HCI Bibliography : Search Results skip to search form | skip to results |
Database updated: 2016-05-10 Searches since 2006-12-01: 32,346,858 		director@hcibib.org
Hosted by ACM SIGCHI
The HCI Bibliogaphy was moved to a new server 2015-05-12 and again 2016-01-05, substantially degrading the environment for making updates.
There are no plans to add to the database.
Please send questions or comments to director@hcibib.org.
Query: Vaniea_K* Results: 10 Sorted by: Date  Comments?
Help Dates
Limit:   
Tales of Software Updates: The process of updating software Software and Programming Tools / Vaniea, Kami / Rashidi, Yasmeen Proceedings of the ACM CHI'16 Conference on Human Factors in Computing Systems 2016-05-07 v.1 p.3215-3226
© Copyright 2016 ACM
ACM Digital Library Link
Summary: Updates alter the way software functions by fixing bugs, changing features, and modifying the user interface. Sometimes changes are welcome, even anticipated, and sometimes they are unwanted leading to users avoiding potentially unwanted updates. If users delay or do not install updates it can have serious security implications for their computer. Updates are one of the primary mechanisms for correcting discovered vulnerabilities, when a user does not update they remain vulnerable to an increasing number of attacks. In this work we detail the process users go through when updating their software, including both the positive and negative issues they experience. We asked 307 survey respondents to provide two contrasting software update stories. Using content analysis we analysed the stories and found that users go through six stages while updating: awareness, deciding to update, preparation, installation, troubleshooting, and post state. We further detail the issues respondents experienced during each stage and the impact on their willingness to update.
Factors Related to Privacy Concerns and Protection Behaviors Regarding Behavioral Advertising WIP Theme: Trust, Privacy and Emotions / Wohn, Donghee Yvette / Solomon, Jacob / Sarkar, Dan / Vaniea, Kami E. Extended Abstracts of the ACM CHI'15 Conference on Human Factors in Computing Systems 2015-04-18 v.2 p.1965-1970
© Copyright 2015 ACM
ACM Digital Library Link
Summary: Research on online behavioral advertising has focused on users' attitudes towards sharing and what information they are willing to share. An unexplored area in this domain is how users' knowledge of how to protect their information differs from their self-efficacy about executing privacy protection behavior. The results of a 179-participant online study show that knowledge explains privacy concerns, but self-efficacy explains protection behaviors. Perceived behavioral control was related to both concerns and behavior.
Out of the Loop: How Automated Software Updates Cause Unintended Security Consequences Warnings and Decisions / Wash, Rick / Rader, Emilee / Vaniea, Kami / Rizor, Michelle Proceedings of the 2014 Symposium on Usable Privacy and Security 2014-07-10 p.6
© Copyright 2014 Authors
www.usenix.org/conference/soups2014/proceedings/presentation/wash
Summary: When security updates are not installed, or installed slowly, end users are at an increased risk for harm. To improve security, software designers have endeavored to remove the user from the software update loop. However, user involvement in software updates remains necessary; not all updates are wanted, and required reboots can negatively impact users. We used a multi-method approach to collect interview, survey, and computer log data from 37 Windows 7 users. We compared what the users think is happening on their computers (interview and survey data), what users want to happen on their computer (interview and survey data), and what was actually going on (log data). We found that 28 out of our 37 participants had a misunderstanding about what was happening on their computer, and that over half of the participants could not execute their intentions for computer management.
Betrayed by updates: how negative experiences affect future security Risks and security / Vaniea, Kami E. / Rader, Emilee / Wash, Rick Proceedings of ACM CHI 2014 Conference on Human Factors in Computing Systems 2014-04-26 v.1 p.2671-2674
© Copyright 2014 ACM
ACM Digital Library Link
Summary: Installing security-relevant software updates is one of the best computer protection mechanisms. However, users do not always choose to install updates. Through interviewing non-expert Windows users, we found that users frequently decide not to install future updates, regardless of whether they are important for security, after negative experiences with past updates. This means that even non-security updates (such as user interface changes) can impact the security of a computer. We discuss three themes impacting users' willingness to install updates: unexpected new features in an update, the difficulty of assessing whether an update is 'worth it', and confusion about why an update is necessary.
More than skin deep: measuring effects of the underlying model on access-control system usability Security (systems) / Reeder, Robert W. / Bauer, Lujo / Cranor, Lorrie F. / Reiter, Michael K. / Vaniea, Kami Proceedings of ACM CHI 2011 Conference on Human Factors in Computing Systems 2011-05-07 v.1 p.2065-2074
© Copyright 2011 ACM
ACM Digital Library Link
Summary: In access-control systems, policy rules conflict when they prescribe different decisions (allow or deny) for the same access. We present the results of a user study that demonstrates the significant impact of conflict-resolution method on policy-authoring usability. In our study of 54 participants, varying the conflict-resolution method yielded statistically significant differences in accuracy in five of the six tasks we tested, including differences in accuracy rates of up to 78%. Our results suggest that a conflict-resolution method favoring rules of smaller scope over rules of larger scope is more usable than the Microsoft Windows operating system's method of favoring deny rules over allow rules. Perhaps more importantly, our results demonstrate that even seemingly small changes to a system's semantics can fundamentally affect the system's usability in ways that are beyond the power of user interfaces to correct.
Access control for home data sharing: evaluating social acceptability At home with computing / Mazurek, Michelle L. / Arsenault, J. P. / Bresee, Joanna / Gupta, Nitin / Ion, Iulia / Johns, Christina / Lee, Daniel / Liang, Yuan / Olsen, Jenny / Salmon, Brandon / Shay, Richard / Vaniea, Kami / Bauer, Lujo / Cranor, Lorrie Faith / Ganger, Gregory R. / Reiter, Michael K. Proceedings of ACM CHI 2010 Conference on Human Factors in Computing Systems 2010-04-10 v.1 p.645-654
Keywords: access control, home computing, privacy, security
© Copyright 2010 ACM
ACM Digital Library Link
Summary: As digital content becomes more prevalent in the home, non-technical users are increasingly interested in sharing that content with others and accessing it from multiple devices. Not much is known about how these users think about controlling access to this data. To better understand this, we conducted semi-structured, in-situ interviews with 33 users in 15 households. We found that users create ad-hoc access-control mechanisms that do not always work; that their ideal policies are complex and multi-dimensional; that a priori policy specification is often insufficient; and that people's mental models of access control and security are often misaligned with current systems. We detail these findings and present a set of associated guidelines for designing usable access-control systems for the home environment.
Real life challenges in access-control management Security / Bauer, Lujo / Cranor, Lorrie Faith / Reeder, Robert W. / Reiter, Michael K. / Vaniea, Kami Proceedings of ACM CHI 2009 Conference on Human Factors in Computing Systems 2009-04-04 v.1 p.899-908
Keywords: access control, policy creation
© Copyright 2009 ACM
ACM Digital Library Link
Summary: In this work we ask the question: what are the challenges of managing a physical or file system access-control policy for a large organization? To answer the question, we conducted a series of interviews with thirteen administrators who manage access-control policy for either a file system or a physical space. Based on these interviews we identified three sets of real-world requirements that are either ignored or inadequately addressed by technology: 1) policies are made/implemented by multiple people; 2) policy makers are distinct from policy implementers; and 3) access-control systems don't always have the capability to implement the desired policy. We present our interview results and propose several possible solutions to address the observed issues.
Evaluating assistance of natural language policy authoring Configuration and policies / Vaniea, Kami / Karat, Clare-Marie / Gross, Joshua B. / Karat, John / Brodie, Carolyn Proceedings of the 2008 Symposium on Usable Privacy and Security 2008-07-23 p.65-73
© Copyright 2008 ACM
ACM Digital Library Link
Summary: The goal of the research study reported here was to investigate policy authors' ability to take descriptions of changes to policy situations and author high-quality, complete policy rules that would parse with high accuracy. As a part of this research, we investigated ways in which we could assist policy authors in writing policies. This paper presents the results of a user study on the effectiveness of providing syntax highlighting in a natural language policy authoring interface. While subjects liked the new interface, they showed no improvement in accuracy when writing rules. We discuss our results in terms of a three phase authoring process that users move through when authoring or modifying policies. We describe this process, discuss why and how our interface failed to support it and make recommendations to designers on how to better support this process.
A user study of policy creation in a flexible access-control system Policy, Telemedicine, and Enterprise / Bauer, Lujo / Cranor, Lorrie Faith / Reeder, Robert W. / Reiter, Michael K. / Vaniea, Kami Proceedings of ACM CHI 2008 Conference on Human Factors in Computing Systems 2008-04-05 v.1 p.543-552
© Copyright 2008 ACM
ACM Digital Library Link
Summary: Significant effort has been invested in developing expressive and flexible access-control languages and systems. However, little has been done to evaluate these systems in practical situations with real users, and few attempts have been made to discover and analyze the access-control policies that users actually want to implement. We report on a user study in which we derive the ideal access policies desired by a group of users for physical security in an office environment. We compare these ideal policies to the policies the users actually implemented with keys and with a smartphone-based distributed access-control system. We develop a methodology that allows us to show quantitatively that the smartphone system allowed our users to implement their ideal policies more accurately and securely than they could with keys, and we describe where each system fell short.
Lessons learned from the deployment of a smartphone-based access-control system Privacy and access control / Bauer, Lujo / Cranor, Lorrie Faith / Reiter, Michael K. / Vaniea, Kami Proceedings of the 2007 Symposium on Usable Privacy and Security 2007-07-18 p.64-75
ACM Digital Library Link
cups.cs.cmu.edu/soups/2007/proceedings/p64_bauer.pdf
Summary: Grey is a smartphone-based system by which a user can exercise her authority to gain access to rooms in our university building, and by which she can delegate that authority to other users. We present findings from a trial of Grey, with emphasis on how common usability principles manifest themselves in a smartphone-based security application. In particular, we demonstrate aspects of the system that gave rise to failures, misunderstandings, misperceptions, and unintended uses; network effects and new flexibility enabled by Grey; and the implications of these for user behavior. We argue that the manner in which usability principles emerged in the context of Grey can inform the design of other such applications.