Background: Human beings are an integral part of computer security, whether we actively participate or simply build the systems. Despite this importance, understanding users and their interaction with security is a blind spot for most security practitioners and designers. / Aim: Define principles for conducting experiments into usable security and privacy, to improve study robustness and usefulness. / Data: The authors’ experiences conducting several research projects complemented with a literature survey. Method: We extract principles based on relevance to the advancement of the state of the art. We then justify our choices by providing published experiments as cases of where the principles are and are not followed in practice ...
This paper reports findings from participatory design research aimed at uncovering how technological...
This thesis aims to shed light on the so-called “privacy paradox”, which refers to the dichotomy bet...
In this paper, we discuss the scientific method and how it can be applied to computer security exper...
In traditional interactions that do not rely on technology, most people are able to assess risks to ...
editorial reviewedA variety of methods and techniques are used in usable privacy and security (UPS) ...
This paper describes the unique challenges facing usable security research and design, and introduce...
The joint study of computer security, privacy and human-computer interaction (HCI) over the last two...
Usable privacy and security researchers have developed a variety of approaches to represent risk to ...
"Given a choice between dancing pigs and security, users will pick dancing pigs every time," warns a...
There is ongoing interest in utilising user experiences associated with security and privacy to bett...
often must make security and privacy decisions, yet they are rarely equipped to do so. We ask users ...
This article describes the unique challenges facing usable security research and design, and introdu...
The security of any computer system that is configured\ud and operated by human beings critically de...
The increasing magnitude and sophistication of malicious cyber activities by various threat actors p...
Well-intentioned decisions---even ones intended to improve aggregate security--- may inadvertently j...
This paper reports findings from participatory design research aimed at uncovering how technological...
This thesis aims to shed light on the so-called “privacy paradox”, which refers to the dichotomy bet...
In this paper, we discuss the scientific method and how it can be applied to computer security exper...
In traditional interactions that do not rely on technology, most people are able to assess risks to ...
editorial reviewedA variety of methods and techniques are used in usable privacy and security (UPS) ...
This paper describes the unique challenges facing usable security research and design, and introduce...
The joint study of computer security, privacy and human-computer interaction (HCI) over the last two...
Usable privacy and security researchers have developed a variety of approaches to represent risk to ...
"Given a choice between dancing pigs and security, users will pick dancing pigs every time," warns a...
There is ongoing interest in utilising user experiences associated with security and privacy to bett...
often must make security and privacy decisions, yet they are rarely equipped to do so. We ask users ...
This article describes the unique challenges facing usable security research and design, and introdu...
The security of any computer system that is configured\ud and operated by human beings critically de...
The increasing magnitude and sophistication of malicious cyber activities by various threat actors p...
Well-intentioned decisions---even ones intended to improve aggregate security--- may inadvertently j...
This paper reports findings from participatory design research aimed at uncovering how technological...
This thesis aims to shed light on the so-called “privacy paradox”, which refers to the dichotomy bet...
In this paper, we discuss the scientific method and how it can be applied to computer security exper...