Johnny's Journey Toward Usable Secure Email

Ruoti, Scott; Seamons, Kent E.

doi:10.1109/msec.2019.2933683

Cited by 23 publications

(17 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…There needs to be more willingness by the various stakeholders to allow for alternatives that support the needs of only some of the stakeholders. There has been significant effort by the usable security research community to study the issues surrounding secure email, and usable system designs have been demonstrated in a laboratory setting [28].…”

Section: Fig 83mentioning

confidence: 99%

Privacy-Enhancing Technologies

Seamons

2021

Modern Socio-Technical Perspectives on Privacy

Self Cite

View full text Add to dashboard Cite

An increasing amount of sensitive information is being communicated and stored online. Frequent reports of data breaches and sensitive data disclosures underscore the need for effective technologies that users and administrators can deploy to protect sensitive data. Privacy-enhancing technologies can control access to sensitive information to prevent or limit privacy violations. This chapter focuses on some of the technologies that prevent unauthorized access to sensitive information. These technologies include secure messaging, secure email, HTTPS, two-factor authentication, and anonymous communication. Usability is an essential component of a security evaluation because human error or unwarranted inconvenience can render the strongest security guarantees meaningless. Quantitative and qualitative studies from the usable security research community evaluate privacy-enhancing technologies from a socio-technical viewpoint and provide insights for future efforts to design and develop practical techniques to safeguard privacy. This chapter discusses the primary privacy-enhancing technologies that the usable security research community has analyzed and identifies issues, recommendations, and future research directions.

show abstract

Section: Fig 83mentioning

confidence: 99%

Privacy-Enhancing Technologies

Seamons

2021

Modern Socio-Technical Perspectives on Privacy

Self Cite

View full text Add to dashboard Cite

show abstract

“…In (Ruoti and Seamons 2019), Ruoti and Seamons focussed on proposing future research work directions. They advocate for longitudinal studies that examine usability of existing secure email solutions in long-term, and which could reveal other usability issues that are unknown up to now.…”

Section: Apple Mail (Ios 12)mentioning

confidence: 99%

Usability of End-to-End Encryption in E-Mail Communication

et al. 2021

View full text Add to dashboard Cite

This paper presents the results of a usability study focused on three end-to-end encryption technologies for securing e-mail traffic, namely PGP, S/MIME, and Pretty Easy Privacy (pEp). The findings of this study show that, despite of existing technology, users seldom apply them for securing e-mail communication. Moreover, this study helps to explain why users hesitate to employ encryption technology in their e-mail communication. For this usability study, we have combined two methods: 1) an online survey, 2) and user testing with 12 participants who were enrolled in tasks requiring e-mail encryption. We found that more than 60% of our study participants (in both methods) are unaware of the existence of encryption technologies and thus never tried to use one. We observed that above all, users 1) are overwhelmed with the management of public keys and 2) struggle with the setup of encryption technology in their e-mail software. Nonetheless, 66% of the participants consider secure e-mail communication as important or very important. Particularly, we found an even stronger concern about identity theft among e-mail users, as 78% of the participants want to make sure that no other person is able to write e-mail on their behalf.

show abstract

“…Moreover, studies have pointed out that these usability issues also have an impact on users' security, e.g., users are unable to recognize potential intrusions while being involved in a digital signing process. The work of [8], while analyzing the issue, concludes that similar obstacles still exist.…”

Section: Introductionmentioning

confidence: 99%

A Machine Learning-Based Method for Automated Blockchain Transaction Signing Including Personalized Anomaly Detection

Podgorelec

Turkanović

Karakatič

2019

Sensors

View full text Add to dashboard Cite

The basis of blockchain-related data, stored in distributed ledgers, are digitally signed transactions. Data can be stored on the blockchain ledger only after a digital signing process is performed by a user with a blockchain-based digital identity. However, this process is time-consuming and not user-friendly, which is one of the reasons blockchain technology is not fully accepted. In this paper, we propose a machine learning-based method, which introduces automated signing of blockchain transactions, while including also a personalized identification of anomalous transactions. In order to evaluate the proposed method, an experiment and analysis were performed on data from the Ethereum public main network. The analysis shows promising results and paves the road for a possible future integration of such a method in dedicated digital signing software for blockchain transactions.

show abstract

Johnny's Journey Toward Usable Secure Email

Cited by 23 publications

References 5 publications

Privacy-Enhancing Technologies

Privacy-Enhancing Technologies

Usability of End-to-End Encryption in E-Mail Communication

A Machine Learning-Based Method for Automated Blockchain Transaction Signing Including Personalized Anomaly Detection

Contact Info

Product

Resources

About