Article

Seeing further: extending visualization as a basis for usable security

Authors:

Carolina Johansson,

Roberto Silva Filho,

David H. Nguyen,

David RedmilesAuthors Info & Claims

SOUPS '06: Proceedings of the second symposium on Usable privacy and security

Pages 145 - 155

https://doi.org/10.1145/1143120.1143138

Published: 12 July 2006 Publication History

Abstract

The focus of our approach to the usability considerations of privacy and security has been on providing people with information they can use to understand the implications of their interactions with a system, as well as, to assess whether or not a system is secure enough for their immediate needs. To this end, we have been exploring two design principles for secure interaction: visualizing system activity and integrating configuration and action. Here we discuss the results of a user study designed as a broad formative examination of the successes and failures of an initial prototype based around these principles. Our response to the results of this study has been twofold. First, we have fixed a number of implementation and usability problems. Second, we have extended our visualizations to incorporate new considerations regarding the temporal and structural organization of interactions.

References

[1]

Jetty Java HTTP Servlet Server, Mort Bay Consulting <http://jetty.mortbay.org/jetty/>.]]

[2]

The Jakarta Slide Projects, <http://jakarta.apache.org/slide/>]]

[3]

Altman, I. (1975). The Environment and Social Behavior. Privacy Personal Space, Territory and Crowding. Monterey, CA. Brooks/Cole Pub. Co., Inc.]]

[4]

Altman, I. (1977). Privacy Regulation: Culturally Universal or Culturally Specific? Journal of Social Issues, 33(3), 66--84.]]

[5]

DePaula, R., X. Ding, et al. (2005). In the Eye of the Beholder: A Visualization-based Approach to Information System Security. International Journal of Human-Computer Studies (IJHCS) Special Issue on HCI Research in Privacy and Security, 63(1--2), 5--24.]]

Digital Library

[6]

DePaula, R., X. Ding, et al. (2005). Two Experiences Designing for Effective Security. In Proceedings of the 2005 Symposium on Usable Privacy and Security (SOUPS 2005), Pittsburgh, PA.]]

Digital Library

[7]

DiGioia, P. and P. Dourish (2005). Social Navigation as a Model for Usable Security. In Proceedinfs of the 2005 Symposium on Usable Privacy and Security (SOUPS 2005), Pittsburgh, PA.]]

Digital Library

[8]

Dourish, P. and Anderson, K. In press. Collective Information Practice: Exploring Privacy and Security as Social and Cultural Phenomena. Human-Computer Interaction.]]

[9]

Goland, Y., E. J. Whitehead, et al. (1999). HTTP Extensions for Distributed Authoring -- WEBDAV, Internet Engineering Task Force: 1--94, RFC 2518.]]

Digital Library

[10]

Hill, W. C., J. D. Hollan, et al. (1992). Read wear and edit wear. In Proceedings of the ACM Conference on Human Factors in Computing Systems. (CHI '92), Monterey, California.]]

Digital Library

[11]

Kowitz, B. and L. Cranor (2005). Peripheral Privacy Notifications for Wireless Networks. In Proceedings of the 2005 ACM Workshop on Privacy in the Electronic Society, Alexandria, VA.]]

Digital Library

[12]

Plummer, D. C. (1986). Ethernet Address Resolution Protocol: Or converting network protocol addresses to 48.bit Ethernet address for transmission on Ethernet hardware, IETF RFC826.]]

Digital Library

[13]

Silva Filho, R. S., D. S. C. R. B., et al. (2003). The Design of a Configurable, Extensible and Dynamic Notification Service. In Proceedings of the Second International Workshop on Distributed Event-Based Systems (DEBS'03), San Diego, CA.]]

Digital Library

[14]

Steinberg, D. and S. Cheshire (2005). Zero Configuration Networking: The Definitive Guide. O'Reilly Media.]]

Digital Library

[15]

Tatar, D., Foster, G., and Bobrow, D. 1991. Designing for Conversation: Lessons from Cognoter. International Journal of Man- Machine Studies, 34(2), 185--209.]]

Digital Library

Cited By

Hasel Mehri GLe TCappers BHartog JZannone NNiu JVaidya J(2024)WiP: Enhancing the Comprehension of XACML PoliciesProceedings of the 29th ACM Symposium on Access Control Models and Technologies10.1145/3649158.3657052(41-46)Online publication date: 24-Jun-2024
https://dl.acm.org/doi/10.1145/3649158.3657052
Salgado AHung PFortes R(2023)Six usable privacy heuristicsProceedings of the XXII Brazilian Symposium on Human Factors in Computing Systems10.1145/3638067.3638111(1-11)Online publication date: 16-Oct-2023
https://dl.acm.org/doi/10.1145/3638067.3638111
Linsner SSteinbrink EKuntke FFranken JReuter C(2022)Supporting users in data disclosure scenarios in agriculture through transparencyBehaviour & Information Technology10.1080/0144929X.2022.206807041:10(2151-2173)Online publication date: 10-May-2022
https://doi.org/10.1080/0144929X.2022.2068070
Show More Cited By

Index Terms

Seeing further: extending visualization as a basis for usable security
1. Applied computing
  1. Electronic commerce
    1. Secure online transactions
2. Security and privacy
  1. Human and societal aspects of security and privacy
  2. Software and application security
    1. Domain-specific security and privacy architectures

Recommendations

Two experiences designing for effective security
SOUPS '05: Proceedings of the 2005 symposium on Usable privacy and security

In our research, we have been concerned with the question of how to make relevant features of security situations visible to users in order to allow them to make informed decisions regarding potential privacy and security problems, as well as regarding ...
Usable and secure? User perception of four authentication methods for mobile banking
Highlights
- The study investigates perception of the usability and security of four authentication methods for two age groups: those aged 26-54 (N = 229) and older group ...
Abstract
Smartphone authentication is becoming a cornerstone security component, so it is necessary to have methods that are usable and secure to ensure adequate protection, especially for mobile banking. Though biometric authentication seems ...
Secure and usable P2P VoIP for mobile devices
MobileHCI '10: Proceedings of the 12th international conference on Human computer interaction with mobile devices and services

The use of Voice over IP (VoIP) applications involves a number of security threats and usability issues, leading to possible breaches of security and privacy. With the adoption of future peer-to-peer communication systems, the challenges grow even more ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

SOUPS '06: Proceedings of the second symposium on Usable privacy and security

July 2006

168 pages

ISBN:1595934480

DOI:10.1145/1143120

General Chair:
Lorrie Faith Cranor
Carnegie Mellon University

Copyright © 2006 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 12 July 2006

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Acceptance Rates

Overall Acceptance Rate 15 of 49 submissions, 31%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

32
Total Citations
View Citations
830
Total Downloads

Downloads (Last 12 months)6
Downloads (Last 6 weeks)2

Reflects downloads up to 17 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

Hasel Mehri GLe TCappers BHartog JZannone NNiu JVaidya J(2024)WiP: Enhancing the Comprehension of XACML PoliciesProceedings of the 29th ACM Symposium on Access Control Models and Technologies10.1145/3649158.3657052(41-46)Online publication date: 24-Jun-2024
https://dl.acm.org/doi/10.1145/3649158.3657052
Salgado AHung PFortes R(2023)Six usable privacy heuristicsProceedings of the XXII Brazilian Symposium on Human Factors in Computing Systems10.1145/3638067.3638111(1-11)Online publication date: 16-Oct-2023
https://dl.acm.org/doi/10.1145/3638067.3638111
Linsner SSteinbrink EKuntke FFranken JReuter C(2022)Supporting users in data disclosure scenarios in agriculture through transparencyBehaviour & Information Technology10.1080/0144929X.2022.206807041:10(2151-2173)Online publication date: 10-May-2022
https://doi.org/10.1080/0144929X.2022.2068070
Sönmez FGünel B(2020)Security Visualization Extended Review Issues, Classifications, Validation Methods, Trends, ExtensionsResearch Anthology on Artificial Intelligence Applications in Security10.4018/978-1-7998-7705-9.ch054(1184-1229)Online publication date: 27-Nov-2020
https://doi.org/10.4018/978-1-7998-7705-9.ch054
Bhattacharjee KChen MDasgupta A(2020)Privacy‐Preserving Data Visualization: Reflections on the State of the Art and Research OpportunitiesComputer Graphics Forum10.1111/cgf.1403239:3(675-692)Online publication date: 18-Jul-2020
https://doi.org/10.1111/cgf.14032
Elahi HWang GPeng TChen J(2019)On Transparency and Accountability of Smart Assistants in Smart CitiesApplied Sciences10.3390/app92453449:24(5344)Online publication date: 6-Dec-2019
https://doi.org/10.3390/app9245344
Dinneen JJulien C(2019)The ubiquitous digital fileJournal of the Association for Information Science and Technology10.1002/asi.2422271:1(E1-E32)Online publication date: 4-Dec-2019
https://dl.acm.org/doi/10.1002/asi.24222
Sönmez FGünel B(2018)Security Visualization Extended Review Issues, Classifications, Validation Methods, Trends, ExtensionsSecurity and Privacy Management, Techniques, and Protocols10.4018/978-1-5225-5583-4.ch006(152-197)Online publication date: 2018
https://doi.org/10.4018/978-1-5225-5583-4.ch006
Paci FSquicciarini AZannone N(2018)Survey on Access Control for Community-Centered Collaborative SystemsACM Computing Surveys10.1145/314602551:1(1-38)Online publication date: 4-Jan-2018
https://dl.acm.org/doi/10.1145/3146025
Alemerien K(2017)User-Friendly Security Patterns for Designing Social Network WebsitesInternational Journal of Technology and Human Interaction10.4018/IJTHI.201701010313:1(39-60)Online publication date: Jan-2017
https://doi.org/10.4018/IJTHI.2017010103
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents