TY - JOUR
T1 - Only Play in Your Comfort Zone: Interaction Methods for Improving Security Awareness on Mobile Devices
AU - Riedl, Peter
AU - Mayrhofer, Rene
AU - Möller, Andreas
AU - Kranz, Matthias
AU - Lettner, Florian
AU - Holzmann, Clemens
AU - Koelle, Marion
PY - 2015/8/18
Y1 - 2015/8/18
N2 - In this paper, we study the concept of security zones as an intermediate layer of compartmentalization on mobile devices. Each of these security zones is isolated against the other zones and holds a different set of applications and associated user data and may apply different security policies. From a user point of view, they represent different contexts of use for the device, e.g., to distinguish between gaming (private context), payment transactions (secure context), and company-related email (enterprise context). We propose multiple visualization methods for conveying the current security zone information to the user, and interaction methods for switching between zones. Based on an online and a laboratory user study, we evaluated these concepts from a usability point of view. One important result is that in the tension field between security and usability, additional hardware can support the user’s awareness toward their zone context.
AB - In this paper, we study the concept of security zones as an intermediate layer of compartmentalization on mobile devices. Each of these security zones is isolated against the other zones and holds a different set of applications and associated user data and may apply different security policies. From a user point of view, they represent different contexts of use for the device, e.g., to distinguish between gaming (private context), payment transactions (secure context), and company-related email (enterprise context). We propose multiple visualization methods for conveying the current security zone information to the user, and interaction methods for switching between zones. Based on an online and a laboratory user study, we evaluated these concepts from a usability point of view. One important result is that in the tension field between security and usability, additional hardware can support the user’s awareness toward their zone context.
KW - Compartmentalization
KW - Mobile security
KW - Sandboxing
KW - Security zones
KW - Separation
UR - http://www.scopus.com/inward/record.url?scp=84939267210&partnerID=8YFLogxK
U2 - 10.1007/s00779-015-0840-5
DO - 10.1007/s00779-015-0840-5
M3 - Article
VL - 19
SP - 941
EP - 954
JO - Personal and Ubiquitous Computing
JF - Personal and Ubiquitous Computing
SN - 1617-4909
IS - 5-6
ER -