TU Darmstadt / ULB / TUbiblio

Effectively Communicate Risks for Diverse Users: A Mental-Models Approach for Individualized Security Interventions

Bartsch, Steffen ; Volkamer, Melanie :
Effectively Communicate Risks for Diverse Users: A Mental-Models Approach for Individualized Security Interventions.
RiskKom-Workshop, INFORMATIK 2013 Gesellschaft für Informatik
[ Konferenzveröffentlichung] , (2013)

Kurzbeschreibung (Abstract)

Security interventions – such as Web warnings – currently do not work. One approach to remedy the situation is to make the communication of risks in the interventions more understandable and motivating. Mental models that users have of security have been studied to accomplish these aims, primarily to better align the intervention with the mental model of the users. However, the users’ mental models are currently foremost understood in broad groups such as of lay and expert users – while risk communication literature proposes to individualize the communication. To explore how the mental-models approach can be combined with individualization, we analyze in a qualitative card-sorting study how lay and expert users assess risks connected to Web sites in this paper. Our study indicates the diversity of mental models, both between the two groups and between individuals, particularly related to their preferences (e.g. concerning privacy or financial consequences). Based on these results, we propose four strategies on how to effectively improve security interventions through individualization. 

Typ des Eintrags: Konferenzveröffentlichung
Erschienen: 2013
Autor(en): Bartsch, Steffen ; Volkamer, Melanie
Titel: Effectively Communicate Risks for Diverse Users: A Mental-Models Approach for Individualized Security Interventions
Sprache: Englisch
Kurzbeschreibung (Abstract):

Security interventions – such as Web warnings – currently do not work. One approach to remedy the situation is to make the communication of risks in the interventions more understandable and motivating. Mental models that users have of security have been studied to accomplish these aims, primarily to better align the intervention with the mental model of the users. However, the users’ mental models are currently foremost understood in broad groups such as of lay and expert users – while risk communication literature proposes to individualize the communication. To explore how the mental-models approach can be combined with individualization, we analyze in a qualitative card-sorting study how lay and expert users assess risks connected to Web sites in this paper. Our study indicates the diversity of mental models, both between the two groups and between individuals, particularly related to their preferences (e.g. concerning privacy or financial consequences). Based on these results, we propose four strategies on how to effectively improve security interventions through individualization. 

Buchtitel: RiskKom-Workshop, INFORMATIK 2013
Verlag: Gesellschaft für Informatik
Freie Schlagworte: Security, Usability and Society;Secure Data
Fachbereich(e)/-gebiet(e): 20 Fachbereich Informatik > SECUSO - Security, Usability and Society
LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
Profilbereiche > Cybersicherheit (CYSEC)
LOEWE > LOEWE-Zentren
20 Fachbereich Informatik
Profilbereiche
LOEWE
Veranstaltungsort: Koblenz
Hinterlegungsdatum: 28 Jul 2016 18:35
ID-Nummer: TUD-CS-2013-0139
Verwandte URLs:
Export:

Optionen (nur für Redakteure)

Eintrag anzeigen Eintrag anzeigen