Usable Security: Towards a Trustable Information Infrastructure

Usable Security: Towards a Trustable Information Infrastructure (Demo, Poster)
Research Staff: Kari Nies, UCI/ISR
Student: Roberto Silva Filho, UCI/ISR
Advisors: Paul Dourish UCI/ISR, David Redmiles UCI/ISR
Abstract: Computer system security is traditionally regarded as a primarily technological concern; the fundamental questions to which security researchers address themselves are those of the mathematical guarantees that can be made for the performance of various communication and computational challenges. However, in our research, we focus on a different question. For us, the fundamental security question is one that end-users routinely encounter and resolve for themselves many times a day -- the question of whether a system is secure enough for their immediate needs.

In this poster, we will present our explorations of this issue. In particular, we present Impromptu, a peer-to-peer file-sharing tool for in face-to-face collaborative settings. It provides a broad platform for investigating security and interaction. We have been using Impromptu as the basis of an initial evaluation of our technology in support of everyday security practices in collaborative workgroups.

As a result of our initial user studies, the interface was extended in two ways. First, new activity history visualizations were added, allowing users to better understand and perceive the activity of other peers in their collaboration; and second, the Impromptu desktop application was augmented with the use of PDAs, or thin clients. A thin client supplements the desktop interface by allowing the visualization of events that can otherwise be unnoticed by the user, for example, when the desktop application gets obscured by other file manipulation and editing tools.
Bio: Roberto S. Silva Filho is a Ph.D. candidate in Software Engineering at the Department of Informatics from the Donald Bren School of Information and Computer Sciences at University of California, Irvine. He holds a MS degree in Information and Computer Science from UC, Irvine and another one from the Institute of Computing at UNICAMP - University of Campinas, Brazil. His main interest areas are software product lines for middleware, especially publish/subscribe, and their support for collaboration.