This paper presents a set of patterns for user interface designers to help users better protect themselves from cyberattacks. The basic idea is to create and support mental models of cybersecurity that resembles the way people manage security in the physical world. The patterns therefore focus on conceptual strategies, and allow a range of UI designs appropriate to different platforms, including desktop, web, and mobile presentations. This idea stems from focus group studies of how people manage everyday security, and our identification of the common steps that people follow. A key concept that emerged was the distinction between being 'home', where they were present and engaged, and 'away', when they were distant. The common steps involved preparation for being away, and what to do on return. Our cybersecurity patterns suggest and support similar behaviour online. The patterns already have known uses, but many others are possible, and greater use and consistency would be beneficial.
[1]
W. H. F. Barnes.
The Nature of Explanation
,
1944,
Nature.
[2]
P. Johnson-Laird,et al.
Mental Models: Towards a Cognitive Science of Language, Inference, and Consciousness
,
1985
.
[3]
Robert Biddle,et al.
Control and Understanding in Malware and Legitimate Software
,
2019,
2019 APWG Symposium on Electronic Crime Research (eCrime).
[4]
Peter Sommerlad,et al.
Security Patterns: Integrating Security and Systems Engineering
,
2006
.
[5]
G. Lakoff,et al.
Metaphors We Live by
,
1982
.