It's too complicated, so i turned it off! Expectations, perceptions, and misconceptions of personal firewalls

Proceedings of the ACM Conference on Computer and Communications Security

Volumn , Issue , 2010, Pages 53-62

  Raja, Fahimeh ^a   Hawkey, Kirstie ^a   Jaferian, Pooya ^a   Beznosov, Konstantin ^a   Booth, Kellogg S ^a  

^a UNIVERSITY OF BRITISH COLUMBIA   (Canada)

Author keywords

personal firewall; usable security

Indexed keywords

BEHAVIOR-BASED; NETWORK SETTINGS; PERSONAL FIREWALLS; QUALITATIVE ANALYSIS; SECURITY APPLICATION; SEMI STRUCTURED INTERVIEWS; USABLE SECURITY;

COMPUTER SYSTEM FIREWALLS; COMPUTER VIRUSES;

PERSONAL COMPUTERS;

EID: 78650116009     PISSN: 15437221     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1866898.1866907     Document Type: Conference Paper

References (33)

1. Anderson, R. Psychology and security resource page. http://www.cl.cam.ac. uk/ rja14/psysec.html (2009).
2. Bishop, M. What is computer security? IEEE Security and Privacy, 1 , 1 (2003), 67-69.
3. Brostoff, S., Sasse, M. A., Chadwick, D., Cunningham, J., Mbanaso, U., and Otenko, S. R-What?: Development of a role-based access control policy-writing tool for e-Scientists. Software Practice and Experience, 35 , 9 (2005), 835-856.
4. Cranor, L. F. A framework for reasoning about the human in the loop. In UPSEC'08: Proceedings of the 1st Conference on Usability, Psychology, and Security. USENIX Association, Berkeley, CA, USA, 2008, 1-15.
5. DiGioia, P. and Dourish, P. Social navigation as a model for usable security. In SOUPS '05 . ACM, Pittsburgh, Pennsylvania, 2005, 101-108.
6. Dourish, P., Grinter, R. E., de la Flor, J. D., and Joseph, M. Security in the wild: user strategies for managing security as an everyday, practical problem. Personal and Ubiquitous Computing, 8 , 6 (2004), 391-401.
7. Downs, J. S., Holbrook, M. B., and Cranor, L. F. Decision strategies and susceptibility to phishing. In SOUPS '06 . ACM, New York, NY, USA, 2006, 79{90.
8. Ecclestone, R. Acsac 2001 review. Computers & Security, 21 , 1 (2001), 47-60.
9. Egelman, S., Cranor, L. F., and Hong, J. You've been warned: an empirical study of the effectiveness of web browser phishing warnings. In CHI '08: Proc. of the SIGCHI conf. on Human factors in Computing Systems. ACM, New York, NY, USA, 2008, 1065-1074.
10. Friedman, B., Hurley, D., Howe, D. C., Nissenbaum, H., and Felten, E. Users' conceptions of risks and harms on the web: a comparative study. In CHI '02: CHI '02 extended abstracts on Human factors in computing systems. ACM, New York, NY, USA, 2002, 614-615.
11. Garfinkel, S. L. Design principles and patterns for computer systems that are simultaneously secure and usable. Ph.D. thesis, Massachusetts Institute of Technology, Cambridge, MA, USA (2005). Adviser-David D. Clark and Adviser-Robert C. Miller.
12. Geng, W., Flinn, S., and DeDourek, J. Usable firewall configuration. In PST. 2005, 11 pages.
13. Giacoppo, S. Development methods: User needs assessment & task analyses. http://otal.umd.edu/hci-rm/dvlpmeth.html (2001).
14. Grinter, R. E. and Smetters, D. Three challenges for embedding security into applications. In CHI Workshop on Human-Computer Interaction and Security Systems. Fort Lauderdale, FL, 2003.
15. Gross, J. B. and Rosson, M. B. Looking for trouble: understanding end-user security management. In CHIMIT '07: Proceedings of the 2007 symposium on Computer human interaction for the management of information technology. ACM, New York, NY, USA, 2007, 10.
16. Hazari, S. Perceptions of end-users on the requirements in personal firewall software: An exploratory study. The Journal of Supercomputing, 17 , 3 (2005), 47-56.
17. Herzog, A. and Shahmehri, N. Usability and security of personal firewalls. New Approaches for Security, Privacy and Trust in Complex Environments (2007), 37-48.
18. Johnson, R. Examining the validity structure of qualitative research. Education, 118 , 2.
19. Johnston, J., Eloffa, J. H. P., and Labuschagneb, L. Security and human computer interfaces. Computers and Security, 22 (2003), 675-684.
20. Klasnja, P., Consolvo, S., Jung, J., Greenstein, B. M., LeGrand, L., Powledge, P., and Wetherall, D. "when i am on wi-fi, i am fearless": privacy concerns & practices in eeryday wi-fi use. In CHI '09: Proceedings of the 27th international conference on Human factors in computing systems. ACM, New York, NY, USA, 2009, 1993-2002.
21. Lampson, B. Privacy and security usable security: how to get it. Commun. ACM, 52 , 11 (2009), 25-27.
22. McDermott, P. Personal firewalls...one more step towards comprehensive security. Network Security, 2000 , 11 (2000), 11-14.
23. McGrath, J. E. Methodology matters: doing research in the behavioral and social sciences. Human-computer interaction: toward the year 2000 (1995), 152-169. Morgan Kaufmann Publishers Inc.
24. Nielsen, J. Usability Engineering. Morgan Kaufmann Publishers Inc., San Francisco, CA, USA, 1993.
25. Norman, D. A. When security gets in the way. http://www.jnd.org/dn.mss/ when security gets in the way.html (2009).
26. Raja, F., Hawkey, K., and Beznosov, K. Revealing hidden context: improving mental models of personal firewall users. In SOUPS '09 . ACM, New York, NY, USA, 2009, 1-12.
27. Saltzer, J. and Schroeder, M. The protection of information in computer systems. Proceedings of the IEEE, 63 , 9 (1975), 1278-1308.
28. Sandelowski, M. Whatever happened to qualitative description? Research in Nursing & Health, 23 , 4 (2000), 334-340.
29. Smetters, D. Usable security: Oxymoron or challenge? http://www.nae.edu/ nae/naefoe.nsf/weblinks/GBAN- 79EJLA/$FILE/smetters presentation.pdf? OpenElement (2007).
30. Stephenson, W. The study of behavior: Q-technique and its methodology. University of Chicago Press, 1953.
31. Stoll, J., Tashman, C. S., Edwards, W. K., and Spafford, K. Sesame: informing user security decisions with system visualization. In CHI . ACM, New York, NY, USA, 2008, 1045-1054.
32. Explore the features: Windows security center. http://www.microsoft.com/ windows/windows-vista/features/security-center.aspx (2010).
33. Wool, A. The use and usability of direction based filtering in firewalls. Computers and Security, 37 (2004), 459-468.