Ändra sökning
Länk till posten
Permanent länk

Direktlänk
BETA
Publikationer (10 of 63) Visa alla publikationer
Mayer, P. & Volkamer, M. (2018). Addressing misconceptions about password security effectively. In: Proceedings of 7th Workshop on Socio-Technical Aspects in Security and Trust, Orlando, Florida, USA, December 2017 (STAST 2017): . Paper presented at 7th Workshop on Socio-Technical Aspects in Security and Trust, STAST 2017 - Co-located with the 2017 Annual Computer Security Applications Conference, ACSAC 2017, 5 December 2017 (pp. 1-12). Association for Computing Machinery
Öppna denna publikation i ny flik eller fönster >>Addressing misconceptions about password security effectively
2018 (Engelska)Ingår i: Proceedings of 7th Workshop on Socio-Technical Aspects in Security and Trust, Orlando, Florida, USA, December 2017 (STAST 2017), Association for Computing Machinery , 2018, s. 1-12Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

Nowadays, most users need more passwords than they can handle. Consequently, users have developed a multitude of strategies to cope with this situation. Some of these coping strategies are based on misconceptions about password security. In such cases, the users are unaware of their insecure password practices. Addressing the misconceptions is vital in order to decrease insecure coping strategies. We conducted a systematic literature review with the goal to provide an overview of the misconceptions about password security. Our literature review revealed that misconceptions exist in basically all aspects of password security. Furthermore, we developed interventions to address these misconceptions. Then, we evaluated the interventions’ effectiveness in decreasing the misconceptions at three small and medium sized enterprises (SME). Our results show that the interventions decrease the overall prevalence of misconceptions significantly in the participating employees.

Ort, förlag, år, upplaga, sidor
Association for Computing Machinery, 2018
Nyckelord
Literature review, Misconceptions, Password security, User study, Security systems, Coping strategies, Literature reviews, Small- and medium-sized enterprise, Systematic literature review, Authentication
Nationell ämneskategori
Matematik Data- och informationsvetenskap
Forskningsämne
Datavetenskap; Matematik
Identifikatorer
urn:nbn:se:kau:diva-71295 (URN)10.1145/3167996.3167998 (DOI)2-s2.0-85061043553 (Scopus ID)9781450363570 (ISBN)
Konferens
7th Workshop on Socio-Technical Aspects in Security and Trust, STAST 2017 - Co-located with the 2017 Annual Computer Security Applications Conference, ACSAC 2017, 5 December 2017
Tillgänglig från: 2019-02-21 Skapad: 2019-02-21 Senast uppdaterad: 2019-05-16Bibliografiskt granskad
Karegar, F., Gerber, N., Volkamer, M. & Fischer-Hübner, S. (2018). Helping John to Make Informed Decisions on Using Social Login. In: Proceedings of the 33th Symposium on Applied Computing (SAC 2018), Pau, F, April 9-13, 2018: . New York: ACM Publications
Öppna denna publikation i ny flik eller fönster >>Helping John to Make Informed Decisions on Using Social Login
2018 (Engelska)Ingår i: Proceedings of the 33th Symposium on Applied Computing (SAC 2018), Pau, F, April 9-13, 2018, New York: ACM Publications, 2018Kapitel i bok, del av antologi (Övrigt vetenskapligt)
Ort, förlag, år, upplaga, sidor
New York: ACM Publications, 2018
Nationell ämneskategori
Datavetenskap (datalogi)
Forskningsämne
Datavetenskap
Identifikatorer
urn:nbn:se:kau:diva-65743 (URN)10.1145/3167132.3167259 (DOI)000455180700169 ()
Projekt
Credential (4896)
Forskningsfinansiär
EU, Horisont 2020
Tillgänglig från: 2018-01-19 Skapad: 2018-01-19 Senast uppdaterad: 2019-02-14Bibliografiskt granskad
Budurushi, J., Neumann, S., Renaud, K. & Volkamer, M. (2018). Introduction to special issue on e-voting. Journal of Information Security and Applications, 38, 122-123
Öppna denna publikation i ny flik eller fönster >>Introduction to special issue on e-voting
2018 (Engelska)Ingår i: Journal of Information Security and Applications, ISSN 2214-2134, E-ISSN 2214-2126, Vol. 38, s. 122-123Artikel i tidskrift (Refereegranskat) Published
Ort, förlag, år, upplaga, sidor
Elsevier, 2018
Nationell ämneskategori
Systemvetenskap, informationssystem och informatik
Forskningsämne
Informatik
Identifikatorer
urn:nbn:se:kau:diva-66618 (URN)10.1016/j.jisa.2017.12.003 (DOI)000425280800011 ()
Tillgänglig från: 2018-03-08 Skapad: 2018-03-08 Senast uppdaterad: 2018-06-14Bibliografiskt granskad
Mayer, P., Kirchner, J. & Volkamer, M. (2017). A second look at password composition policies in the wild: Comparing samples from 2010 and 2016. In: Proceedings of the Thirteenth Symposium on Usable Privacy and Security (SOUPS 2017): . Paper presented at SOUPS Thirteenth Symposium on Usable Privacy and Security, July 12–14, 2017, Santa Clara, CA, USA (pp. 13-28). Usenix, The advanced computer systems associaton
Öppna denna publikation i ny flik eller fönster >>A second look at password composition policies in the wild: Comparing samples from 2010 and 2016
2017 (Engelska)Ingår i: Proceedings of the Thirteenth Symposium on Usable Privacy and Security (SOUPS 2017), Usenix, The advanced computer systems associaton , 2017, s. 13-28Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

In this paper we present a replication and extension of the study performed by Flor^encio and Herley published at SOUPS 2010. They investigated a sample of US websites, examining different website features' effects on the strength of the website's password composition policy (PCP). Using the same methodology as in the original study, we re-investigated the same US websites to identify differences over time. We then extended the initial study by investigating a corresponding sample of German websites in order to identify differences across countries. Our findings indicate that while the website features mostly retain their predicting power for the US sample, only one feature affecting PCP strength translates to the German sample: whether users can choose among multiple alternative websites providing the same service. Moreover, German websites generally use weaker PCPs and, in particular, PCPs of German banking websites stand out for having generally low strength PCPs

 

Ort, förlag, år, upplaga, sidor
Usenix, The advanced computer systems associaton, 2017
Nationell ämneskategori
Systemvetenskap, informationssystem och informatik Datavetenskap (datalogi)
Forskningsämne
Datavetenskap
Identifikatorer
urn:nbn:se:kau:diva-65615 (URN)978-1-931971-39-3 (ISBN)
Konferens
SOUPS Thirteenth Symposium on Usable Privacy and Security, July 12–14, 2017, Santa Clara, CA, USA
Tillgänglig från: 2018-01-16 Skapad: 2018-01-16 Senast uppdaterad: 2018-07-03Bibliografiskt granskad
Kulyk, O., Reinheimer, B. M., Gerber, P., Volk, F., Volkamer, M. & Mühlhäuser, M. (2017). Advancing Trust Visualisations for Wider Applicability and User Acceptance. In: Trustcom/BigDataSE/ICESS, 2017 IEEE: . Paper presented at IEEE Trustcom/BigDataSE/ICESS 1-4 Augusti 2017, Sydney, NSW, Australia (pp. 562-569). Piscataway: IEEE
Öppna denna publikation i ny flik eller fönster >>Advancing Trust Visualisations for Wider Applicability and User Acceptance
Visa övriga...
2017 (Engelska)Ingår i: Trustcom/BigDataSE/ICESS, 2017 IEEE, Piscataway: IEEE, 2017, s. 562-569Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

There are only a few visualisations targeting the communication of trust statements. Even though there are some advanced and scientifically founded visualisations-like, for example, the opinion triangle, the human trust interface, and T-Viz-the stars interface known from e-commerce platforms is by far the most common one. In this paper, we propose two trust visualisations based on T-Viz, which was recently proposed and successfully evaluated in large user studies. Despite being the most promising proposal, its design is not primarily based on findings from human-computer interaction or cognitive psychology. Our visualisations aim to integrate such findings and to potentially improve decision making in terms of correctness and efficiency. A large user study reveals that our proposed visualisations outperform T-Viz in these factors

Ort, förlag, år, upplaga, sidor
Piscataway: IEEE, 2017
Nyckelord
data visualisation, decision making, trusted computing
Nationell ämneskategori
Datavetenskap (datalogi) Människa-datorinteraktion (interaktionsdesign) Interaktionsteknik
Forskningsämne
Datavetenskap
Identifikatorer
urn:nbn:se:kau:diva-65610 (URN)10.1109/Trustcom/BigDataSE/ICESS.2017.285 (DOI)978-1-5090-4906-6 (ISBN)978-1-5090-4907-3 (ISBN)
Konferens
IEEE Trustcom/BigDataSE/ICESS 1-4 Augusti 2017, Sydney, NSW, Australia
Tillgänglig från: 2018-01-15 Skapad: 2018-01-15 Senast uppdaterad: 2018-07-05Bibliografiskt granskad
Kulyk, O., Neumann, S., Marley, K., Budurushi, J. & Volkamer, M. (2017). Coercion-resistant proxy voting. Paper presented at 13th International Conference on Security and Cryptography (SECRYPT), JUL 26-28, 2016, Lisbon, PORTUGAL. Computers & security (Print), 71, 88-99
Öppna denna publikation i ny flik eller fönster >>Coercion-resistant proxy voting
Visa övriga...
2017 (Engelska)Ingår i: Computers & security (Print), ISSN 0167-4048, E-ISSN 1872-6208, Vol. 71, s. 88-99Artikel i tidskrift (Refereegranskat) Published
Abstract [en]

In general, most elections follow the principle of equality, or as it came to be known, the principle of "one person-one vote". However, this principle might pose difficulties for voters, who are not well informed regarding the particular matter that is voted on. In order to address this issue, a new form of voting has been proposed, namely proxy voting. In proxy voting, each voter has the possibility to delegate her voting right to another voter, so called proxy, that she considers a trusted expert on the matter. In this paper we propose an end-to-end verifiable Internet voting scheme, which to the best of our knowledge is the first scheme to address voter coercion in the proxy voting setting. (C) 2017 Elsevier Ltd. All rights reserved.

Nationell ämneskategori
Datavetenskap (datalogi)
Forskningsämne
Datavetenskap
Identifikatorer
urn:nbn:se:kau:diva-65907 (URN)10.1016/j.cose.2017.06.007 (DOI)000414817800008 ()
Konferens
13th International Conference on Security and Cryptography (SECRYPT), JUL 26-28, 2016, Lisbon, PORTUGAL
Tillgänglig från: 2018-01-25 Skapad: 2018-01-25 Senast uppdaterad: 2018-06-29Bibliografiskt granskad
Neumann, S., Reinheimer, B. M. & Volkamer, M. (2017). Don’t Be Deceived: The Message Might Be Fake. In: Javier Lopez; Simone Fischer-Hübner; Costas Lambrinoudaki (Ed.), Lopez J., Fischer-Hübner S., Lambrinoudakis C (Ed.), Trust, Privacy and Security in Digital Business, Trustbus 2017: . Paper presented at International Conference on Trust and Privacy in Digital Business, 28-31 August, Lyon, France (pp. 199-214). Cham: Springer, 10442
Öppna denna publikation i ny flik eller fönster >>Don’t Be Deceived: The Message Might Be Fake
2017 (Engelska)Ingår i: Trust, Privacy and Security in Digital Business, Trustbus 2017 / [ed] Lopez J., Fischer-Hübner S., Lambrinoudakis C, Cham: Springer, 2017, Vol. 10442, s. 199-214Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

In an increasingly digital world, fraudsters, too, exploit this new environment and distribute fraudulent messages that trick victims into taking particular actions. There is no substitute for making users aware of scammers’ favoured techniques and giving them the ability to detect fraudulent messages. We developed an awareness-raising programme, specifically focusing on the needs of small and medium-sized enterprises (SMEs). The programme was evaluated in the field. The participating employees demonstrated significantly improved skills in terms of ability to classify messages as fraudulent or genuine. Particularly with regard to one of the most widespread attack types, namely fraudulent messages with links that contain well-known domains as sub-domains of generic domains, recipients of the programme improved their recognition rates from \(56.6\%\) to \(88\%\). Thus, the developed security awareness-raising programme contributes to improving the security in SMEs.

Ort, förlag, år, upplaga, sidor
Cham: Springer, 2017
Serie
Lecture Notes in Computer Science, ISSN 0302-9743, E-ISSN 1611-3349 ; 10442
Nyckelord
Usable security, Education concept, User studies, SME, Awareness
Nationell ämneskategori
Datavetenskap (datalogi)
Forskningsämne
Datavetenskap
Identifikatorer
urn:nbn:se:kau:diva-65619 (URN)10.1007/978-3-319-64483-7_13 (DOI)000457332100013 ()978-3-319-64482-0 (ISBN)978-3-319-64483-7 (ISBN)
Konferens
International Conference on Trust and Privacy in Digital Business, 28-31 August, Lyon, France
Tillgänglig från: 2018-01-17 Skapad: 2018-01-17 Senast uppdaterad: 2019-11-11Bibliografiskt granskad
Neumann, S., Noll, M. & Volkamer, M. (2017). Election-Dependent Security Evaluation of Internet Voting Schemes. In: De Capitani di Vimercati S., Martinelli F. (Ed.), ICT Systems Security and Privacy Protection: SEC 2017. IFIP Advances in Information and Communication Technology. Paper presented at 32nd International Conference on ICT Systems Security and Privacy Protection - IFIP SEC 2017 May 29 - 31, 2017, Rome, Italy (pp. 371-382). Springer, 502
Öppna denna publikation i ny flik eller fönster >>Election-Dependent Security Evaluation of Internet Voting Schemes
2017 (Engelska)Ingår i: ICT Systems Security and Privacy Protection: SEC 2017. IFIP Advances in Information and Communication Technology / [ed] De Capitani di Vimercati S., Martinelli F., Springer, 2017, Vol. 502, s. 371-382Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

The variety of Internet voting schemes proposed in the literature build their security upon a number of trust assumptions. The criticality of these assumptions depends on the target election setting, particularly the adversary expected within that setting. Given the potential complexity of the assumptions, identifying the most appropriate Internet voting schemes for a specific election setting poses a significant burden to election officials. We address this shortcoming by the construction of an election-dependent security evaluation framework for Internet voting schemes. On the basis of two specification languages, the core of the framework essentially evaluates election-independent security models with regard to expected adversaries and returns satisfaction degrees for security requirements. These satisfaction degrees serve election officials as basis for their decision-making. The framework is evaluated against requirements stemming from measure theory.

Ort, förlag, år, upplaga, sidor
Springer, 2017
Nationell ämneskategori
Datavetenskap (datalogi) Systemvetenskap, informationssystem och informatik Annan data- och informationsvetenskap
Forskningsämne
Datavetenskap
Identifikatorer
urn:nbn:se:kau:diva-65617 (URN)10.1007/978-3-319-58469-0_25 (DOI)978-3-319-58469-0 (ISBN)978-3-319-58468-3 (ISBN)
Konferens
32nd International Conference on ICT Systems Security and Privacy Protection - IFIP SEC 2017 May 29 - 31, 2017, Rome, Italy
Tillgänglig från: 2018-01-17 Skapad: 2018-01-17 Senast uppdaterad: 2018-07-03Bibliografiskt granskad
Krimmer, R., Volkamer, M., Barrat, J., Benaloh, J., Goodman, N., Ryan, P. Y. . & Teague, V. (Eds.). (2017). Electronic Voting: First International Joint Conference, E-Vote-ID 2016, Bregenz, Austria, October 18-21, 2016, Proceedings. Paper presented at First International Joint Conference, E-Vote-ID 2016, Bregenz, Austria, October 18-21, 2016. Cham: Springer
Öppna denna publikation i ny flik eller fönster >>Electronic Voting: First International Joint Conference, E-Vote-ID 2016, Bregenz, Austria, October 18-21, 2016, Proceedings
Visa övriga...
2017 (Engelska)Proceedings (redaktörskap) (Refereegranskat)
Ort, förlag, år, upplaga, sidor
Cham: Springer, 2017. s. 233
Serie
Lecture Notes in Computer Science, ISSN 0302-9743, E-ISSN 1611-3349 ; 10141
Nyckelord
document image analysis formal methods internet voting private and secure message transmission ballot secrecy cast-as-intended verifiability combinatorics computer system diversity computer vision e-voting electronic voting protocols electronic voting systems information theoretic anonymity malicious voting client optical scan paper ballots paper based elections remote voting voting systems
Nationell ämneskategori
Datavetenskap (datalogi)
Forskningsämne
Datavetenskap
Identifikatorer
urn:nbn:se:kau:diva-65604 (URN)10.1007/978-3-319-52240-1 (DOI)978-3-319-52239-5 (ISBN)978-3-319-52240-1 (ISBN)
Konferens
First International Joint Conference, E-Vote-ID 2016, Bregenz, Austria, October 18-21, 2016
Tillgänglig från: 2018-01-15 Skapad: 2018-01-15 Senast uppdaterad: 2019-11-11Bibliografiskt granskad
Ghiglieri, M., Volkamer, M. & Renaud, K. (2017). Exploring Consumers' Attitudes of Smart TV Related Privacy Risks. In: Human Aspects of Information Security, Privacy and Trust: 5th International Conference, HAS 2017, Held as Part of HCI International 2017, Vancouver, BC, Canada, July 9-14, 2017, Proceedings. Paper presented at HAS 2017: 5th International Conference on Human Aspects of Information Security, Privacy, and Trust, Vancouver, Canada, 9 - 14 July 2017 (pp. 656-674). Cham: Springer, 10292
Öppna denna publikation i ny flik eller fönster >>Exploring Consumers' Attitudes of Smart TV Related Privacy Risks
2017 (Engelska)Ingår i: Human Aspects of Information Security, Privacy and Trust: 5th International Conference, HAS 2017, Held as Part of HCI International 2017, Vancouver, BC, Canada, July 9-14, 2017, Proceedings, Cham: Springer, 2017, Vol. 10292, s. 656-674Konferensbidrag, Publicerat paper (Refereegranskat)
Ort, förlag, år, upplaga, sidor
Cham: Springer, 2017
Serie
Lecture Notes in Computer Science, ISSN 0302-9743 ; 10292
Nationell ämneskategori
Elektroteknik och elektronik
Identifikatorer
urn:nbn:se:kau:diva-48086 (URN)10.1007/978-3-319-58460-7_45 (DOI)
Konferens
HAS 2017: 5th International Conference on Human Aspects of Information Security, Privacy, and Trust, Vancouver, Canada, 9 - 14 July 2017
Tillgänglig från: 2017-03-06 Skapad: 2017-03-06 Senast uppdaterad: 2019-11-11Bibliografiskt granskad
Organisationer
Identifikatorer
ORCID-id: ORCID iD iconorcid.org/0000-0003-2674-4043

Sök vidare i DiVA

Visa alla publikationer