new methods for helping these people make better security decisions.","PeriodicalId":273244,"journal":{"name":"Symposium On Usable Privacy and Security","volume":"19 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-07-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127925758","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 158
Facebook and privacy: it's complicated Facebook和隐私:这很复杂
Symposium On Usable Privacy and Security Pub Date : 2012-07-11 DOI: 10.1145/2335356.2335369
Maritza L. Johnson, Serge Egelman, S. Bellovin
{"title":"Facebook and privacy: it's complicated","authors":"Maritza L. Johnson, Serge Egelman, S. Bellovin","doi":"10.1145/2335356.2335369","DOIUrl":"https://doi.org/10.1145/2335356.2335369","url":null,"abstract":"We measure users' attitudes toward interpersonal privacy concerns on Facebook and measure users' strategies for reconciling their concerns with their desire to share content online. To do this, we recruited 260 Facebook users to install a Facebook application that surveyed their privacy concerns, their friend network compositions, the sensitivity of posted content, and their privacy-preserving strategies. By asking participants targeted questions about people randomly selected from their friend network and posts shared on their profiles, we were able to quantify the extent to which users trust their \"friends\" and the likelihood that their content was being viewed by unintended audiences. We found that while strangers are the most concerning audience, almost 95% of our participants had taken steps to mitigate those concerns. At the same time, we observed that 16.5% of participants had at least one post that they were uncomfortable sharing with a specific friend---someone who likely already had the ability to view it---and that 37% raised more general concerns with sharing their content with friends. We conclude that the current privacy controls allow users to effectively manage the outsider threat, but that they are unsuitable for mitigating concerns over the insider threat---members of the friend network who dynamically become inappropriate audiences based on the context of a post.","PeriodicalId":273244,"journal":{"name":"Symposium On Usable Privacy and Security","volume":"27 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-07-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124411686","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 224
+Your circles: sharing behavior on Google+ 你的圈子:在Google+上分享行为
Symposium On Usable Privacy and Security Pub Date : 2012-07-11 DOI: 10.1145/2335356.2335373
J. Watson, Andrew Besmer, H. Lipford
{"title":"+Your circles: sharing behavior on Google+","authors":"J. Watson, Andrew Besmer, H. Lipford","doi":"10.1145/2335356.2335373","DOIUrl":"https://doi.org/10.1145/2335356.2335373","url":null,"abstract":"Users are sharing and consuming enormous amounts of information through online social network interaction every day. Yet, many users struggle to control what they share to their overlapping social spheres. Google+ introduces circles, a mechanism that enables users to group friends and use these groups to control their social network feeds and posts. We present the results of a qualitative interview study on the sharing perceptions and behavior of 27 Google+ users. These results indicate that many users have a clear understanding of circles, using them to target information to those most interested in it. Yet, despite these positive perceptions, there is only moderate use of circles to control information flow. We explore reasons and risks associated with these behaviors and provide insight on the impact and open questions of this privacy mechanism.","PeriodicalId":273244,"journal":{"name":"Symposium On Usable Privacy and Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-07-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128726984","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 53
Reasons, rewards, regrets: privacy considerations in location sharing as an interactive practice 原因、回报、遗憾:位置共享互动实践中的隐私考量
Symposium On Usable Privacy and Security Pub Date : 2012-07-11 DOI: 10.1145/2335356.2335363
S. Patil, Gregory Norcie, Apu Kapadia, Adam J. Lee
{"title":"Reasons, rewards, regrets: privacy considerations in location sharing as an interactive practice","authors":"S. Patil, Gregory Norcie, Apu Kapadia, Adam J. Lee","doi":"10.1145/2335356.2335363","DOIUrl":"https://doi.org/10.1145/2335356.2335363","url":null,"abstract":"Rapid growth in the usage of location-aware mobile phones has enabled mainstream adoption of location-sharing services (LSS). Integration with social-networking services (SNS) has further accelerated this trend. To uncover how these developments have shaped the evolution of LSS usage, we conducted an online study (N = 362) aimed at understanding the preferences and practices of LSS users in the US. We found that the main motivations for location sharing were to connect and coordinate with one's social and professional circles, to project an interesting image of oneself, and to receive rewards offered for 'checking in.' Respondents overwhelmingly preferred sharing location only upon explicit action. More than a quarter of the respondents recalled at least one instance of regret over revealing their location. Our findings suggest that privacy considerations in LSS are affected due to integration within SNS platforms and by transformation of location sharing into an interactive practice that is no longer limited only to finding people based on their whereabouts. We offer design suggestions, such as delayed disclosure and conflict detection, to enhance privacy-management capabilities of LSS.","PeriodicalId":273244,"journal":{"name":"Symposium On Usable Privacy and Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-07-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130801666","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 78
Measuring user confidence in smartphone security and privacy 衡量用户对智能手机安全和隐私的信心
Symposium On Usable Privacy and Security Pub Date : 2012-07-11 DOI: 10.1145/2335356.2335358
Erika Chin, A. Felt, V. Sekar, D. Wagner
{"title":"Measuring user confidence in smartphone security and privacy","authors":"Erika Chin, A. Felt, V. Sekar, D. Wagner","doi":"10.1145/2335356.2335358","DOIUrl":"https://doi.org/10.1145/2335356.2335358","url":null,"abstract":"In order to direct and build an effective, secure mobile ecosystem, we must first understand user attitudes toward security and privacy for smartphones and how they may differ from attitudes toward more traditional computing systems. What are users' comfort levels in performing different tasks? How do users select applications? What are their overall perceptions of the platform? This understanding will help inform the design of more secure smartphones that will enable users to safely and confidently benefit from the potential and convenience offered by mobile platforms.\u0000 To gain insight into user perceptions of smartphone security and installation habits, we conduct a user study involving 60 smartphone users. First, we interview users about their willingness to perform certain tasks on their smartphones to test the hypothesis that people currently avoid using their phones due to privacy and security concerns. Second, we analyze why and how they select applications, which provides information about how users decide to trust applications. Based on our findings, we present recommendations and opportunities for services that will help users safely and confidently use mobile applications and platforms.","PeriodicalId":273244,"journal":{"name":"Symposium On Usable Privacy and Security","volume":"41 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-07-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134164005","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 371
Smart, useful, scary, creepy: perceptions of online behavioral advertising 聪明、有用、可怕、令人毛骨悚然:对在线行为广告的看法
Symposium On Usable Privacy and Security Pub Date : 2012-07-11 DOI: 10.1145/2335356.2335362
Blase Ur, P. Leon, L. Cranor, Richard Shay, Yang Wang
{"title":"Smart, useful, scary, creepy: perceptions of online behavioral advertising","authors":"Blase Ur, P. Leon, L. Cranor, Richard Shay, Yang Wang","doi":"10.1145/2335356.2335362","DOIUrl":"https://doi.org/10.1145/2335356.2335362","url":null,"abstract":"We report results of 48 semi-structured interviews about online behavioral advertising (OBA). We investigated non-technical users' attitudes about and understanding of OBA, using participants' expectations and beliefs to explain their attitudes. Participants found OBA to be simultaneously useful and privacy invasive. They were surprised to learn that browsing history is currently used to tailor advertisements, yet they were aware of contextual targeting.\u0000 Our results identify mismatches between participants' mental models and current approaches for providing users with notice and choice about OBA. Participants misinterpreted icons intended to notify them about behavioral targeting and expected that they could turn to their browser or antivirus software to control OBA. Participants had strong concerns about data collection, and the majority of participants believed that advertisers collect personally identifiable information. They also misunderstood the role of advertising networks, basing their opinions of an advertising network on that company's non-advertising activities. Participants' attitudes towards OBA were complex and context-dependent. While many participants felt tailored advertising could benefit them, existing notice and choice mechanisms are not effectively reaching users.","PeriodicalId":273244,"journal":{"name":"Symposium On Usable Privacy and Security","volume":"28 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-07-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115036628","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 342
Correct horse battery staple: exploring the usability of system-assigned passphrases 正确的马电池主食:探索系统分配的密码的可用性
Symposium On Usable Privacy and Security Pub Date : 2012-07-11 DOI: 10.1145/2335356.2335366
Richard Shay, Patrick Gage Kelley, Saranga Komanduri, Michelle L. Mazurek, Blase Ur, Timothy M. Vidas, Lujo Bauer, Nicolas Christin, L. Cranor
{"title":"Correct horse battery staple: exploring the usability of system-assigned passphrases","authors":"Richard Shay, Patrick Gage Kelley, Saranga Komanduri, Michelle L. Mazurek, Blase Ur, Timothy M. Vidas, Lujo Bauer, Nicolas Christin, L. Cranor","doi":"10.1145/2335356.2335366","DOIUrl":"https://doi.org/10.1145/2335356.2335366","url":null,"abstract":"Users tend to create passwords that are easy to guess, while system-assigned passwords tend to be hard to remember. Passphrases, space-delimited sets of natural language words, have been suggested as both secure and usable for decades. In a 1,476-participant online study, we explored the usability of 3- and 4-word system-assigned passphrases in comparison to system-assigned passwords composed of 5 to 6 random characters, and 8-character system-assigned pronounceable passwords. Contrary to expectations, system-assigned passphrases performed similarly to system-assigned passwords of similar entropy across the usability metrics we examined. Passphrases and passwords were forgotten at similar rates, led to similar levels of user difficulty and annoyance, and were both written down by a majority of participants. However, passphrases took significantly longer for participants to enter, and appear to require error-correction to counteract entry mistakes. Passphrase usability did not seem to increase when we shrunk the dictionary from which words were chosen, reduced the number of words in a passphrase, or allowed users to change the order of words.","PeriodicalId":273244,"journal":{"name":"Symposium On Usable Privacy and Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-07-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130311207","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 146
Helping Johnny 2.0 to encrypt his Facebook conversations 帮约翰尼2.0加密他的脸书对话
Symposium On Usable Privacy and Security Pub Date : 2012-07-11 DOI: 10.1145/2335356.2335371
S. Fahl, M. Harbach, T. Muders, Matthew Smith, U. Sander
{"title":"Helping Johnny 2.0 to encrypt his Facebook conversations","authors":"S. Fahl, M. Harbach, T. Muders, Matthew Smith, U. Sander","doi":"10.1145/2335356.2335371","DOIUrl":"https://doi.org/10.1145/2335356.2335371","url":null,"abstract":"Several billion Facebook messages are sent every day. While there are many solutions to email security whose usability has been extensively studied, little work has been done in the area of message security for Facebook and even less on the usability aspects in this area. To evaluate the need for such a mechanism, we conducted a screening study with 514 participants, which showed a clear desire to protect private messages on Facebook. We therefore proceeded to analyse the usability of existing approaches and extracted key design decisions for further evaluation. Based on this analysis, we conducted a laboratory study with 96 participants to analyse different usability aspects and requirements of a Facebook message encryption mechanism. Two key findings of our study are that automatic key management and key recovery capabilities are important features for such a mechanism. Following on from these studies, we designed and implemented a usable service-based encryption mechanism for Facebook conversations. In a final study with 15 participants, we analysed the usability of our solution. All participants were capable of successfully encrypting their Facebook conversations without error when using our service, and the mechanism was perceived as usable and useful. The results of our work suggest that in the context of the social web, new security/usability trade-offs can be explored to protect users more effectively.","PeriodicalId":273244,"journal":{"name":"Symposium On Usable Privacy and Security","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-07-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125133476","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 65
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信