Abstract
“Beautiful Security” is a paradigm that requires security ceremonies to contribute to the ‘beauty’ of a user experience. The underlying assumption is that people are likely to be willing to engage with more beautiful security ceremonies. It is hoped that such ceremonies will minimise human deviations from the prescribed interaction, and that security will be improved as a consequence. In this paper, we explain how we went about deriving beautification principles, and how we tested the efficacy of these by applying them to specific security ceremonies. As a first step, we deployed a crowd-sourced platform, using both explicit and metaphorical questions, to extract general aspects associated with the perception of the beauty of real-world security mechanisms. This resulted in the identification of four beautification design guidelines. We used these to beautify the following existing security ceremonies: Italian voting, user-to-laptop authentication, password setup and EU premises access. To test the efficacy of our guidelines, we again leveraged crowd-sourcing to determine whether our “beautified” ceremonies were indeed perceived to be more beautiful than the original ones. The results of this initial foray into the beautification of security ceremonies delivered promising results, but must be interpreted carefully.
Original language | English |
---|---|
Title of host publication | Proceedings of the 16th International Joint Conference on e-Business and Telecommunications |
Editors | Mohammad Obaidat, Pierangela Samarati |
Publisher | Scitepress Digital Library |
Pages | 125-136 |
Number of pages | 12 |
Volume | 2: SECRYPT |
ISBN (Print) | 9789897583780 |
DOIs | |
Publication status | Published - 26 Jul 2019 |
Event | 16th International Conference on Security and Cryptography - Prague, Czech Republic Duration: 26 Jul 2019 → 28 Jul 2019 Conference number: 16th http://www.secrypt.icete.org/Home.aspx |
Conference
Conference | 16th International Conference on Security and Cryptography |
---|---|
Abbreviated title | SECRYPT 2019 |
Country/Territory | Czech Republic |
City | Prague |
Period | 26/07/19 → 28/07/19 |
Other | SECRYPT is an annual international conference covering research in information and communication security |
Internet address |
Keywords
- Beautiful security
- User survey
- Formal analysis
- Cyber security