Utilizing user centered design to mitigate security threats
Abstract: As technology advances and is more and more intertwined with our everyday lives, the security of these systems becomes very important. Abraham Maslow famously put safety needs as the second level of his hierarchy of needs, its importance second only to physical needs such as air, food and sleep. To make sure technological systems are as safe as possible there exists threat modeling frameworks and processes. These are made to find possible threats and make sure they are mitigated to a wanted extent. The mitigations realized during these processes often involve code related and cryptographical solutions as they are carried out by software development teams. However, some threats stem from human error and can be hard or impossible to develop code based solutions to. An example of this, which is discussed in this thesis, is the threat of phishing where an adversary tricks a user into performing some harmful action. This thesis aims to explore the possibility to use design and user centered design process to mitigate threats found in one of these threat modeling processes. A threat modeling process was performed on the Homepal data platform and a threat was chosen with possible design related mitigations to focus on. A literature study was conducted to find mitigation alternatives and a survey was made to investigate the user base’s opinions on them. After the requirements were set, lo-fi alternatives where then created and evaluated and the results turned into hi-fi prototypes. The hi-fi prototypes were then subject to a more extensive evaluation, resulting in one poster being recommended as well as several guidelines for how to effectively convey security tips on posters.
AT THIS PAGE YOU CAN DOWNLOAD THE WHOLE ESSAY. (follow the link to the next page)