Revealing hidden context: Improving mental models of personal firewall users

SOUPS 2009 - Proceedings of the 5th Symposium On Usable Privacy and Security

Volumn , Issue , 2009, Pages

  Raja, Fahimeh ^a   Hawkey, Kirstie ^a   Beznosov, Konstantin ^a  

^a UNIVERSITY OF BRITISH COLUMBIA   (Canada)

Author keywords

Configuration; Firewall; Mental model; Usable security

Indexed keywords

CONFIGURATION; FIREWALL; HIDDEN CONTEXT; MENTAL MODEL; NETWORK LOCATION; PERSONAL FIREWALLS; UNDERLYING SYSTEMS; USABLE SECURITY; WINDOWS VISTA;

COMPUTER OPERATING SYSTEMS;

COMPUTER SYSTEM FIREWALLS;

EID: 70350733771     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1572532.1572534     Document Type: Conference Paper

References (35)

1. P. Arjmandi, R. Boeck, F. Raja, and G. Viswanathan. Usability of Vista firewall: A labratory user study. EECE412 course project at the University of British Columbia, 2007.
2. A. Chebium, P. Jaferian, N. Kaviani, and F. Raja. Usability analysis of Vista firewall. CSCP544 course project at the University of British Columbia, 2008.
3. G. Chen and D. Kotz. A survey of context-aware mobile computing research. Technical Report TR2000-381, Dartmouth College, 2000.
4. S. Chiasson, P. C. van Oorschot, and R. Biddle. Even experts deserve usable security: Design guidelines for security management systems. In SOUPS Workshop on Usable IT Security Management (USM), pages 1{4, Pittsburgh, PA, July 2007.
5. J. Coutaz, J. L. Crowley, S. Dobson, and D. Garlan. Context is key. Commun. ACM, 48(3):49{53, 2005.
6. L. F. Cranor. Designing a privacy preference specification interface: A case study. In Proceedings of the Workshop on Human-Computer Interaction and Security Systems, page 4 pages, 2003.
7. L. F. Cranor. A framework for reasoning about the human in the loop. In UPSEC'08: Proceedings of the 1st Conference on Usability, Psychology, and Security, pages 1{15, Berkeley, CA, USA, 2008. USENIX Association.
8. R. de Paula, X. Ding, P. Dourish, K. Nies, B. Pillet, D. Redmiles, J. Ren, J. Rode, and R. S. Filho. Two experiences designing for effective security. In SOUPS '05: Proceedings of the 2005 Symposium On Usable Privacy and Security, pages 25-34, Pittsburgh, Pennsylvania, 2005. ACM.
9. P. Dourish, R. E. Grinter, J. D. de la Flor, and M. Joseph. Security in the wild: user strategies for managing security as an everyday, practical problem. Personal and Ubiquitous Computing, 8(6):391{401, 2004.
10. W. K. Edwards, E. S. Poole, and J. Stoll. Security automation considered harmful? In NSPW'07: Proceedings of the New Security Paradigms Workshop, White Mountain, New Hampshire, 2007.
11. W. Geng, S. Flinn, and J. DeDourek. Usable firewall configuration. In PST '05: Proceedings of the 3rd Annual Conference on Privacy, Security and Trust, page 11 pages, 2005.
12. A. Herzog and N. Shahmehri. Usability and security of personal firewalls. New Approaches for Security, Privacy and Trust in Complex Environments, pages 37-48, 2007.
13. A. Herzog and N. Shahmehri. User help techniques for usable security. In CHIMIT '07: Proceedings of the 2007 symposium on Computer Human Interaction for the Management of Information Technology, pages 93{102, Cambridge, Massachusetts, 2007. ACM.
14. S. Hohn. Bringing the user back into control: A new paradigm for usability in highly dynamic systems. Lecture notes in computer science, pages 114-122, 2006.
15. P. Jaferian. Usability study of Windows Vista's firewall. EECE512 course project at the University of British Columbia, 2008.
16. J. Johnston, J. H. P. Eloffa, and L. Labuschagneb. Security and human computer interfaces. Computers and Security, 22:675-684, 2003.
17. D. Jonassen and Y. H. Cho. Understanding Models for Learning and Instruction, chapter Externalizing Mental Models with Mindtools, pages 145{159. Springer US, 2008.
18. W. Karwowski. International Encyclopedia of Ergonomics and Human Factors, Second Edition - 3 Volume Set. CRC Press, Inc., Boca Raton, FL, USA, 2006.
19. P. Klasnja, S. Consolvo, J. Jung, B. M. Greenstein, L. LeGrand, P. Powledge, and D. Wetherall. "when i am on wi-fi, i am fearless": privacy concerns & practices in eeryday wi-fi use. In CHI '09: Proceedings of the 27th international conference on Human factors in computing systems, pages 1993-2002, New York, NY, USA, 2009. ACM.
20. R. A. Maxion and R. W. Reeder. Improving user-interface dependability through mitigation of human error. International Journal of Human-Computer Studies, 63:25-50, 2005.
21. J. McGrenere, R. M. Baecker, and K. S. Booth. An evaluation of a multiple interface design solution for bloated software. In CHI '02: Proceedings of the SIGCHI conference on Human factors in computing systems, pages 164-170, New York, NY, USA, 2002. ACM.
22. Microsoft. Windows Vista Help: Choosing a network location.
23. Microsoft. Windows Vista Help: What is a firewall.
24. Microsoft. Microsoft's annual revenue reaches $60 billion. http://www.microsoft.com, 2008.
25. Microsoft. Windows firewall with advanced security - content roadmap. http://technet.microsoft.com, 2008.
26. R. W. Reeder, L. Bauer, L. F. Cranor, M. K. Reiter, K. Bacon, K. How, and H. Strong. Expandable grids for visualizing and authoring computer security policies. In CHI '08: Proceeding of the twenty-sixth annual SIGCHI conference on Human factors in computing systems, pages 1473{1482, New York, NY, USA, 2008. ACM.
27. J. Rode, C. Johansson, P. DiGioia, R. S. Filho, K. Nies, D. H. Nguyen, J. Ren, P. Dourish, and D. Redmiles. Seeing further: extending visualization as a basis for usable security. In SOUPS '06: Proceedings of the second symposium on Usable privacy and security, pages 145{155, New York, NY, USA, 2006. ACM.
28. S. Smith. Humans in the loop: human-computer interaction and security. Security & Privacy, IEEE, 1(3):75{79, May-June 2003.
29. J. Stoll, C. S. Tashman, W. K. Edwards, and K. Spafford. Sesame: informing user security decisions with system visualization. In CHI '08: Proceeding of the twenty-sixth annual SIGCHI conference on Human factors in computing systems, pages 1045{1054, New York, NY, USA, 2008. ACM.
30. M. Tungare and M. Pérez-Quinones. Thinking outside the (beige) box: Personal information management beyond the desktop. In Proceedings of the 3rd Invitational Workshop on Personal Information Management, page 8 pages, 2008.
31. A. Whitten and J. Tygar. Why Johnny can't encrypt: A usability evaluation of PGP 5.0. In The 9th USENIX Security Symposium, pages 169-183, 1999.
32. A. Whitten and J. Tygar. Safe staging for computer security. In the Workshop on Human-Computer Interaction and security Systems, page 4 pages, Ft. Lauderdale, FL, 2003.
33. A. Wool. The use and usability of direction based filtering in firewalls. Computers and Security, 37:459-468, 2004.
34. K.-P. Yee. User interaction design for secure systems. In ICICS '02: Proceedings of the 4th International Conference on Information and Communications Security, pages 278-290, London, UK, 2002. Springer-Verlag.
35. K.-P. Yee. Aligning security and usability. Security & Privacy, IEEE, 2(5):48-55, Sept.-Oct. 2004.