Campus Event Calendar: Serge Egelman (03/19/2009 in E1 5/019)

Campus Event Calendar

Campus Event Calendar:
- All Upcoming:
  - only for D1
  - only for D2
  - only for INET
  - only for D4
  - only for D5
  - only for D6
  - only for RG1
  - Mailing Lists
  - by Speaker
  - by Type
  - by Category
  - by Title
  - Calendar
  - RSS Feed
- History of Events:

Event Entry

What and Who

"Usable Security Lessons for Creating Effective Browser Warnings"

Serge Egelman

Carnegie Mellon

SWS Colloquium

Serge Egelman is a PhD student within Carnegie Mellon University's School of Computer Science. His main research area is on usable privacy and security, which has included work on phishing detection, authentication systems, online privacy, user account models, and online shopping behaviors. His dissertation is on design patterns for creating effective online trust indicators, which are based on user studies that he's done on privacy policies, phishing warnings, and SSL error messages. Serge was a summer intern at PARC in 2006, as well as an intern at Microsoft Research for six months in 2008. While at MSR, he helped the IE team redesign the IE8 phishing warning based on the results of his research. Serge enjoys traveling the world and hopes to visit every UNESCO World Heritage Site. Though his more recent pastimes center around graduating and applying for jobs.

SWS, RG1

Expert Audience

English

Note: We use this to send email in the morning.

Date, Time and Location

Thursday, 19 March 2009

16:00

60 Minutes

E1 5

019

Saarbrücken

Abstract

In a world where making an incorrect online trust decision can mean the difference between checking your account balance and transferring it to criminals, Internet users need effective security warnings to help them identify risky situations. In a perfect world, software could automatically detect all security threats and then block access to high risk websites. Because there are many threats that we cannot detect with 100% accuracy and false positives are all too frequent, web browser vendors generally opt to warn users about security threats. In this talk I cover the common pitfalls of web browser security warnings and draw parallels with literature in the warning sciences. I describe the results of two laboratory phishing studies I performed in order to examine users' mental models, risk perceptions, and comprehension of current security warnings. Finally, I show how I used these findings to iteratively design and test a more usable SSL warning that clearly conveys risk and uses context to minimize habituation effects.

Contact

Brigitta Hansen

0681 9325691

--email hidden

Video Broadcast

Video Broadcast:

Yes

To Location:

Kaiserslautern

To Building:

G26

To Room:

206

Cisco Meeting ID:

System used:

Meeting URL:

Meeting ID:

Passcode:

passcode not visible

Code Visible for:

logged in users only

Brigitta Hansen, 03/11/2009 13:32 -- Created document.

Imprint / Impressum | Data Protection / Datenschutzhinweis