UCL logo

UCL Discovery

UCL home » Library Services » Electronic resources » UCL Discovery

The usability canary in the security coal mine: A cognitive framework for evaluation and design of usable authentication solutions

Glass, B; Jenkinson, G; Liu, Y; Sasse, MA; Stajano, F; (2016) The usability canary in the security coal mine: A cognitive framework for evaluation and design of usable authentication solutions. In: Proceedings of the 2016 European Workshop on Usable Security (EuroUSEC ’16). Internet Society: Darmstadt, Germany. Green open access

[img]
Preview
Text
Sasse_04 the-usability-canary-in-the-security-coal-mine-a-cognitive-framework-for-evaluation-and-design-of-usable-authentication-solutions.pdf - ["content_typename_Published version" not defined]

Download (1MB) | Preview

Abstract

Over the past 15 years, researchers have identified an increasing number of security mechanisms that are so unusable that the intended users either circumvent them or give up on a service rather than suffer the security. With hindsight, the reasons can be identified easily enough: either the security task itself is too cumbersome and/or time-consuming, or it creates high friction with the users’ primary task. The aim of the research presented here is to equip designers who select and implement security mechanisms with a method for identifying the “best fit” security mechanism at the design stage. Since many usability problems have been identified with authentication, we focus on “best fit” authentication, and present a framework that allows security designers not only to model the workload associated with a particular authentication method, but more importantly to model it in the context of the user’s primary task. We draw on results from cognitive psychology to create a method that allows a designer to understand the impact of a particular authentication method on user productivity and satisfaction. In a validation study using a physical mockup of an airline check-in kiosk, we demonstrate that the model can predict user performance and satisfaction. Furthermore, design experts suggested personalized order recommendations which were similar to our model’s predictions. Our model is the first that supports identification of a holistic fit between the task of user authentication and the context in which it is performed. When applied to new systems, we believe it will help designers understand the usability impact of their security choices and thus develop solutions that maximize both.

Type: Proceedings paper
Title: The usability canary in the security coal mine: A cognitive framework for evaluation and design of usable authentication solutions
ISBN: 1891562452
Open access status: An open access version is available from UCL Discovery
DOI: 10.14722/eurousec.2016.23007
Publisher version: http://www.internetsociety.org/doc/usability-canar...
Language: English
Additional information: Copyright © 2016 Internet Society. This is an Open Access paper published under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License (http://creativecommons.org/licenses/by-nc-sa/3.0/deed.en_US).
UCL classification: UCL > Provost and Vice Provost Offices
UCL > Provost and Vice Provost Offices > UCL BEAMS
UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science
UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Computer Science
URI: http://discovery.ucl.ac.uk/id/eprint/1521716
Downloads since deposit
63Downloads
Download activity - last month
Download activity - last 12 months
Downloads by country - last 12 months

Archive Staff Only

View Item View Item