TY - CHAP
T1 - An Investigation into the “Beautification” of Security Ceremonies
AU - Bella, Giampaolo
AU - Renaud, Karen
AU - Sempreboni, Diego
AU - Vigano, Luca
PY - 2019/5/6
Y1 - 2019/5/6
N2 - “Beautiful Security” is a paradigm that requires security ceremonies to contribute to the ‘beauty’ of a user experience. The underlying assumption is that people are likely to be willing to engage with more beautiful security ceremonies. It is hoped that such ceremonies will minimise human deviations from the prescribed interaction, and that security will be improved as a consequence. In this paper, we explain how we went about deriving beautification principles, and how we tested the efficacy of these by applying them to specific security ceremonies. As a first step, we deployed a crowd-sourced platform, using both explicit and metaphorical questions, to extract general aspects associated with the perception of the beauty of real-world security mechanisms. This resulted in the identification of four beautification design guidelines. We used these to beautify the following existing security ceremonies: Italian voting, user-to-laptop authentication, password setup and EU premises access. To test the efficacy of our guidelines, we again leveraged crowd-sourcing to determine whether our “beautified” ceremonies were indeed perceived to be more beautiful than the original ones. The results of this initial foray into the beautification of security ceremonies delivered promising results, but must be interpreted carefully.
AB - “Beautiful Security” is a paradigm that requires security ceremonies to contribute to the ‘beauty’ of a user experience. The underlying assumption is that people are likely to be willing to engage with more beautiful security ceremonies. It is hoped that such ceremonies will minimise human deviations from the prescribed interaction, and that security will be improved as a consequence. In this paper, we explain how we went about deriving beautification principles, and how we tested the efficacy of these by applying them to specific security ceremonies. As a first step, we deployed a crowd-sourced platform, using both explicit and metaphorical questions, to extract general aspects associated with the perception of the beauty of real-world security mechanisms. This resulted in the identification of four beautification design guidelines. We used these to beautify the following existing security ceremonies: Italian voting, user-to-laptop authentication, password setup and EU premises access. To test the efficacy of our guidelines, we again leveraged crowd-sourcing to determine whether our “beautified” ceremonies were indeed perceived to be more beautiful than the original ones. The results of this initial foray into the beautification of security ceremonies delivered promising results, but must be interpreted carefully.
UR - http://www.secrypt.icete.org/Home.aspx
M3 - Conference paper
BT - SECRYPT 2019
ER -