Security, Privacy and Usability – A Survey of Users’ Perceptions and Attitudes

  • Abdulwahid Al Abdulwahid
  • Nathan Clarke
  • Ingo Stengel
  • Steven Furnell
  • Christoph Reich
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9264)


Users are now in possession of an ever-growing number of advance digital devices with a wide range of capabilities which are used for accessing, storing and processing enormous information. A significant proportion of it is often considered sensitive and confidential. Accordingly, each device has its own associated security requirements and configurations. This paper presents the survey results of 302 digital device users, which aimed at exploring their technology usage and security practices, and at investigating their perceptions and satisfaction of associated current and alternative authentication approaches alongside their usability. Furthermore, it sought to analyse users’ awareness and attitudes towards related privacy issues. It is revealed that an inconsistency between users’ perceptions and real practices exists. Despite the widespread interest in more security, there is a quite low number of respondents using or maintaining the available security measures. However, it is apparent that users do not avoid applying the concept of authentication security but avoid the inconvenience of its current common techniques (biometrics are having growing practical interest). The respondents’ perceptions towards Trusted Third-Party (TTP) enable utilising biometrics for a novel authentication solution managed by a TTP working on multi devices to access multi services. However, it must be developed and implemented considerately.


Cyber security Usability Privacy User survey Biometrics Authentication Users’ perceptions Users’ security practices 


  1. 1.
    Meeker, M., Wu, L.: Internet Trends (2013).
  2. 2.
    IDC: A Future Fueled by Phablets.
  3. 3.
    CSID: Consumer Survey: Password Habits. A study among American consumers.
  4. 4.
    Symantec Corporation: Internet Security Threat Report 2013 (2013)Google Scholar
  5. 5.
    Verizon: 2014 Data Breach Investigations Report (2014)Google Scholar
  6. 6.
    PwC: Information Security Breaches Survey (2013)Google Scholar
  7. 7.
    O’Gorman, L.: Comparing passwords, tokens, and biometrics for user authentication. Proc. IEEE 91, 2021–2040 (2003)CrossRefGoogle Scholar
  8. 8.
    Furnell, S.M., Katsikas, S., Lopez, J., Patel, A.: Securing Information and Communications Systems: Principles, Technologies, and Applications. Artech House, Norwood (2008)Google Scholar
  9. 9.
    Li, F., Clarke, N., Papadaki, M., Dowland, P.: Behaviour profiling for transparent authentication for mobile devices. In: The 10th European Conference on Information Warfare and Security (ECIW 2011), pp. 307–314, Tallinn, Estonia (2011)Google Scholar
  10. 10.
    Crawford, H., Renaud, K., Storer, T.: A framework for continuous, transparent mobile device authentication. Comput. Secur. 39, 127–136 (2013)CrossRefGoogle Scholar
  11. 11.
    Al Abdulwahid, A., Clarke, N., Furnell, S., Stengel, I.: A conceptual model for federated authentication in the cloud. In: Proceedings of the 11th Australian Information Security Management Conference (AISM 2013), pp. 1–11. Edith Cowan University, Perth, Western Australia (2013)Google Scholar
  12. 12.
    Office of National Statistics: Internet Access - Households and Individuals, 2013. Stat. Bull. (2013)Google Scholar
  13. 13.
    Karatzouni, S., Clarke, N.L., Furnell, S.M.: Device- versus network-centric authentication paradigms for mobile devices: operational and perceptual trade-offs. In: 5th Australian Information Security Management Conference. pp. 1–13, Mount Lawley, Australia (2007)Google Scholar
  14. 14.
    PwC: Consumer privacy: What are consumers willing to share?.
  15. 15.
    Salesforce: 2014 Mobile Behavior ReportGoogle Scholar
  16. 16.
    Madsen, P., Koga, Y., Takahashi, K.: Federated identity management for protecting users from ID theft. In: Proceedings of the 2005 workshop on Digital identity management - DIM 2005, pp. 77–83. ACM Press, New York (2005)Google Scholar
  17. 17.
    Stihler, M., Santin, A.O., Marcon Jr., A.L., Fraga, J.D.S.: Integral federated identity management for cloud computing. In: 2012 5th International Conference on New Technologies, Mobility and Security (NTMS), pp. 1–5. IEEE (2012)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  • Abdulwahid Al Abdulwahid
    • 1
    • 2
  • Nathan Clarke
    • 1
    • 3
  • Ingo Stengel
    • 1
  • Steven Furnell
    • 1
    • 3
    • 4
  • Christoph Reich
    • 5
  1. 1.Centre for Security, Communications and Network ResearchPlymouth UniversityPlymouthUK
  2. 2.Computer Science and Engineering DepartmentJubail University CollegeJubailSaudi Arabia
  3. 3.Security Research InstituteEdith Cowan UniversityPerthAustralia
  4. 4.Centre for Research in Information and Cyber SecurityNelson Mandela Metropolitan UniversityPort ElizabethSouth Africa
  5. 5.Cloud Research LabFurtwangen UniversityFurtwangenGermany

Personalised recommendations