Svenja Polst scite author profile

Maier

2017

Security, privacy and usability are vital quality attributes of IT systems and services. Users and legal authorities demand that systems are secure and preserve privacy. At the same time, security and privacy mechanisms should not complicate workflows and must be transparent for the user. In order to master this challenge, a close involvement of the users is necessary - both at development and at run-time. In this paper, we present a user-centered model for usable security and privacy that is aligned with user-centered design guidelines [34] and the Human-Centered Design process [28]. Based on this model, we present an initial method for the design of usable security systems. Through active involvement of the user, the model and the method are meant to help developers to identify and solve shortcomings of their security and privacy mechanisms. We motivate our work and present our results based on an Internet of Things/smart home scenario. Due to the amount of private data and strong data protection laws, both usability and privacy are of major importance in this domain. However, our model and method are not limited to the smart home domain, but can be applied whenever usable security and privacy are of particular interest for a system under development

show abstract

Why Users Ignore Privacy Policies – A Survey and Intention Model for Explaining User Privacy Behavior

Rudolph

2018

Towards a Digital Ecosystem for a Smart City District: Procedure, Results, and Lessons Learned

Elberzhager¹,

Mennig²,

Polst³

et al. 2021

Smart Cities

The digital transformation supports many cities on the way to becoming smarter cities, enabling them to enhance digital processes, care about climate-friendly goals, or improve the quality of life of their citizens. However, such changes usually take place step by step and not in a big-bang approach. In order for the direction of the digital transformation to be defined, it is necessary to know and understand the needs and requirements of all relevant stakeholders who will be affected or are intended to use the new digital solutions. As our environment, a smart city district, is currently under construction, we do not know most of the future stakeholders yet. Therefore, we had to find new ways of eliciting the needs and requirements for digital solutions without knowing, e.g., the citizens who will live in the future district. We show a framework of the procedures we followed, classified into (a) vision and concepts, (b) smart city district digital ecosystem, and (c) dissemination and events. We substantiate the processes with example results and provide a discussion on how we evaluate our solutions with respect to future applicability. Because evaluations are only very limited in our setting right now, we focus on four lead questions to argue why the procedures and results are adequate and share the lessons we learned on this path towards a digital smart city district.

show abstract

Company Privacy Dashboards: Employee Needs and Requirements

Kelbert

2019

Heuristics and Models for Evaluating the Usability of Security Measures

2019