UCL  IRIS
Institutional Research Information Service
UCL Logo
Please report any queries concerning the funding data grouped in the sections named "Externally Awarded" or "Internally Disbursed" (shown on the profile page) to your Research Finance Administrator. Your can find your Research Finance Administrator at https://www.ucl.ac.uk/finance/research/rs-contacts.php by entering your department
Please report any queries concerning the student data shown on the profile page to:

Email: portico-services@ucl.ac.uk

Help Desk: http://www.ucl.ac.uk/ras/portico/helpdesk
Publication Detail
"No Good Reason to Remove Features" Expert Users Value Useful Apps over Secure Ones
  • Publication Type:
    Conference
  • Authors:
    Dodier-Lazaro S, Becker I, Krinke J, Sasse MA
  • Publisher:
    Springer
  • Publication date:
    12/07/2017
  • Published proceedings:
    Human Aspects of Information Security, Privacy and Trust
  • Volume:
    22
  • Series:
    Lecture Notes in Computer Science
  • Editors:
    Tryfonas, Theo
  • ISBN-13:
    978-3-319-58459-1
  • Name of conference:
    HCI International
  • Conference place:
    Vancouver
  • Conference start date:
    09/07/2017
  • Conference finish date:
    14/07/2017
  • Language:
    English
  • Keywords:
    Value-Sensitive Design, Security, Productive Security, Sandboxing, Apps, Appropriation
Abstract
Application sandboxes are an essential security mechanism to contain malware, but are seldom used on desktops. To understand why this is the case, we interviewed 13 expert users about app appropriation decisions they made on their desktop computers. We collected 201 statements about app appropriation decisions. Our value-sensitive empirical analysis of the interviews revealed that (a) security played a very minor role in app appropriation; (b) users valued plugins that support their productivity; (c) users may abandon apps that remove a feature – especially when a feature was blocked for security reasons. Our expert desktop users valued a stable user experience and flexibility, and are unwilling to sacrifice those for better security. We conclude that sandboxing – as currently implemented – is unlikely to be voluntarily adopted, especially by expert users. For sandboxing to become a desirable security mechanism, they must first accommodate plugins and features widely found in popular desktop apps.
Publication data is maintained in RPS. Visit https://rps.ucl.ac.uk
 More search options
UCL Researchers
Author
Dept of Security and Crime Science
Author
Dept of Computer Science
Author
Dept of Computer Science
University College London - Gower Street - London - WC1E 6BT Tel:+44 (0)20 7679 2000

© UCL 1999–2011

Search by