Noam Ben-Asher

Modeling the behavior of users who are confronted with security mechanisms

In this paper, we describe a new approach to analyze the trade-off between usability and security frequently found in security-related user interfaces. The approach involves the simulation of potential user interaction behavior by a mixed probabilistic and rule-driven state machine. On the basis of the simulations, user behavior in security-relevant situations can be predicted and user interfaces optimizing intended behavior can be designed. The approach is evaluated in an artificial microworld setting which provides good control over the experimental factors guiding the behavior. A comparison of empirical and simulated behavior in this microworld shows that the approach is already able to accurately predict important aspects of user behavior toward security interfaces, but also identifies future work necessary to better cover all relevant aspects guiding this behavior in a real-world setting.

Towards information technology security for universal access

One way to secure Information Technology (IT) systems is with authentication mechanisms that distinguish between users. Users who differ in their cognitive and motor abilities, cultural background and personal characteristics should be able to operate the IT system including its security features. If system design fails to consider user diversity, users might bypass or disable the security feature, reducing system security. Providing universal accessesibility and acceptability is generally a challenge, especially when dealing with IT security. We present a conceptual model that explores and establishes guidelines for the inclusion of biometric authentication in systems which serve a wide range of users. Aspects of this model were examined in laboratory settings using a task which simulates mobile access to an eBanking system with biometric authentication. Younger and older participants used the authentication mechanism. The age groups clearly differed in their interaction with the IT and the security system. Designing security system for universal access remains a major challenge.

Security and usability research using a microworld environment

Technological developments and the addition of new features to existing applications or services require the inclusion of security mechanisms to protect the user. When using these mechanisms the user faces a tradeoff between more risky and more efficient or safer and less efficient use of the system. We discuss this tradeoff and present a novel complementary experimental system which provides researchers and corporations the ability to explore and model the usability and security tradeoff in the context of user interaction with security systems and psychological acceptability, even before the actual development and implementation processes have ended.

All the news that's fit to e-ink

We describe a design project of a future electronic news device and service. The project employs about 20 researchers, designers and developers. It uses advances in product technologies and in social computing to deal with the challenges of transferring the print newspaper reading experience onto a mobile, hand-held device, and of transferring the editors power to decide what constitutes worthy news to the reader.