论文信息 - Gathering evidence: use of visual security cues in web browsers

Gathering evidence: use of visual security cues in web browsers

Web browsers support secure online transactions, and provide visual feedback mechanisms to inform the user about security. These mechanisms have had little evaluation to determine how easily they are noticed and how effectively they are used. This paper describes a preliminary study conducted to determine which elements are noted, which are ignored, and how easily they are found. We collected eyetracker data to study user's attention to browser security, and gathered additional subjective data through questionnaires. Our results demonstrated that while the lock icon is commonly viewed, its interactive capability is essentially ignored. We also found that certificate information is rarely used, and that people stop looking for security information after they have signed into a site. These initial results provide insights into how browser security cues might be improved.

Kori Inkpen Quinn | Tara Whalen | K. Quinn | Tara Whalen

[1] M. Angela Sasse,et al. Users are not the enemy , 1999, CACM.

[2] Helen Nissenbaum,et al. Users' conceptions of web security: a comparative study , 2002, CHI Extended Abstracts.

[3] J. Doug Tygar,et al. Why Johnny Can't Encrypt: A Usability Evaluation of PGP 5.0 , 1999, USENIX Security Symposium.

[4] Thomas W. Calvert,et al. Moving Icons: Detection and Distraction , 2001, INTERACT.

[5] Jerome H. Saltzer,et al. The protection of information in computer systems , 1975, Proc. IEEE.

[6] Batya Friedman,et al. Informed consent in the Mozilla browser: implementing value-sensitive design , 2002, Proceedings of the 35th Annual Hawaii International Conference on System Sciences.

[7] William Yurcik,et al. Two Visual Computer Network Security Monitoring Tools Incorporating Operator Interface Requirements , 2003 .