TU Darmstadt / ULB / TUbiblio

Effectively Communicate Risks for Diverse Users: A Mental-Models Approach for Individualized Security Interventions

Bartsch, Steffen ; Volkamer, Melanie (2013)
Effectively Communicate Risks for Diverse Users: A Mental-Models Approach for Individualized Security Interventions.
Koblenz
Konferenzveröffentlichung, Bibliographie

Kurzbeschreibung (Abstract)

Security interventions – such as Web warnings – currently do not work. One approach to remedy the situation is to make the communication of risks in the interventions more understandable and motivating. Mental models that users have of security have been studied to accomplish these aims, primarily to better align the intervention with the mental model of the users. However, the users’ mental models are currently foremost understood in broad groups such as of lay and expert users – while risk communication literature proposes to individualize the communication. To explore how the mental-models approach can be combined with individualization, we analyze in a qualitative card-sorting study how lay and expert users assess risks connected to Web sites in this paper. Our study indicates the diversity of mental models, both between the two groups and between individuals, particularly related to their preferences (e.g. concerning privacy or financial consequences). Based on these results, we propose four strategies on how to effectively improve security interventions through individualization. 

Typ des Eintrags: Konferenzveröffentlichung
Erschienen: 2013
Autor(en): Bartsch, Steffen ; Volkamer, Melanie
Art des Eintrags: Bibliographie
Titel: Effectively Communicate Risks for Diverse Users: A Mental-Models Approach for Individualized Security Interventions
Sprache: Englisch
Publikationsjahr: September 2013
Verlag: Gesellschaft für Informatik
Buchtitel: RiskKom-Workshop, INFORMATIK 2013
Veranstaltungsort: Koblenz
Zugehörige Links:
Kurzbeschreibung (Abstract):

Security interventions – such as Web warnings – currently do not work. One approach to remedy the situation is to make the communication of risks in the interventions more understandable and motivating. Mental models that users have of security have been studied to accomplish these aims, primarily to better align the intervention with the mental model of the users. However, the users’ mental models are currently foremost understood in broad groups such as of lay and expert users – while risk communication literature proposes to individualize the communication. To explore how the mental-models approach can be combined with individualization, we analyze in a qualitative card-sorting study how lay and expert users assess risks connected to Web sites in this paper. Our study indicates the diversity of mental models, both between the two groups and between individuals, particularly related to their preferences (e.g. concerning privacy or financial consequences). Based on these results, we propose four strategies on how to effectively improve security interventions through individualization. 

Freie Schlagworte: Security, Usability and Society;Secure Data
ID-Nummer: TUD-CS-2013-0139
Fachbereich(e)/-gebiet(e): 20 Fachbereich Informatik > SECUSO - Security, Usability and Society
LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
Profilbereiche > Cybersicherheit (CYSEC)
LOEWE > LOEWE-Zentren
20 Fachbereich Informatik
Profilbereiche
LOEWE
Hinterlegungsdatum: 28 Jul 2016 18:35
Letzte Änderung: 30 Mai 2018 12:53
PPN:
Export:
Suche nach Titel in: TUfind oder in Google
Frage zum Eintrag Frage zum Eintrag

Optionen (nur für Redakteure)
Redaktionelle Details anzeigen Redaktionelle Details anzeigen