Jump to ContentJump to Main Navigation
Show Summary Details
More options …

i-com

Journal of Interactive Media

Editor-in-Chief: Ziegler, Jürgen

Online
ISSN
2196-6826
See all formats and pricing
More options …
Volume 18, Issue 3

Issues

Emerging Trends in Usable Security and Privacy

Florian AltORCID iD: https://orcid.org/0000-0001-8354-2195 / Emanuel von Zezschwitz
Published Online: 2020-01-14 | DOI: https://doi.org/10.1515/icom-2019-0019

Abstract

New technologies are constantly becoming part of our everyday life. At the same time, designers and developers still often do not consider the implications of their design choices on security and privacy. For example, new technologies generate sensitive data, enable access to sensitive data, or can be used in malicious ways. This creates a need to fundamentally rethink the way in which we design new technologies. While some of the related opportunities and challenges have been recognized and are being addressed by the community, there is still a need for a more holistic understanding. In this editorial, we will address this by (1) providing a brief historical overview on the research field of ‘Usable Security and Privacy’; (2) deriving a number of current and future trends; and (3) briefly introducing the articles that are part of this special issue and describing how they relate to the current trends and what researchers and practitioners can learn from them.

Keywords: Usable Security and Privacy; Trends

References

  • [1]

    Abdelrahman, Y., Khamis, M., Schneegass, S., and Alt, F. Stay cool! understanding thermal attacks on mobile-based user authentication. In Proceedings of the 2017 CHI Conference on Human Factors in Computing Systems (New York, NY, USA, 2017), CHI’17, ACM, pp. 3751–3763.Google Scholar

  • [2]

    Adams, A., Sasse, M. A., and Lunt, P. Making passwords secure and usable. In People and Computers XII. Springer, 1997, pp. 1–19.Google Scholar

  • [3]

    Alzubaidi, A., and Kalita, J. Authentication of smartphone users using behavioral biometrics. IEEE Communications Surveys Tutorials 18, 3 (thirdquarter 2016), 1998–2026.Web of ScienceCrossrefGoogle Scholar

  • [4]

    Buschek, D., De Luca, A., and Alt, F. Improving accuracy, applicability and usability of keystroke biometrics on mobile touchscreen devices. In Proceedings of the 33rd Annual ACM Conference on Human Factors in Computing Systems (New York, NY, USA, 2015), CHI’15, ACM, pp. 1393–1402.Google Scholar

  • [5]

    Buschek, D., De Luca, A., and Alt, F. Evaluating the influence of targets and hand postures on touch-based behavioural biometrics. In Proceedings of the 2016 CHI Conference on Human Factors in Computing Systems (New York, NY, USA, 2016), CHI’16, ACM, pp. 1349–1361.Google Scholar

  • [6]

    Fano, R. M., and Corbató, F. J. Time-sharing on computers. Scientific American 215, 3 (1966), 128–143.CrossrefGoogle Scholar

  • [7]

    Florêncio, D., Herley, C., and Van Oorschot, P. C. Password portfolios and the finite-effort user: Sustainably managing large numbers of accounts. In 23rd USENIX Security Symposium (USENIX Security 14) (2014), pp. 575–590.Google Scholar

  • [8]

    Garfinkel, S., and Lipford, H. R. Usable security: History, themes, and challenges. Synthesis Lectures on Information Security, Privacy, and Trust 5, 2 (2014), 1–124.CrossrefGoogle Scholar

  • [9]

    George, C., Khamis, M., von Zezschwitz, E., Burger, M., Schmidt, H., Alt, F., and Hussmann, H. Seamless and secure vr: Adapting and evaluating established authentication systems for virtual reality. NDSS.

  • [10]

    Harbach, M., von Zezschwitz, E., Fichtner, A., Luca, A. D., and Smith, M. It’s a hard lock life: A field study of smartphone (un)locking behavior and risk perception. In 10th Symposium On Usable Privacy and Security (SOUPS 2014) (Menlo Park, CA, July 2014), USENIX Association, pp. 213–230.Google Scholar

  • [11]

    Herley, C., Van Oorschot, P. C., and Patrick, A. S. Passwords: If we’re so smart, why are we still using them? In International Conference on Financial Cryptography and Data Security (2009), Springer, pp. 230–237.Google Scholar

  • [12]

    Kuyoro, S., Ibikunle, F., and Awodele, O. Cloud computing security issues and challenges. International Journal of Computer Networks (IJCN) 3, 5 (2011), 247–255.Google Scholar

  • [13]

    Li, F., Rogers, L., Mathur, A., Malkin, N., and Chetty, M. Keepers of the machines: examining how system administrators manage software updates. In Proceedings of the Fifteenth USENIX Conference on Usable Privacy and Security (2019), USENIX Association, pp. 273–288.Google Scholar

  • [14]

    Muaaz, M., and Mayrhofer, R. Smartphone-based gait recognition: From authentication to imitation. IEEE Transactions on Mobile Computing 16, 11 (Nov 2017), 3209–3221.Web of ScienceCrossrefGoogle Scholar

  • [15]

    Naiakshina, A., Danilova, A., Gerlitz, E., von Zezschwitz, E., and Smith, M. “if you want, i can store the encrypted password”: A password-storage field study with freelance developers. In Proceedings of the 2019 CHI Conference on Human Factors in Computing Systems (2019), ACM.Google Scholar

  • [16]

    Prange, S., von Zezschwitz, E., and Alt, F. Vision: Exploring challenges and opportunities for usable authentication in the smart home. In 2019 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW) (2019), IEEE, pp. 154–158.Google Scholar

  • [17]

    Saltzer, J. H., and Schroeder, M. D. The protection of information in computer systems. Proceedings of the IEEE 63, 9 (1975), 1278–1308.CrossrefGoogle Scholar

  • [18]

    Sasse, M. A., and Flechais, I. Usable security: Why do we need it? how do we get it? O’Reilly, 2005.Google Scholar

  • [19]

    Schneegass, S., Oualil, Y., and Bulling, A. Skullconduct: Biometric user identification on eyewear computers using bone conduction through the skull. In Proceedings of the 2016 CHI Conference on Human Factors in Computing Systems (New York, NY, USA, 2016), CHI’16, ACM, pp. 1379–1384.Google Scholar

  • [20]

    Stobert, E., and Biddle, R. The password life cycle: user behaviour in managing passwords. In 10th Symposium On Usable Privacy and Security (SOUPS 2014) (2014), pp. 243–255.Google Scholar

About the article

Florian Alt

Florian Alt is a professor for Usable Security and Privacy at the Resarch Institute CODE of the Bundeswehr University, Munich. Florian looks at the role of humans in security critical systems, focusing on topics related to behavioral biometrics, physiological security, social engineering, and usable security in novel application areas, such as smarthomes and VR. Florian is a subcommittee chair for CHI 2020, program chair of Mensch und Computer 2019 and 2020 and general chair of the 2018 Conference on Mobile and Ubiquitous Multimedia. He holds a PhD in computer science from the University of Stuttgart and a diploma in Media Informatics from LMU Munich.

Emanuel von Zezschwitz

Emanuel von Zezschwitz is leading an independent research group on usable security methods at the University of Bonn. Additionally, he is affiliated with Fraunhofer FKIE. He has a strong interest in privacy and security. His research focuses on the investigation of user behavior and security problems in the wild to develop practical solutions which actually fit into the context of use. He is actively involved in the fields of HCI and usable privacy and security. His work is internationally recognized and he is part of several program committees of highly ranked scientific conferences (e. g., CHI, SOUPS). In 2019, Emanuel von Zezschwitz will join Google as UX Researcher, based in Munich.


Published Online: 2020-01-14

Published in Print: 2019-11-18


Citation Information: i-com, Volume 18, Issue 3, Pages 189–195, ISSN (Online) 2196-6826, ISSN (Print) 1618-162X, DOI: https://doi.org/10.1515/icom-2019-0019.

Export Citation

© 2019 Walter de Gruyter GmbH, Berlin/Boston.Get Permission

Comments (0)

Please log in or register to comment.
Log in