Exploring Website Location as a Security Indicator
Abstract
Authenticating websites is an ongoing problem for users. Recent proposals have suggested strengthening current server authentication methods by incorporating website location as a comprehensible additional trust factor. In this work, we explore users’ acceptance of location information and how it affects decision-making for security and privacy. We conducted a series of qualitative interviews to learn how location can be integrated into users’ decision-making for security, and we designed a security indicator to alert the user to changes in website locations. We evaluated our tool in a 44-participant user study and found that users were less likely to perform security-
sensitive tasks when alerted to location changes. Our results suggest that website location can be used as an effective indicator for users’ security assessments
People
BibTex
@INPROCEEDINGS{yu2018exploring,
isbn = {1-891562-53-3},
doi = {10.14722/usec.2018.23012},
year = {2018-02},
booktitle = {Proceedings of the NDSS Workshop on Usable Security (USEC), Internet Society, San Diego, USA, 2018},
type = {Conference Paper},
author = {Yu, Der-Yeuan and Stobert, Elizabeth and Basin, David and Capkun, Srdjan},
size = {13 p.},
abstract = {Authenticating websites is an ongoing problem for users. Recent proposals have suggested strengthening current server authentication methods by incorporating website location as a comprehensible additional trust factor. In this work, we explore users’ acceptance of location information and how it affects decision-making for security and privacy. We conducted a series of qualitative interviews to learn how location can be integrated into users’ decision-making for security, and we designed a security indicator to alert the user to changes in website locations. We evaluated our tool in a 44-participant user study and found that users were less likely to perform security-sensitive tasks when alerted to location changes. Our results suggest that website location can be used as an effective indicator for users’ security assessments},
language = {en},
address = {Reston, VA},
publisher = {Internet Society},
title = {Exploring Website Location as a Security Indicator},
Note = {NDSS Workshop on Usable Security (USEC) 2018; Conference Location: San Diego, CA, USA; Conference Date: February 18, 2018}
}
Research Collection: 20.500.11850/294045