Abstract
Average users lack the technical expertise to understand SSL certificates and security is not their primary goal. Thus, it is very hard to create a notable impact on user behavior using SSL-status indicators. However, with the introduction of web browser Personas (simple skins) as a possibility to change the browser’s chrome, it becomes possible to provide a large status indicator without wasting screen real estate. In this work, we present an evaluation of Personas to represent the current SSL status combined with newly designed SSL warning messages, both in the lab and in the field. Results suggest that the concepts positively influenced security awareness.
Chapter PDF
Similar content being viewed by others
References
Amer, T.S., Maris, J.B.: Signal words and signal icons in application control and information technology. Journal of Information Systems 21 (2006)
Biddle, R., van Oorschot, P.C., Patrick, A.S., Sobey, J., Whalen, T.: Browser interfaces and extended validation SSL certificates: An empirical study. In: CCSW 2009. ACM, New York (2009)
CA/Browser Forum: Extended validation ssl certificates, http://cabforum.org
Egelman, S., Cranor, L.F., Hong, J.: You’ve been warned: an empirical study of the effectiveness of web browser phishing warnings. In: Proc. CHI 2008, pp. 1065–1074. ACM, Florence (2008)
Gibson, S., Laporte, L.: Security now episode 277, http://www.grc.com/securitynow.htm (visited March 27, 2011)
Grimes, J.: On the failure to detect changes in scenes across saccades. Perception 2, 89–110 (1996)
Lewis, J.R.: IBM computer usability satisfaction questionnaires: psychometric evaluation and instructions for use. International Journal of Human Computer Interaction 7(1), 57–78 (1995)
Morton, B.: SSLPersonas - SSL blog - Entrust insights, http://ssl.entrust.net/blog/?p=321 (visited March 27, 2011)
Roessler, T., Saldhana, A.: Web security context: User interface guidelines (2009)
Whitten, A., Tygar, J.D.: Why johnny can’t encrypt: A usability evaluation of PGP 5.0. In: Proc. USENIX 1999, pp. 169–184 (1999)
Wu, M., Miller, R.C., Garfinkel, S.L.: Do security toolbars actually prevent phishing attacks? In: Proc. CHI 2006, pp. 601–610. ACM, New York (2006)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 IFIP International Federation for Information Processing
About this paper
Cite this paper
Maurer, ME., De Luca, A., Stockinger, T. (2011). Shining Chrome: Using Web Browser Personas to Enhance SSL Certificate Visualization. In: Campos, P., Graham, N., Jorge, J., Nunes, N., Palanque, P., Winckler, M. (eds) Human-Computer Interaction – INTERACT 2011. INTERACT 2011. Lecture Notes in Computer Science, vol 6949. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-23768-3_4
Download citation
DOI: https://doi.org/10.1007/978-3-642-23768-3_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-23767-6
Online ISBN: 978-3-642-23768-3
eBook Packages: Computer ScienceComputer Science (R0)