Bartsch, Steffen ; Volkamer, Melanie (2013)
Effectively Communicate Risks for Diverse Users: A Mental-Models Approach for Individualized Security Interventions.
Koblenz
Konferenzveröffentlichung, Bibliographie
Kurzbeschreibung (Abstract)
Security interventions – such as Web warnings – currently do not work. One approach to remedy the situation is to make the communication of risks in the interventions more understandable and motivating. Mental models that users have of security have been studied to accomplish these aims, primarily to better align the intervention with the mental model of the users. However, the users’ mental models are currently foremost understood in broad groups such as of lay and expert users – while risk communication literature proposes to individualize the communication. To explore how the mental-models approach can be combined with individualization, we analyze in a qualitative card-sorting study how lay and expert users assess risks connected to Web sites in this paper. Our study indicates the diversity of mental models, both between the two groups and between individuals, particularly related to their preferences (e.g. concerning privacy or financial consequences). Based on these results, we propose four strategies on how to effectively improve security interventions through individualization.
Typ des Eintrags: | Konferenzveröffentlichung |
---|---|
Erschienen: | 2013 |
Autor(en): | Bartsch, Steffen ; Volkamer, Melanie |
Art des Eintrags: | Bibliographie |
Titel: | Effectively Communicate Risks for Diverse Users: A Mental-Models Approach for Individualized Security Interventions |
Sprache: | Englisch |
Publikationsjahr: | September 2013 |
Verlag: | Gesellschaft für Informatik |
Buchtitel: | RiskKom-Workshop, INFORMATIK 2013 |
Veranstaltungsort: | Koblenz |
Zugehörige Links: | |
Kurzbeschreibung (Abstract): | Security interventions – such as Web warnings – currently do not work. One approach to remedy the situation is to make the communication of risks in the interventions more understandable and motivating. Mental models that users have of security have been studied to accomplish these aims, primarily to better align the intervention with the mental model of the users. However, the users’ mental models are currently foremost understood in broad groups such as of lay and expert users – while risk communication literature proposes to individualize the communication. To explore how the mental-models approach can be combined with individualization, we analyze in a qualitative card-sorting study how lay and expert users assess risks connected to Web sites in this paper. Our study indicates the diversity of mental models, both between the two groups and between individuals, particularly related to their preferences (e.g. concerning privacy or financial consequences). Based on these results, we propose four strategies on how to effectively improve security interventions through individualization. |
Freie Schlagworte: | Security, Usability and Society;Secure Data |
ID-Nummer: | TUD-CS-2013-0139 |
Fachbereich(e)/-gebiet(e): | 20 Fachbereich Informatik > SECUSO - Security, Usability and Society LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt Profilbereiche > Cybersicherheit (CYSEC) LOEWE > LOEWE-Zentren 20 Fachbereich Informatik Profilbereiche LOEWE |
Hinterlegungsdatum: | 28 Jul 2016 18:35 |
Letzte Änderung: | 30 Mai 2018 12:53 |
PPN: | |
Export: | |
Suche nach Titel in: | TUfind oder in Google |
Frage zum Eintrag |
Optionen (nur für Redakteure)
Redaktionelle Details anzeigen |