Human-Computer Interaction (HCI); user experience; Usable privacy and security
Abstract :
[en] Usable privacy and security researchers have developed a variety of approaches to represent risk to research participants. To understand how these approaches are used and when each might be most appropriate, we conducted a systematic literature review of methods used in security and privacy studies with human participants. From a sample of 633 papers published at five top conferences between 2014 and 2018 that included keywords related to both security/privacy and usability, we systematically selected and analyzed 284 full-length papers that included human subjects studies. Our analysis focused on study methods; risk representation; the use of prototypes, scenarios, and educational intervention; the use of deception to simulate risk; and types of participants. We discuss benefits and shortcomings of the methods, and identify key methodological, ethical, and research challenges when representing and assessing security and privacy risk. We also provide guidelines for the reporting of user studies in security and privacy.
Disciplines :
Social & behavioral sciences, psychology: Multidisciplinary, general & others
Author, co-author :
DISTLER, Verena ; University of Luxembourg > Faculty of Humanities, Education and Social Sciences (FHSE) > Department of Behavioural and Cognitive Sciences (DBCS)
Fassl, Matthias; CISPA Helmholtz Center for Information Security
Habib, Hana; Carnegie Mellon University
Krombholz, Katharina; CISPA Helmholtz Center for Information Security
LENZINI, Gabriele ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > IRiSC
LALLEMAND, Carine ; University of Luxembourg > Faculty of Humanities, Education and Social Sciences (FHSE) > Department of Behavioural and Cognitive Sciences (DBCS)
Cranor, Lorrie Faith; Carnegie Mellon University
KOENIG, Vincent ; University of Luxembourg > Faculty of Humanities, Education and Social Sciences (FHSE) > Department of Behavioural and Cognitive Sciences (DBCS)
External co-authors :
yes
Language :
English
Title :
A Systematic Literature Review of Empirical Methods and Risk Representation in Usable Privacy and Security Research
Publication date :
December 2021
Journal title :
ACM Transactions on Computer-Human Interaction
ISSN :
1073-0516
eISSN :
1557-7325
Publisher :
Association for Computing Machinery (ACM), New-York, United States - New York
Volume :
28
Issue :
6
Pages :
50
Peer reviewed :
Peer Reviewed verified by ORBi
FnR Project :
FNR10621687 - Security And Privacy For System Protection, 2015 (01/01/2017-30/06/2023) - Sjouke Mauw