Computer Security and Privacy for the Physical World

Purpose The purpose of this study is to identify factors that determine computer and security expertise in end users. They can be significant determinants of human behaviour and interactions in the security and privacy context. Standardized, externally valid instruments for measuring end-user security expertise are non-existent. Design/methodology/approach A questionnaire encompassing skills and knowledge-based questions was developed to identify critical factors that constitute expertise in end users. Exploratory factor analysis was applied on the results from 898 participants from a wide range of populations. Cluster analysis was applied to characterize the relationship between computer and security expertise. Ordered logistic regression models were applied to measure efficacy of the proposed security and computing factors in predicting user comprehension of security concepts: phishing and certificates. Findings There are levels to peoples’ computer and security expertise that could be reasonably measured and operationalized. Four factors that constitute computer security-related skills and knowledge are, namely, basic computer skills, advanced computer skills, security knowledge and advanced security skills, and these are identified as determinants of computer expertise. Practical implications Findings from this work can be used to guide the design of security interfaces such that it caters to people with different expertise levels and does not force users to exercise more cognitive processes than required. Originality/value This work identified four factors that constitute security expertise in end users. Findings from this work were integrated to propose a framework called Security SRK for guiding further research on security expertise. This work posits that security expertise instrument for end user should measure three cognitive dimensions: security skills, rules and knowledge.

Download Full-text

Ethical Concerns in Computer Security and Privacy Research Involving Human Subjects

Financial Cryptography and Data Security - Lecture Notes in Computer Science ◽

10.1007/978-3-642-14992-4_23 ◽

2010 ◽

pp. 247-249 ◽

Cited By ~ 2

Author(s):

Lorrie Faith Cranor

Keyword(s):

Computer Security ◽

Human Subjects ◽

Security And Privacy ◽

Ethical Concerns

Download Full-text

Humans and Technology for Inclusive Privacy and Security

Proceedings of the Human Factors and Ergonomics Society Annual Meeting ◽

10.1177/1071181320641104 ◽

2020 ◽

Vol 64 (1) ◽

pp. 461-464

Author(s):

Sanchari Das ◽

Robert S. Gutzwiller ◽

Rod D. Roscoe ◽

Prashanth Rajivan ◽

Yang Wang ◽

...

Keyword(s):

Computer Security ◽

Risk Perceptions ◽

Security And Privacy ◽

User Privacy ◽

Privacy And Security ◽

Persons With Disabilities ◽

Software Bugs ◽

Digital Era ◽

Critical Issues ◽

User Data

Computer security and user privacy are critical issues and concerns in the digital era due to both increasing users and threats to their data. Separate issues arise between generic cybersecurity guidance (i.e., protect all user data from malicious threats) and the individualistic approach of privacy (i.e., specific to users and dependent on user needs and risk perceptions). Research has shown that several security- and privacy-focused vulnerabilities are technological (e.g., software bugs (Streiff, Kenny, Das, Leeth, & Camp, 2018), insecure authentication (Das, Wang, Tingle, & Camp, 2019)), or behavioral (e.g., sharing passwords (Das, Dingman, & Camp, 2018); and compliance (Das, Dev, & Srinivasan, 2018) (Dev, Das, Rashidi, & Camp, 2019)). This panel proposal addresses a third category of sociotechnical vulnerabilities that can and sometimes do arise from non-inclusive design of security and privacy. In this panel, we will address users’ needs and desires for privacy. The panel will engage in in-depth discussions about value-sensitive design while focusing on potentially vulnerable populations, such as older adults, teens, persons with disabilities, and others who are not typically emphasized in general security and privacy concerns. Human factors have a stake in and ability to facilitate improvements in these areas.

Download Full-text

Computer Security and Privacy in Wireless Local Area Network in Nigeria

International Journal of Engineering Research in Africa ◽

10.4028/www.scientific.net/jera.9.23 ◽

2013 ◽

Vol 9 ◽

pp. 23-33

Author(s):

P.E. Orukpe ◽

T.O. Erhiaguna ◽

F.O. Agbontaen

Keyword(s):

Computer Security ◽

Wireless Network ◽

Wireless Local Area Network ◽

Local Area Network ◽

Access Point ◽

Local Area ◽

Security And Privacy ◽

Portable Devices ◽

Area Network ◽

Computing Services

The advent of wireless computing and massive processing power available within portable devices provides organizations with an unprecedented ability to provide flexible computing services on-demand to enable business initiatives and this development has increased the demand for wireless network security, which if unaddressed enables the theft of data, lowers productivity, and causes quantifiable financial losses. Flaws arising from wireless protocol with networking design and implementation errors present challenges to the Wireless Fidelity (Wi-Fi) community of users. In this paper, we attempt to document and classify the flaws in Wi-Fi Protected Setup (WPS), then proving the existence of this flaw with a WPS Pin Cracking Method, and presenting a Reverse Engineering countermeasure to eliminating WPS from an Access Point firmware, including other recommendations to helping the network administrators not repeat the errors that are the root causes of flaws of wireless networking in general from being exploited. By implementing the various techniques discussed in this paper, a better and more secure wireless network will be developed.

Download Full-text

Connecting Physical-World to Cyber-World: Security and Privacy Issues in Pervasive Sensing

Wireless Networks - Security and Privacy for Next-Generation Wireless Networks ◽

10.1007/978-3-030-01150-5_3 ◽

2018 ◽

pp. 49-63

Author(s):

Sheng Zhong ◽

Hong Zhong ◽

Xinyi Huang ◽

Panlong Yang ◽

Jin Shi ◽

...

Keyword(s):

Physical World ◽

Security And Privacy ◽

Pervasive Sensing ◽

Privacy Issues

Download Full-text

Information Security and Privacy in Social Media

Advances in Social Networking and Online Communities - Implications of Social Media Use in Personal and Professional Settings ◽

10.4018/978-1-4666-7401-1.ch004 ◽

2015 ◽

pp. 73-101

Author(s):

Hemamali Tennakoon

Keyword(s):

Social Media ◽

Information Security ◽

Computer Security ◽

Security And Privacy ◽

Future Research ◽

Complex Nature ◽

Personal Privacy ◽

Informational Privacy ◽

Privacy Breaches ◽

Concept Of Information

Information security and privacy are multi-faceted concepts, and earlier definitions of information security and privacy seem inadequate in the context of emerging technologies such as social media. Hence, this chapter presents an analysis of the concept of information security followed by a discussion of computer security, information security, network security, personal privacy, informational privacy, etc. Then the discussion narrows down to information security and privacy on Social Networking Sites (SNS) followed by an analysis of the consequences of information security and privacy breaches from individualistic and organizational perspectives. The lack of understanding of the complex nature of security and privacy issues are preventing businesses from gaining the full economic benefit, especially on SNS. Therefore, some solutions and recommendations are suggested towards the end of the chapter, including the need for a common legal framework. Finally, the chapter ends with suggestions for future research.

Download Full-text