Endre søk
Link to record
Permanent link

Direct link
BETA
Publikasjoner (10 av 63) Visa alla publikasjoner
Mayer, P. & Volkamer, M. (2018). Addressing misconceptions about password security effectively. In: Proceedings of 7th Workshop on Socio-Technical Aspects in Security and Trust, Orlando, Florida, USA, December 2017 (STAST 2017): . Paper presented at 7th Workshop on Socio-Technical Aspects in Security and Trust, STAST 2017 - Co-located with the 2017 Annual Computer Security Applications Conference, ACSAC 2017, 5 December 2017 (pp. 1-12). Association for Computing Machinery
Åpne denne publikasjonen i ny fane eller vindu >>Addressing misconceptions about password security effectively
2018 (engelsk)Inngår i: Proceedings of 7th Workshop on Socio-Technical Aspects in Security and Trust, Orlando, Florida, USA, December 2017 (STAST 2017), Association for Computing Machinery , 2018, s. 1-12Konferansepaper, Publicerat paper (Fagfellevurdert)
Abstract [en]

Nowadays, most users need more passwords than they can handle. Consequently, users have developed a multitude of strategies to cope with this situation. Some of these coping strategies are based on misconceptions about password security. In such cases, the users are unaware of their insecure password practices. Addressing the misconceptions is vital in order to decrease insecure coping strategies. We conducted a systematic literature review with the goal to provide an overview of the misconceptions about password security. Our literature review revealed that misconceptions exist in basically all aspects of password security. Furthermore, we developed interventions to address these misconceptions. Then, we evaluated the interventions’ effectiveness in decreasing the misconceptions at three small and medium sized enterprises (SME). Our results show that the interventions decrease the overall prevalence of misconceptions significantly in the participating employees.

sted, utgiver, år, opplag, sider
Association for Computing Machinery, 2018
Emneord
Literature review, Misconceptions, Password security, User study, Security systems, Coping strategies, Literature reviews, Small- and medium-sized enterprise, Systematic literature review, Authentication
HSV kategori
Forskningsprogram
Datavetenskap; Matematik
Identifikatorer
urn:nbn:se:kau:diva-71295 (URN)10.1145/3167996.3167998 (DOI)2-s2.0-85061043553 (Scopus ID)9781450363570 (ISBN)
Konferanse
7th Workshop on Socio-Technical Aspects in Security and Trust, STAST 2017 - Co-located with the 2017 Annual Computer Security Applications Conference, ACSAC 2017, 5 December 2017
Tilgjengelig fra: 2019-02-21 Laget: 2019-02-21 Sist oppdatert: 2019-05-16bibliografisk kontrollert
Karegar, F., Gerber, N., Volkamer, M. & Fischer-Hübner, S. (2018). Helping John to Make Informed Decisions on Using Social Login. In: Proceedings of the 33th Symposium on Applied Computing (SAC 2018), Pau, F, April 9-13, 2018: . New York: ACM Publications
Åpne denne publikasjonen i ny fane eller vindu >>Helping John to Make Informed Decisions on Using Social Login
2018 (engelsk)Inngår i: Proceedings of the 33th Symposium on Applied Computing (SAC 2018), Pau, F, April 9-13, 2018, New York: ACM Publications, 2018Kapittel i bok, del av antologi (Annet vitenskapelig)
sted, utgiver, år, opplag, sider
New York: ACM Publications, 2018
HSV kategori
Forskningsprogram
Datavetenskap
Identifikatorer
urn:nbn:se:kau:diva-65743 (URN)10.1145/3167132.3167259 (DOI)000455180700169 ()
Prosjekter
Credential (4896)
Forskningsfinansiär
EU, Horizon 2020
Tilgjengelig fra: 2018-01-19 Laget: 2018-01-19 Sist oppdatert: 2019-02-14bibliografisk kontrollert
Budurushi, J., Neumann, S., Renaud, K. & Volkamer, M. (2018). Introduction to special issue on e-voting. Journal of Information Security and Applications, 38, 122-123
Åpne denne publikasjonen i ny fane eller vindu >>Introduction to special issue on e-voting
2018 (engelsk)Inngår i: Journal of Information Security and Applications, ISSN 2214-2134, E-ISSN 2214-2126, Vol. 38, s. 122-123Artikkel i tidsskrift (Fagfellevurdert) Published
sted, utgiver, år, opplag, sider
Elsevier, 2018
HSV kategori
Forskningsprogram
Informatik
Identifikatorer
urn:nbn:se:kau:diva-66618 (URN)10.1016/j.jisa.2017.12.003 (DOI)000425280800011 ()
Tilgjengelig fra: 2018-03-08 Laget: 2018-03-08 Sist oppdatert: 2018-06-14bibliografisk kontrollert
Mayer, P., Kirchner, J. & Volkamer, M. (2017). A second look at password composition policies in the wild: Comparing samples from 2010 and 2016. In: Proceedings of the Thirteenth Symposium on Usable Privacy and Security (SOUPS 2017): . Paper presented at SOUPS Thirteenth Symposium on Usable Privacy and Security, July 12–14, 2017, Santa Clara, CA, USA (pp. 13-28). Usenix, The advanced computer systems associaton
Åpne denne publikasjonen i ny fane eller vindu >>A second look at password composition policies in the wild: Comparing samples from 2010 and 2016
2017 (engelsk)Inngår i: Proceedings of the Thirteenth Symposium on Usable Privacy and Security (SOUPS 2017), Usenix, The advanced computer systems associaton , 2017, s. 13-28Konferansepaper, Publicerat paper (Fagfellevurdert)
Abstract [en]

In this paper we present a replication and extension of the study performed by Flor^encio and Herley published at SOUPS 2010. They investigated a sample of US websites, examining different website features' effects on the strength of the website's password composition policy (PCP). Using the same methodology as in the original study, we re-investigated the same US websites to identify differences over time. We then extended the initial study by investigating a corresponding sample of German websites in order to identify differences across countries. Our findings indicate that while the website features mostly retain their predicting power for the US sample, only one feature affecting PCP strength translates to the German sample: whether users can choose among multiple alternative websites providing the same service. Moreover, German websites generally use weaker PCPs and, in particular, PCPs of German banking websites stand out for having generally low strength PCPs

 

sted, utgiver, år, opplag, sider
Usenix, The advanced computer systems associaton, 2017
HSV kategori
Forskningsprogram
Datavetenskap
Identifikatorer
urn:nbn:se:kau:diva-65615 (URN)978-1-931971-39-3 (ISBN)
Konferanse
SOUPS Thirteenth Symposium on Usable Privacy and Security, July 12–14, 2017, Santa Clara, CA, USA
Tilgjengelig fra: 2018-01-16 Laget: 2018-01-16 Sist oppdatert: 2018-07-03bibliografisk kontrollert
Kulyk, O., Reinheimer, B. M., Gerber, P., Volk, F., Volkamer, M. & Mühlhäuser, M. (2017). Advancing Trust Visualisations for Wider Applicability and User Acceptance. In: Trustcom/BigDataSE/ICESS, 2017 IEEE: . Paper presented at IEEE Trustcom/BigDataSE/ICESS 1-4 Augusti 2017, Sydney, NSW, Australia (pp. 562-569). Piscataway: IEEE
Åpne denne publikasjonen i ny fane eller vindu >>Advancing Trust Visualisations for Wider Applicability and User Acceptance
Vise andre…
2017 (engelsk)Inngår i: Trustcom/BigDataSE/ICESS, 2017 IEEE, Piscataway: IEEE, 2017, s. 562-569Konferansepaper, Publicerat paper (Fagfellevurdert)
Abstract [en]

There are only a few visualisations targeting the communication of trust statements. Even though there are some advanced and scientifically founded visualisations-like, for example, the opinion triangle, the human trust interface, and T-Viz-the stars interface known from e-commerce platforms is by far the most common one. In this paper, we propose two trust visualisations based on T-Viz, which was recently proposed and successfully evaluated in large user studies. Despite being the most promising proposal, its design is not primarily based on findings from human-computer interaction or cognitive psychology. Our visualisations aim to integrate such findings and to potentially improve decision making in terms of correctness and efficiency. A large user study reveals that our proposed visualisations outperform T-Viz in these factors

sted, utgiver, år, opplag, sider
Piscataway: IEEE, 2017
Emneord
data visualisation, decision making, trusted computing
HSV kategori
Forskningsprogram
Datavetenskap
Identifikatorer
urn:nbn:se:kau:diva-65610 (URN)10.1109/Trustcom/BigDataSE/ICESS.2017.285 (DOI)978-1-5090-4906-6 (ISBN)978-1-5090-4907-3 (ISBN)
Konferanse
IEEE Trustcom/BigDataSE/ICESS 1-4 Augusti 2017, Sydney, NSW, Australia
Tilgjengelig fra: 2018-01-15 Laget: 2018-01-15 Sist oppdatert: 2018-07-05bibliografisk kontrollert
Kulyk, O., Neumann, S., Marley, K., Budurushi, J. & Volkamer, M. (2017). Coercion-resistant proxy voting. Paper presented at 13th International Conference on Security and Cryptography (SECRYPT), JUL 26-28, 2016, Lisbon, PORTUGAL. Computers & security (Print), 71, 88-99
Åpne denne publikasjonen i ny fane eller vindu >>Coercion-resistant proxy voting
Vise andre…
2017 (engelsk)Inngår i: Computers & security (Print), ISSN 0167-4048, E-ISSN 1872-6208, Vol. 71, s. 88-99Artikkel i tidsskrift (Fagfellevurdert) Published
Abstract [en]

In general, most elections follow the principle of equality, or as it came to be known, the principle of "one person-one vote". However, this principle might pose difficulties for voters, who are not well informed regarding the particular matter that is voted on. In order to address this issue, a new form of voting has been proposed, namely proxy voting. In proxy voting, each voter has the possibility to delegate her voting right to another voter, so called proxy, that she considers a trusted expert on the matter. In this paper we propose an end-to-end verifiable Internet voting scheme, which to the best of our knowledge is the first scheme to address voter coercion in the proxy voting setting. (C) 2017 Elsevier Ltd. All rights reserved.

HSV kategori
Forskningsprogram
Datavetenskap
Identifikatorer
urn:nbn:se:kau:diva-65907 (URN)10.1016/j.cose.2017.06.007 (DOI)000414817800008 ()
Konferanse
13th International Conference on Security and Cryptography (SECRYPT), JUL 26-28, 2016, Lisbon, PORTUGAL
Tilgjengelig fra: 2018-01-25 Laget: 2018-01-25 Sist oppdatert: 2018-06-29bibliografisk kontrollert
Neumann, S., Reinheimer, B. M. & Volkamer, M. (2017). Don’t Be Deceived: The Message Might Be Fake. In: Javier Lopez; Simone Fischer-Hübner; Costas Lambrinoudaki (Ed.), Lopez J., Fischer-Hübner S., Lambrinoudakis C (Ed.), Trust, Privacy and Security in Digital Business, Trustbus 2017: . Paper presented at International Conference on Trust and Privacy in Digital Business, 28-31 August, Lyon, France (pp. 199-214). Cham: Springer, 10442
Åpne denne publikasjonen i ny fane eller vindu >>Don’t Be Deceived: The Message Might Be Fake
2017 (engelsk)Inngår i: Trust, Privacy and Security in Digital Business, Trustbus 2017 / [ed] Lopez J., Fischer-Hübner S., Lambrinoudakis C, Cham: Springer, 2017, Vol. 10442, s. 199-214Konferansepaper, Publicerat paper (Fagfellevurdert)
Abstract [en]

In an increasingly digital world, fraudsters, too, exploit this new environment and distribute fraudulent messages that trick victims into taking particular actions. There is no substitute for making users aware of scammers’ favoured techniques and giving them the ability to detect fraudulent messages. We developed an awareness-raising programme, specifically focusing on the needs of small and medium-sized enterprises (SMEs). The programme was evaluated in the field. The participating employees demonstrated significantly improved skills in terms of ability to classify messages as fraudulent or genuine. Particularly with regard to one of the most widespread attack types, namely fraudulent messages with links that contain well-known domains as sub-domains of generic domains, recipients of the programme improved their recognition rates from \(56.6\%\) to \(88\%\). Thus, the developed security awareness-raising programme contributes to improving the security in SMEs.

sted, utgiver, år, opplag, sider
Cham: Springer, 2017
Serie
Lecture Notes in Computer Science, ISSN 0302-9743, E-ISSN 1611-3349 ; 10442
Emneord
Usable security, Education concept, User studies, SME, Awareness
HSV kategori
Forskningsprogram
Datavetenskap
Identifikatorer
urn:nbn:se:kau:diva-65619 (URN)10.1007/978-3-319-64483-7_13 (DOI)000457332100013 ()978-3-319-64482-0 (ISBN)978-3-319-64483-7 (ISBN)
Konferanse
International Conference on Trust and Privacy in Digital Business, 28-31 August, Lyon, France
Tilgjengelig fra: 2018-01-17 Laget: 2018-01-17 Sist oppdatert: 2019-11-11bibliografisk kontrollert
Neumann, S., Noll, M. & Volkamer, M. (2017). Election-Dependent Security Evaluation of Internet Voting Schemes. In: De Capitani di Vimercati S., Martinelli F. (Ed.), ICT Systems Security and Privacy Protection: SEC 2017. IFIP Advances in Information and Communication Technology. Paper presented at 32nd International Conference on ICT Systems Security and Privacy Protection - IFIP SEC 2017 May 29 - 31, 2017, Rome, Italy (pp. 371-382). Springer, 502
Åpne denne publikasjonen i ny fane eller vindu >>Election-Dependent Security Evaluation of Internet Voting Schemes
2017 (engelsk)Inngår i: ICT Systems Security and Privacy Protection: SEC 2017. IFIP Advances in Information and Communication Technology / [ed] De Capitani di Vimercati S., Martinelli F., Springer, 2017, Vol. 502, s. 371-382Konferansepaper, Publicerat paper (Fagfellevurdert)
Abstract [en]

The variety of Internet voting schemes proposed in the literature build their security upon a number of trust assumptions. The criticality of these assumptions depends on the target election setting, particularly the adversary expected within that setting. Given the potential complexity of the assumptions, identifying the most appropriate Internet voting schemes for a specific election setting poses a significant burden to election officials. We address this shortcoming by the construction of an election-dependent security evaluation framework for Internet voting schemes. On the basis of two specification languages, the core of the framework essentially evaluates election-independent security models with regard to expected adversaries and returns satisfaction degrees for security requirements. These satisfaction degrees serve election officials as basis for their decision-making. The framework is evaluated against requirements stemming from measure theory.

sted, utgiver, år, opplag, sider
Springer, 2017
HSV kategori
Forskningsprogram
Datavetenskap
Identifikatorer
urn:nbn:se:kau:diva-65617 (URN)10.1007/978-3-319-58469-0_25 (DOI)978-3-319-58469-0 (ISBN)978-3-319-58468-3 (ISBN)
Konferanse
32nd International Conference on ICT Systems Security and Privacy Protection - IFIP SEC 2017 May 29 - 31, 2017, Rome, Italy
Tilgjengelig fra: 2018-01-17 Laget: 2018-01-17 Sist oppdatert: 2018-07-03bibliografisk kontrollert
Krimmer, R., Volkamer, M., Barrat, J., Benaloh, J., Goodman, N., Ryan, P. Y. . & Teague, V. (Eds.). (2017). Electronic Voting: First International Joint Conference, E-Vote-ID 2016, Bregenz, Austria, October 18-21, 2016, Proceedings. Paper presented at First International Joint Conference, E-Vote-ID 2016, Bregenz, Austria, October 18-21, 2016. Cham: Springer
Åpne denne publikasjonen i ny fane eller vindu >>Electronic Voting: First International Joint Conference, E-Vote-ID 2016, Bregenz, Austria, October 18-21, 2016, Proceedings
Vise andre…
2017 (engelsk)Konferanseproceedings (Fagfellevurdert)
sted, utgiver, år, opplag, sider
Cham: Springer, 2017. s. 233
Serie
Lecture Notes in Computer Science, ISSN 0302-9743, E-ISSN 1611-3349 ; 10141
Emneord
document image analysis formal methods internet voting private and secure message transmission ballot secrecy cast-as-intended verifiability combinatorics computer system diversity computer vision e-voting electronic voting protocols electronic voting systems information theoretic anonymity malicious voting client optical scan paper ballots paper based elections remote voting voting systems
HSV kategori
Forskningsprogram
Datavetenskap
Identifikatorer
urn:nbn:se:kau:diva-65604 (URN)10.1007/978-3-319-52240-1 (DOI)978-3-319-52239-5 (ISBN)978-3-319-52240-1 (ISBN)
Konferanse
First International Joint Conference, E-Vote-ID 2016, Bregenz, Austria, October 18-21, 2016
Tilgjengelig fra: 2018-01-15 Laget: 2018-01-15 Sist oppdatert: 2019-11-11bibliografisk kontrollert
Ghiglieri, M., Volkamer, M. & Renaud, K. (2017). Exploring Consumers' Attitudes of Smart TV Related Privacy Risks. In: Human Aspects of Information Security, Privacy and Trust: 5th International Conference, HAS 2017, Held as Part of HCI International 2017, Vancouver, BC, Canada, July 9-14, 2017, Proceedings. Paper presented at HAS 2017: 5th International Conference on Human Aspects of Information Security, Privacy, and Trust, Vancouver, Canada, 9 - 14 July 2017 (pp. 656-674). Cham: Springer, 10292
Åpne denne publikasjonen i ny fane eller vindu >>Exploring Consumers' Attitudes of Smart TV Related Privacy Risks
2017 (engelsk)Inngår i: Human Aspects of Information Security, Privacy and Trust: 5th International Conference, HAS 2017, Held as Part of HCI International 2017, Vancouver, BC, Canada, July 9-14, 2017, Proceedings, Cham: Springer, 2017, Vol. 10292, s. 656-674Konferansepaper, Publicerat paper (Fagfellevurdert)
sted, utgiver, år, opplag, sider
Cham: Springer, 2017
Serie
Lecture Notes in Computer Science, ISSN 0302-9743 ; 10292
HSV kategori
Identifikatorer
urn:nbn:se:kau:diva-48086 (URN)10.1007/978-3-319-58460-7_45 (DOI)
Konferanse
HAS 2017: 5th International Conference on Human Aspects of Information Security, Privacy, and Trust, Vancouver, Canada, 9 - 14 July 2017
Tilgjengelig fra: 2017-03-06 Laget: 2017-03-06 Sist oppdatert: 2019-11-11bibliografisk kontrollert
Organisasjoner
Identifikatorer
ORCID-id: ORCID iD iconorcid.org/0000-0003-2674-4043