In order to be effective, secure systems need to be both correct (i.e. effective when used as intended) and dependable (i.e. actually being used as intended). Given that most secure systems involve people, a strategy for achieving dependable security must address both people and technology. Current research in Human-Computer Interactions in Security (HCISec) aims to increase dependability of the human element by reducing mistakes (e.g. through better user interfaces to security tools). We argue that a successful strategy also needs to consider the impact of social interaction on security, and in this respect trust is a central concept. We compare the understanding of trust in secure systems with the more differentiated models of trust in so...
In this paper we lay some theoretical foundations for examining governance, users and trust in onli...
As we have seen in a previous chapter [1], any security system is only as secure as its weakest link...
If you care about security, you care about safety. So you need to care about abusability and trust. ...
In this work we survey the findings in social psychology and philosophy with respect to trust. We in...
Part 1: Invited PaperInternational audienceThe computer security community has traditionally regarde...
A secure system that cannot be used by real users to secure real-world processes is not really secur...
Security as an enabling paradigm has not succeeded half as well as we might have hoped. Systems are ...
In this chapter we argue that transparency is worthless in guaranteeing the trustworthiness of the t...
2015 - 2016Recent security breaches showed that every attack begins with the involvement of users an...
AbstractWe investigate how the term 'trust' has been used, and re-defined, in computer security, cov...
Trust - "reliance on the integrity, ability, or character of a person or thing" - is pervasive in so...
This paper will show in detail the differences between safety and security. An argument is made for ...
Security experts frequently refer to people as “the weakest link in the chain” of system security. ...
This paper investigates the interrelationship and effect of trust and culture on the level of goal s...
This position paper describes work on trust assumptions in the con-text of security requirements. We...
In this paper we lay some theoretical foundations for examining governance, users and trust in onli...
As we have seen in a previous chapter [1], any security system is only as secure as its weakest link...
If you care about security, you care about safety. So you need to care about abusability and trust. ...
In this work we survey the findings in social psychology and philosophy with respect to trust. We in...
Part 1: Invited PaperInternational audienceThe computer security community has traditionally regarde...
A secure system that cannot be used by real users to secure real-world processes is not really secur...
Security as an enabling paradigm has not succeeded half as well as we might have hoped. Systems are ...
In this chapter we argue that transparency is worthless in guaranteeing the trustworthiness of the t...
2015 - 2016Recent security breaches showed that every attack begins with the involvement of users an...
AbstractWe investigate how the term 'trust' has been used, and re-defined, in computer security, cov...
Trust - "reliance on the integrity, ability, or character of a person or thing" - is pervasive in so...
This paper will show in detail the differences between safety and security. An argument is made for ...
Security experts frequently refer to people as “the weakest link in the chain” of system security. ...
This paper investigates the interrelationship and effect of trust and culture on the level of goal s...
This position paper describes work on trust assumptions in the con-text of security requirements. We...
In this paper we lay some theoretical foundations for examining governance, users and trust in onli...
As we have seen in a previous chapter [1], any security system is only as secure as its weakest link...
If you care about security, you care about safety. So you need to care about abusability and trust. ...