Security in the wild: User strategies for managing security as an everyday, practical problem

Personal and Ubiquitous Computing

Volumn 8, Issue 6, 2004, Pages 391-401

  Dourish, Paul ^a   Grinter, Rebecca E ^b   De La Flor, Jessica Delgado ^a   Joseph, Melissa ^a  

^a Ringgold Standard Institution Informatics   (United States)

^b Georgia Institute of Technology   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

HARDWARE;

MOBILE TECHNOLOGY; ORGANIZATIONAL CONTEXT; PRACTICAL PROBLEMS; SECURITY SOLUTIONS; SYSTEM SECURITY; TECHNICAL PROPERTIES; TECHNICAL SOLUTIONS; USER STRATEGIES;

COMPUTER APPLICATIONS;

EID: 84900482702     PISSN: 16174909     EISSN: None     Source Type: Journal    
DOI: 10.1007/s00779-004-0308-5     Document Type: Article

References (34)

1. Ackerman MS (2000) The intellectual challenge of CSCW: the gap between social requirements and technical feasibility. Hum Comput Interact 15(2-3):179-203
2. Adams A, Sasse MA (1999) Users are not the enemy: why users compromise security mechanisms and how to take remedial measures. Commun ACM 42(12):40-46
3. Adams A, Sasse MA, Lunt P (1997) Making passwords secure and usable. In: Thimbleby H, O'Connaill B, Thomas P (eds) Proceedings of the HCI'97 conference on people and computers XII, Bristol, UK, August 1997. Springer, Berlin Heidelberg New York, pp 1-19
4. Altman I (1975) The environment and social behavior: privacy, personal space, territory, and crowding. Brooks/Cole, Monterey, California
5. Balfanz D, Smetters D, Stewart P, Wong H (2002) Talking to strangers: authentication in ad-hoc wireless networks. In: Proceedings of the network and distributed system security symposium (NDSS 2002), San Diego, California, February 2002
6. Bernard HR (1988) Research methods in cultural anthropology. Sage, Newbury Park, California
7. Blaze M (1993) A cryptographic file system for UNIX. In: Proceedings of the 1st ACM conference on computer and communications security (CCS'93), Fairfax, Virginia, November 1993. ACM Press, New York, pp 9-16
8. Brostoff S, Sasse MA (2000) Are passfaces more usable than passwords? A field trial investigation. In: McDonald S, Waern Y, Cockton G (eds) Proceedings of the HCI 2000 conference on people and computers XIV-usability or else!, Sunderland, UK, September 2000. Springer, Berlin Heidelberg New York, pp 405-424
9. Dhamija R, Perrig A (2000) Deja vu: a user study using images for authentication. In: Proceedings of the 9th USENIX security symposium, Denver, Colorado, August 2000
10. Dourish P, Redmiles D (2002) An approach to usable security based on event monitoring and visualization. In: Proceedings of the ACM new security paradigms workshop (NSPW 2002), Virginia Beach, Virginia, September 2002. ACM Press, New York
11. Friedman B, Hurley D, Howe D, Felten E, Nissenbaum H (2002) Users' conceptions of web security: a comparative study. In: Proceedings of the CHI 2002 conference on human factors in computing systems, Minneapolis, Minnesota, April 2002
12. Edwards WK, Newman MW, Sedivy JZ, Smith TF, Izadi S (2002) Challenge: recombinant computing and the speakeasy approach. In: Proceedings of the 8th annual ACM international conference on mobile computing and networking (MobiCom 2002), Atlanta, Georgia, September 2002. ACM Press, New York
13. Glaser B, Strauss A (1967) The discovery of grounded theory: strategies for qualitative research. Aldine, Chicago, Illinois
14. Grinter R, Paled L (2002) Instant messaging in teen life. In: Proceedings of the ACM conference on computer-supported cooperative work (CSCW 2002), New Orleans, Louisiana, November 2002. ACM Press, New York pp 21-30
15. Grinter R, Eldridge M (2003) Wan2tlk? Everyday text messaging. In: Proceedings of the CHI 2003 conference on human factors in computing systems, Fort Lauderdale, Florida, April 2003. ACM Press, New York
16. Henning R (1999) Security service level agreements: quantifiable security for the enterprise? In: Proceedings of the ACM new security paradigm workshop (NSPW'99), Ontario, Canada, September 1999. ACM Press, New York, pp 54-60
17. Irvine C, Levin T (2001) Quality of security service. In: Proceedings of the ACM new security paradigms workshop (NSPW 2001), Cloudcroft, New Mexico, September 2001. ACM Press, New York, pp 91-99
18. Johanson B, Fox A, Winograd T (2002) The interactive workspaces project: experiences with ubiquitous computing rooms. IEEE Pervasive Comput 1(2):67-75
19. Kindberg T, Zhang K (2003) Secure spontaneous device association. In: Proceedings of the 5th international conference on ubiquitous computing (Ubicomp 2003), Seattle, Washington, October 2003. Lecture notes in computer science LNCS 2864, Springer, Berlin Heidelberg New York
20. Moran T, Dourish P (eds) (2001) Special issue on contextaware computing. Hum Comput Interact 16(2-4):87
21. Palen L, Dourish P (2003) Unpacking "privacy" for a networked world. In: Proceedings of the CHI 2003 conference on human factors in computing systems, Fort Lauderdale, Florida, April 2003. ACM Press, New York
22. Rimmer J, Wakeman I, Sheeran L, Sasse MA (1999) Examining users' repertoire of internet applications. In: Sasse MA, Johnson (eds) Proceedings of the 7th IFIP conference on human- computer interaction (Interact'99), Edinburgh, Scotland, August/September 1999
23. Sheehan K (2002) Towards a typology of internet users and online privacy concerns. Inf Soc 18:21-32
24. Sheeran L, Sasse A, Rimmer J, Wakeman I (2001) How web browsers shape users' understanding of networks. Electron Libr 20(1):35-42
25. Smetters D, Grinter R (2002) Moving from the design of usable security technologies to the design of useful secure applications. In: Proceedings of the ACM new security paradigms workshop (NSPW 2002), Virginia Beach, Virginia, September 2002. ACM Press, New York
26. Spyropoulou E, Levin T, Irvine C (2000) Calculating costs for quality of security service. In: Proceedings of the 16th annual computer security applications conference (ACSAC 2000), New Orleans, Louisiana, December 2000
27. Stajano, F (2002) Security for ubiquitous computing. Wiley, New York
28. Thomsen D, Denz M (1997) Incremental assurance for multilevel applications. In: Proceedings of the 13th annual computer security applications conference (ACSAC'97), San Diego, California, December 1997
29. Weirich D, Sasse MA (2001) Pretty good persuasion: a first step towards effective password security for the real world. In: Proceedings of the ACM new security paradigms workshop (NSPW 2001), Cloudcroft, New Mexico, September 2001. ACM Press, New York, pp 137-143
30. Weiser M (1991) The computer for the 21st century. Sci Am 265(3):94-104
31. Weiser M (1993) Some computer science issues in ubiquitous computing. Commun ACM 36(7):74-83
32. Whitten A, Tiger JD (1999) Why Johnny can't encrypt: a usability evaluation of PGP 5.0. In: Proceedings of the 9th USENIX security symposium, Denver, Colorado, August 2000
33. Yee K-P (2002) User interaction design for secure systems. In: Proceedings of the 4th international conference on information and communications security (ICICS 2002), Singapore, December 2002
34. Zurko ME, Simon R (1996) User-centered security. In: Proceedings of the ACM new security paradigms workshop (NSPW'96), Lake Arrowhead, California, September 1996. ACM Press, New York