An investigation into the “beautification” of security ceremonies

Giampaolo Bella, Karen Renaud, Diego Sempreboni, Luca Vigano

Research output: Chapter in Book/Report/Conference proceedingConference contribution

44 Downloads (Pure)

Abstract

“Beautiful Security” is a paradigm that requires security ceremonies to contribute to the ‘beauty’ of a user experience. The underlying assumption is that people are likely to be willing to engage with more beautiful security ceremonies. It is hoped that such ceremonies will minimise human deviations from the prescribed interaction, and that security will be improved as a consequence. In this paper, we explain how we went about deriving beautification principles, and how we tested the efficacy of these by applying them to specific security ceremonies. As a first step, we deployed a crowd-sourced platform, using both explicit and metaphorical questions, to extract general aspects associated with the perception of the beauty of real-world security mechanisms. This resulted in the identification of four beautification design guidelines. We used these to beautify the following existing security ceremonies: Italian voting, user-to-laptop authentication, password setup and EU premises access. To test the efficacy of our guidelines, we again leveraged crowd-sourcing to determine whether our “beautified” ceremonies were indeed perceived to be more beautiful than the original ones. The results of this initial foray into the beautification of security ceremonies delivered promising results, but must be interpreted carefully.
Original languageEnglish
Title of host publicationProceedings of the 16th International Joint Conference on e-Business and Telecommunications
EditorsMohammad Obaidat, Pierangela Samarati
PublisherScitepress Digital Library
Pages125-136
Number of pages12
Volume2: SECRYPT
ISBN (Print)9789897583780
DOIs
Publication statusPublished - 26 Jul 2019
Event16th International Conference on Security and Cryptography - Prague, Czech Republic
Duration: 26 Jul 201928 Jul 2019
Conference number: 16th
http://www.secrypt.icete.org/Home.aspx

Conference

Conference16th International Conference on Security and Cryptography
Abbreviated titleSECRYPT 2019
CountryCzech Republic
CityPrague
Period26/07/1928/07/19
OtherSECRYPT is an annual international conference covering research in information and communication security
Internet address

    Fingerprint

Cite this

Bella, G., Renaud, K., Sempreboni, D., & Vigano, L. (2019). An investigation into the “beautification” of security ceremonies. In M. Obaidat, & P. Samarati (Eds.), Proceedings of the 16th International Joint Conference on e-Business and Telecommunications (Vol. 2: SECRYPT, pp. 125-136). Scitepress Digital Library. https://doi.org/10.5220/0007921501250136