The Security Cost of Cheap User Interaction

被引:0
|
作者
Boehme, Rainer [1 ]
Grossklags, Jens [2 ]
机构
[1] Univ Munster, Leonardo Campus 3, D-48149 Munster, Germany
[2] Penn State Univ, University Pk, PA 16802 USA
来源
PROCEEDINGS OF THE 2011 NEW SECURITY PARADIGMS WORKSHOP (NSPW'11) | 2011年
关键词
Interdisciplinary Security and Privacy; Attention Economics; Usable Security; Bounded Rationality; Security Warnings; Notice and Consent; HCI; Security Economics; Policy; PRIVACY; CONTRACTS; ONLINE; ECONOMICS; CHOICE; SAFETY;
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Human attention is a scarce resource, and lack thereof can cause severe security breaches. As most security techniques rely on considerate human intervention in one way or another, this resource should be consumed economically. In this context, we postulate the view that every false alarm or unnecessary user interaction imposes a negative externality on all other potential consumers of this chunk of attention. The paper identifies incentive problems that stimulate over-consumption of human attention in security applications. It further outlines a lump-of-attention model, devised against the backdrop of established theories in the behavioral sciences, and discusses incentive mechanisms to fix the mis-allocation problem in security notification, for instance the idea of a Pigovian tax on attention consumption.
引用
收藏
页码:67 / 82
页数:16
相关论文
共 50 条
12345