On Users' Mental Models of Security Controls

Опубликовано 17 августа 2016, 0:41

A mental model is 'an abstraction of systemΓÇÖs architecture and software structures that is simple enough for non-technical users to grasp. . . It provides an integrated package of knowledge that allows the user to predict what the system will do if certain commands are executed, to predict the state of the system after the commands have been executed, to plan methods for novel tasks, and to deal with odd error situations' (Card and Moran, 1986). Adequate mental models of security controls are critical for computer users in order to avoid dangerous errors. Yet, security controls and their interfaces are hard to design in a way that could help users in developing and maintaining adequate mental models. I will describe resent research at the Laboratory for Education and Research in Secure Systems Engineering (lersse.ece.ubc.ca), University of British Columbia. I will focus on those projects in which we either intentionally study users' mental models of security controls or end-up stumbling upon them (or their parts) by accident. Specifically, I will focus on the studies of Vista personal firewall, UAC prompt, and web authentication with OpenID. I will discuss our findings about the corresponding mental models and ideas for improving them.