Endre søk
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Usable privacy for digital transactions: Exploring the usability aspects of three privacy enhancing mechanisms
Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för informatik och projektledning. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT. (HumanIT, PriSec)ORCID-id: 0000-0002-0101-2498
2012 (engelsk)Licentiatavhandling, med artikler (Annet vitenskapelig)
Abstract [en]

The amount of personal identifiable information that people distribute over different online services has grown rapidly and considerably over the last decades. This has led to increased probabilities for identity theft, profiling and linkability attacks, which can in turn not only result in a threat to people’s personal dignity, finances, and many other aspects of their lives, but also to societies in general. Methods and tools for securing people’s online activities and protecting their privacy on the Internet, so called Privacy Enhancing Technologies (PETs), are being designed and developed. However, these technologies are often seen by ordinary users as complicated and disruptive of their primary tasks.

 

In this licentiate thesis, I investigate the usability aspects of three main privacy and security enhancing mechanisms. These mechanisms have the goal of helping and encouraging users to protect their privacy on the Internet as they engage in some of the steps necessary to complete a digital transaction. The three mechanisms, which have been investigated within the scope of different research projects, comprise of (1) graphical visualizations of service providers’ privacy policies and user-friendly management and matching of users’ privacy preferences “on the fly”, (2) methods for helping users create appropriate mental models of the data minimization property of anonymous credentials, and (3) employing touch-screen biometrics as a method to authenticate users into mobile devices and verify their identities during a digital transaction.

 

Results from these investigations suggest that these mechanisms can make digital transactions privacy-friendly and secure while at the same time delivering convenience and usability for ordinary users.

sted, utgiver, år, opplag, sider
Karlstad: Karlstads universitet, 2012. , s. 57
Serie
Karlstad University Studies, ISSN 1403-8099 ; 2012:45
Emneord [en]
Privacy-Enhancing Technologies, usability, usable privacy, mental models, mobile devices, security, digital transactions, e-commerce, User Interfaces
HSV kategori
Forskningsprogram
Informatik
Identifikatorer
URN: urn:nbn:se:kau:diva-14832ISBN: 978-91-7063-452-9 (tryckt)OAI: oai:DiVA.org:kau-14832DiVA, id: diva2:553100
Veileder
Tilgjengelig fra: 2012-11-14 Laget: 2012-09-18 Sist oppdatert: 2018-06-04bibliografisk kontrollert
Delarbeid
1. HCI for Policy Display and Administration
Åpne denne publikasjonen i ny fane eller vindu >>HCI for Policy Display and Administration
2011 (engelsk)Inngår i: Privacy and Identity Management for Life / [ed] Jan Camenish, Simone Fischer-Hübner and Kai Rannenberg, Berlin: Springer Berlin/Heidelberg, 2011, 1, s. 261-277Kapittel i bok, del av antologi (Fagfellevurdert)
Abstract [en]

The PrimeLife Policy Language (PPL) has the objective of helping end users make the data handling practices of data controllers more transparent, allowing them to make well-informed decisions about the release of personal data in exchange for services. In this chapter, we present our work on user interfaces for the PPL policy engine, which aims at displaying the core elements of a data controller's privacy policy in an easily understandable way as well as displaying how far it corresponds with the user's privacy preferences. We also show how privacy preference management can be simplified for end users.

sted, utgiver, år, opplag, sider
Berlin: Springer Berlin/Heidelberg, 2011 Opplag: 1
Emneord
PrimeLife, PPL, Privacy Policy, HCI
HSV kategori
Forskningsprogram
Datavetenskap; Informatik
Identifikatorer
urn:nbn:se:kau:diva-12719 (URN)10.1007/978-3-642-20317-6_14 (DOI)000293925500014 ()978-3-642-20317-6 (ISBN)
Prosjekter
PrimeLife
Tilgjengelig fra: 2012-04-02 Laget: 2012-04-02 Sist oppdatert: 2018-06-04bibliografisk kontrollert
2. Towards Usable Privacy Enhancing Technologies: Lessons Learned from the PrimeLife Project
Åpne denne publikasjonen i ny fane eller vindu >>Towards Usable Privacy Enhancing Technologies: Lessons Learned from the PrimeLife Project
Vise andre…
2011 (engelsk)Rapport (Annet vitenskapelig)
Abstract [en]

In this deliverable, we present lessons learnt from the PrimeLife HCI (Human Computer Interaction) Activity by discussing typical HCI challenges and fallacies that we experienced during the PrimeLife project. We also provide guidance on how these issues can be addressed in order to develop usable privacy-enhancing technology solutions.

sted, utgiver, år, opplag, sider
PrimeLife, 2011. s. 55
Serie
PrimeLife Deliverable ; D4.1.6
HSV kategori
Forskningsprogram
Psykologi; Datavetenskap
Identifikatorer
urn:nbn:se:kau:diva-10764 (URN)
Prosjekter
PrimeLife
Tilgjengelig fra: 2012-02-08 Laget: 2012-02-08 Sist oppdatert: 2018-06-04bibliografisk kontrollert
3. Evoking Comprehensive Mental Models of Anonymous Credentials
Åpne denne publikasjonen i ny fane eller vindu >>Evoking Comprehensive Mental Models of Anonymous Credentials
2012 (engelsk)Inngår i: Proceedings of the 2011 IFIP WG 11.4 international conference on Open Problems in Network Security / [ed] Camenisch J., Kesdogan, D., Berlin: Springer Berlin/Heidelberg, 2012, Vol. 7039, s. 1-14Konferansepaper, Publicerat paper (Fagfellevurdert)
Abstract [en]

Anonymous credentials are a fundamental technology for preserving end users' privacy by enforcing data minimization for online applications. However, the design of user-friendly interfaces that convey their privacy benefits to users is still a major challenge. Users are still unfamiliar with the new and rather complex concept of anonymous credentials, since no obvious real-world analogies exists that can help them create the correct mental models. In this paper we explore different ways in which suitable mental models of the data minimization property of anonymous credentials can be evoked on end users. To achieve this, we investigate three different approaches in the context of an e-shopping scenario: a card-based approach, an attribute-based approach and an adapted card-based approach. Results show that the adapted card-based approach is a good approach towards evoking the right mental models for anonymous credential applications. However, better design paradigms are still needed to make users understand that attributes can be used to satisfy conditions without revealing the value of the attributes themselves.

sted, utgiver, år, opplag, sider
Berlin: Springer Berlin/Heidelberg, 2012
Serie
LNCS, ISSN 0302-9743 ; 7039
HSV kategori
Forskningsprogram
Datavetenskap
Identifikatorer
urn:nbn:se:kau:diva-12118 (URN)10.1007/978-3-642-27585-2_1 (DOI)000306351500001 ()978-3-642-27584-5 (ISBN)
Konferanse
IFIP WG 11.4 international conference on Open Problems in Network Security, Lucerne
Tilgjengelig fra: 2012-03-09 Laget: 2012-03-09 Sist oppdatert: 2018-07-16bibliografisk kontrollert
4. Exploring Touch-Screen Biometrics for User Identification on Smart Phones
Åpne denne publikasjonen i ny fane eller vindu >>Exploring Touch-Screen Biometrics for User Identification on Smart Phones
2011 (engelsk)Inngår i: Privacy and Identity Managementfor Life: Proceedings of the 7th IFIP WG 9.2, 9.6/11.7, 11.4, 11.6 International Summer School 2011 / [ed] an Camenisch, Bruno Crispo, Simone Fischer-Hübner, Ronald Leenes, and Giovanni Russello, Springer, 2011, s. 130-143Konferansepaper, Publicerat paper (Fagfellevurdert)
Abstract [en]

The use of mobile smart devices for storing sensitive informationand accessing online services is increasing. At the same time, methods for authenticating users into their devices and online services that are not only secure, but also privacy and user-friendly are needed. In this paper, we present our initial explorations of the use of lock pattern dynamics as a secure and user-friendly two-factor authentication method. We developed an application for the Android mobile platform to collect data on the way individuals draw lock patterns on a touchscreen. Using a Random Forest machine learning classier this method achieves an average Equal Error Rate (EER) of approximately 10.39%, meaning that lock patterns biometrics can be used for identifying users towards their device, but could also pose a threat to privacy if the users' biometric information is handled outside their control.

sted, utgiver, år, opplag, sider
Springer, 2011
Serie
IFIP Advances in Information and Communication Technology, ISSN 1868-4238 ; Vol. 375
Emneord
Mobile user experience, biometrics, smart mobile devices, mobile identity management, mobile authentication, privacy, lock patterns
HSV kategori
Forskningsprogram
Datavetenskap
Identifikatorer
urn:nbn:se:kau:diva-14830 (URN)10.1007/978-3-642-31668-5_10 (DOI)978-3-642-31667-8 (ISBN)978-3-642-31668-5 (ISBN)
Konferanse
International Summer School 2011, Trento Italy
Prosjekter
U-PrIM (Usable Privacy-enhancing Identity Management for smart applications)
Tilgjengelig fra: 2012-09-19 Laget: 2012-09-18 Sist oppdatert: 2018-01-12bibliografisk kontrollert
5. Understanding the user experience of secure mobile online transactions in realistic contexts of use
Åpne denne publikasjonen i ny fane eller vindu >>Understanding the user experience of secure mobile online transactions in realistic contexts of use
Vise andre…
2012 (engelsk)Inngår i: Symposium on Usable Privacy and Security (SOUPS) 2012, Washington D.C.,USA: Association for Computing Machinery (ACM), 2012, s. 8-Konferansepaper, Publicerat paper (Fagfellevurdert)
Abstract [en]

Possible attacks on mobile smart devices demand higher security for applications handling payments or sensitive information. The introduction of a tamper-proof area on future generations of mobile devices, called Trusted Execution Environment (TEE), is being implemented. Before devices with embedded TEEs can be deployed to the public, investigations on usability aspects of Trusted User Interfaces (TUI) are needed. This article describes the process we have followed at gathering requirements, prototyping and testing suitable designs for TUIs in combination with a touch-screen biometric system. At the end, we present relevant findings of a pilot study that we have conducted using an Experience Sampling Method (ESM) as part of our ongoing work.

sted, utgiver, år, opplag, sider
Washington D.C.,USA: Association for Computing Machinery (ACM), 2012
Emneord
Usable Security, Secure Mobile UIs, Trusted Executing Environment, Biometrics, Experience Sampling Method
HSV kategori
Forskningsprogram
Datavetenskap; Informatik
Identifikatorer
urn:nbn:se:kau:diva-14831 (URN)
Konferanse
Workshop on Usable Privacy & Security for Mobile Devices (U-PriSM), Symposium On Usable Privacy and Security (SOUPS), July 11-12 2012 Washington
Tilgjengelig fra: 2012-09-19 Laget: 2012-09-18 Sist oppdatert: 2019-11-09bibliografisk kontrollert

Open Access i DiVA

2012_45_Angulo(1587 kB)2880 nedlastinger
Filinformasjon
Fil FULLTEXT01.pdfFilstørrelse 1587 kBChecksum SHA-512
f0498866f1e3640af413389925d7e31ec49cdbf81ba12340e1106a1437c66cebbfa21ab7c85de17ce8e14eb5d7337846bf546648371c40c3055574b7c3e8c506
Type fulltextMimetype application/pdf

Personposter BETA

Angulo, Julio

Søk i DiVA

Av forfatter/redaktør
Angulo, Julio
Av organisasjonen

Søk utenfor DiVA

GoogleGoogle Scholar
Totalt: 2880 nedlastinger
Antall nedlastinger er summen av alle nedlastinger av alle fulltekster. Det kan for eksempel være tidligere versjoner som er ikke lenger tilgjengelige

isbn
urn-nbn

Altmetric

isbn
urn-nbn
Totalt: 1015 treff
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf