In this paper, we explore graphical passwords as a child-friendly alternative for user authentication. We evaluate the usability of three variants of the PassTiles graphical password scheme for children, and explore the similarities and differences in performance and preferences between children and adults while using these schemes. Children were most successful at recalling passwords containing images of distinct objects. Both children and adults prefer graphical passwords to their existing schemes, but password memorization strategies differ considerably between the two groups. Based on our findings, we provide recommendations for designing more child-friendly authentication schemes.
Usable security for software developers is a research direction that is in its early stages. Even though developers typically have technical expertise, they are not necessarily security experts and need support when dealing with security. This thesis focuses on the human aspect of software security within the overall development process. The research employes mixed methods, including Cognitive Walkthrough studies, interviews, and an online survey study. We started by studying usability issues in code analysis tools, and designed a visual analysis environment to support collaboration between team members and exploration during security analysis of source code. However, while working on this project, we recognized that the software security problem is a larger one, relating to the overall process of integrating security in the Software Development Lifecycle. Thus, through 13 interviews and an online survey with 123 software developers, we explored real-life software security practices, how developers acquire security knowledge, and the motivators and deterrents to software security. Based on our empirical studies, we identified recommendations that can help support developers handle security throughout the Software Development Lifecycle. Our qualitative and quantitative analyses showed varying approaches to software security, and clear discrepancies between existing and best practices. Through exploring developers' motivations towards software security, we identified both extrinsic and intrinsic motivations. We found that acting towards software security volitionally and for reasons extending beyond mandates can lead to better security processes and better developer-engagement in these processes. Particularly, our studies showed that when the different entities involved in the Software Development Lifecycle communicate and collaborate, and when security is perceived as a common and shared responsibility, this can positively influence software security, e.g., by promoting internal motivations which are associated with improved engagement and cognitive abilities. Towards promoting the internalization of software security, we proposed a human-oriented model to describe how external software security motivations can be internalized. Our model highlights the interplay between security knowledge, team collaboration, and internal motivations to security. Working on this thesis was a wonderful journey with its fair share of ups and downs. I would like to express my gratitude to all those who have supported me throughout this journey. To my thesis supervisor, Sonia Chiasson, for her continuous support and guidance, and for her insights that helped elevate the quality of this research. Thank you Sonia for always being there, especially in the many sleepless nights before deadlines, and for being a friend, besides being a thesis supervisor. Thanks to the members of my committee, Heather Lipford, Timothy Lethbridge, Alejandro Ramirez, and Robert Biddle whose expertise, guidance, and feedback helped shape this thesis. I would e...
Introduction Information Technologies (IT) may serve assistive roles that facilitate the interaction of people living with cognitive disabilities (CD) within their environments. However, there are some notable concerns related to privacy threats associated with the use of IT. The purpose of this study was to examine how assistive technology developers may best adapt over time to develop their IT to be resilient against threats to privacy. We therefore focused on the following areas: (1) developers’ knowledge and practices related to privacy protection; (2) challenges when applying recommended practices, and; (3) preferred channels to acquire knowledge. Method We conducted semi-structured interviews with ten technology developers who are members of the AGE-WELL network undertaking research and development of assistive technologies to be used by people who have cognitive disabilities. We used an inductive-deductive method for the analysis of qualitative data to examine participant responses and generate themes related to the study goals. Results Principal themes that emerged from the data include practices specific to populations with CD, challenges to obtaining consent to use of information, and preferred channels to acquire knowledge. Conclusion We identify areas of focus for developing a knowledge mobilization strategy to improve relevant policies and practices.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.