TU Darmstadt / ULB / TUbiblio

Effectively Communicate Risks for Diverse Users: A Mental-Models Approach for Individualized Security Interventions

Bartsch, Steffen and Volkamer, Melanie :
Effectively Communicate Risks for Diverse Users: A Mental-Models Approach for Individualized Security Interventions.
RiskKom-Workshop, INFORMATIK 2013 Gesellschaft für Informatik
[Conference or Workshop Item] , (2013)

Abstract

Security interventions – such as Web warnings – currently do not work. One approach to remedy the situation is to make the communication of risks in the interventions more understandable and motivating. Mental models that users have of security have been studied to accomplish these aims, primarily to better align the intervention with the mental model of the users. However, the users’ mental models are currently foremost understood in broad groups such as of lay and expert users – while risk communication literature proposes to individualize the communication. To explore how the mental-models approach can be combined with individualization, we analyze in a qualitative card-sorting study how lay and expert users assess risks connected to Web sites in this paper. Our study indicates the diversity of mental models, both between the two groups and between individuals, particularly related to their preferences (e.g. concerning privacy or financial consequences). Based on these results, we propose four strategies on how to effectively improve security interventions through individualization. 

Item Type: Conference or Workshop Item
Erschienen: 2013
Creators: Bartsch, Steffen and Volkamer, Melanie
Title: Effectively Communicate Risks for Diverse Users: A Mental-Models Approach for Individualized Security Interventions
Language: English
Abstract:

Security interventions – such as Web warnings – currently do not work. One approach to remedy the situation is to make the communication of risks in the interventions more understandable and motivating. Mental models that users have of security have been studied to accomplish these aims, primarily to better align the intervention with the mental model of the users. However, the users’ mental models are currently foremost understood in broad groups such as of lay and expert users – while risk communication literature proposes to individualize the communication. To explore how the mental-models approach can be combined with individualization, we analyze in a qualitative card-sorting study how lay and expert users assess risks connected to Web sites in this paper. Our study indicates the diversity of mental models, both between the two groups and between individuals, particularly related to their preferences (e.g. concerning privacy or financial consequences). Based on these results, we propose four strategies on how to effectively improve security interventions through individualization. 

Title of Book: RiskKom-Workshop, INFORMATIK 2013
Publisher: Gesellschaft für Informatik
Uncontrolled Keywords: Security, Usability and Society;Secure Data
Divisions: Department of Computer Science > SECUSO - Security, Usability and Society
LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
Profile Areas > Cybersecurity (CYSEC)
LOEWE > LOEWE-Zentren
Department of Computer Science
Profile Areas
LOEWE
Event Location: Koblenz
Date Deposited: 28 Jul 2016 18:35
Identification Number: TUD-CS-2013-0139
Related URLs:
Export:

Optionen (nur für Redakteure)

View Item View Item