<div class="csl-bib-body">
<div class="csl-entry">Krombholz-Reindl, K. (2016). <i>Usable security and privacy challenges with disruptive technologies</i> [Dissertation, Technische Universität Wien]. reposiTUm. https://doi.org/10.34726/hss.2016.41089</div>
</div>
-
dc.identifier.uri
https://doi.org/10.34726/hss.2016.41089
-
dc.identifier.uri
http://hdl.handle.net/20.500.12708/6438
-
dc.description
Zusammenfassung in deutscher Sprache
-
dc.description.abstract
In the current age, disruptive technologies are proliferating rapidly and a plethora of devices is interconnected and exchanges data. This always- online paradigm poses significant challenges to their users as the underlying information-sharing models are difficult to understand. Hence, managing security and privacy has become increasingly complex for users. This complexity is more and more acknowledged and research has started to address human aspects of information security. End-users often struggle with security systems that are too diffcult to use and not designed to fulfil the users' needs. As a result, they are susceptible to a variety of attacks or accidentally disclose sensitive information without being aware of it. This highlights the need for an integration of human-computer interaction aspects in security research. This interdisciplinary eld which is also referred to as usable security has become necessary and is commonly an emerging eld of research. The goal of this work is to contribute to making security and privacy technology more user-friendly by understanding the users through user studies and by providing new concepts and designs that fulfil the users' needs. Throughout this thesis, we focused on usable security challenges around disruptive technologies. First, we systematized social engineering attack vectors and used machine learning to detect underground marketplaces where stolen sensitive data is traded. Then, we studied QR code-based phishing attacks and proposed and evaluated user-centric mitigation strategies. Moreover, we explored design directions for the design of future privacy-mediating technologies to support informed consent between users of wearable cameras in public places. Through qualitative interviews, we determined form factors for future designs and found that the participants preferred a tangible and decentralized device with a simple button to push. Furthermore, we proposed an enhanced PIN scheme called force-PINs and showed that our approach supports users in selecting stronger PINs with only minimal task overhead compared to digit-only PINs. We furthermore conducted user studies to research security and privacy-related challenges of crypto applications such as Bitcoin and TLS. Our large-scale study with Bitcoin users revealed that even experienced users often lose they keys and insuficiently backup their digital assets. The results of a lab study to study usability challenges in the HTTPS deployment process suggests that administrators are confronted with poor usability which results in weak configurations. Our findings in various fields of application revealed future challenges for the design of usable security and privacy technology based on user studies. Also, we presented user-centric security schemes and showed that our approaches improve security with a reasonable task overhead.
en
dc.language
English
-
dc.language.iso
en
-
dc.rights.uri
http://rightsstatements.org/vocab/InC/1.0/
-
dc.subject
Usable Security
en
dc.subject
Usable Privacy
en
dc.subject
Security
en
dc.subject
Privacy
en
dc.subject
Usability
en
dc.subject
human-centric design
en
dc.subject
usable crypto
en
dc.title
Usable security and privacy challenges with disruptive technologies
en
dc.type
Thesis
en
dc.type
Hochschulschrift
de
dc.rights.license
In Copyright
en
dc.rights.license
Urheberrechtsschutz
de
dc.identifier.doi
10.34726/hss.2016.41089
-
dc.contributor.affiliation
TU Wien, Österreich
-
dc.rights.holder
Katharina Krombholz-Reindl
-
dc.publisher.place
Wien
-
tuw.version
vor
-
tuw.thesisinformation
Technische Universität Wien
-
tuw.publication.orgunit
E188 - Institut für Softwaretechnik und Interaktive Systeme
-
dc.type.qualificationlevel
Doctoral
-
dc.identifier.libraryid
AC13390382
-
dc.description.numberOfPages
166
-
dc.identifier.urn
urn:nbn:at:at-ubtuw:1-91618
-
dc.thesistype
Dissertation
de
dc.thesistype
Dissertation
en
dc.rights.identifier
In Copyright
en
dc.rights.identifier
Urheberrechtsschutz
de
tuw.advisor.staffStatus
staff
-
item.languageiso639-1
en
-
item.fulltext
with Fulltext
-
item.openaccessfulltext
Open Access
-
item.mimetype
application/pdf
-
item.openairetype
doctoral thesis
-
item.grantfulltext
open
-
item.openairecristype
http://purl.org/coar/resource_type/c_db06
-
item.cerifentitytype
Publications
-
crisitem.author.dept
E194 - Institut für Information Systems Engineering