DOES THE AUGMENTATION OF SERVICE LEVEL AGREEMENTS AFFECT USER DECISIONS IN CLOUD ADOPTION SCENARIOS? – AN EXPERIMENTAL APPROACH

Despite the benefits of cloud computing, customers are reluctant to use cloud services as they have concerns about data security and privacy. Many of these concerns arise due to the lack of transparen-cy. Consequently, bridging the existing information asymmetry and, thus, fostering trust in the cloud provider is of high relevance. As service level agreements are an important trust building factor and due to their technical and complex nature, the augmentation of these is promising. Therefore, we in-vestigate the effects of augmenting service level agreements (by means of augmented browsing) on the ease of the information gathering process and simultaneously on perceived information overload, comprehension and transparency in a web-based experiment. The results of our online experiment do not confirm our assumed positive effects of augmentation. Nonetheless, we show that the ease of gath-ering information about a cloud service positively influences the perceived trustworthiness. Further-more, we demonstrate that the perceived trustworthiness of a cloud computing provider largely deter-mines the intention to use its services. Thus, besides improving security, cloud providers not only have to communicate trust-critical information but also have to identify suitable measures of information provisioning that considerably improve transparency while lowering information overload

From usability to secure computing and back again

Secure multi-party computation (MPC) allows multiple parties to jointly compute the output of a function while preserving the privacy of any individual party’s inputs to that function. As MPC protocols transition from research prototypes to realworld applications, the usability of MPC-enabled applications is increasingly critical to their successful deployment and widespread adoption. Our Web-MPC platform, designed with a focus on usability, has been deployed for privacy-preserving data aggregation initiatives with the City of Boston and the Greater Boston Chamber of Commerce. After building and deploying an initial version of the platform, we conducted a heuristic evaluation to identify usability improvements and implemented corresponding application enhancements. However, it is difficult to gauge the effectiveness of these changes within the context of real-world deployments using traditional web analytics tools without compromising the security guarantees of the platform. This work consists of two contributions that address this challenge: (1) the Web-MPC platform has been extended with the capability to collect web analytics using existing MPC protocols, and (2) as a test of this feature and a way to inform future work, this capability has been leveraged to conduct a usability study comparing the two versions ofWeb-MPC. While many efforts have focused on ways to enhance the usability of privacy-preserving technologies, this study serves as a model for using a privacy-preserving data-driven approach to evaluate and enhance the usability of privacy-preserving websites and applications deployed in realworld scenarios. Data collected in this study yields insights into the relationship between usability and security; these can help inform future implementations of MPC solutions.Published versio

Secure webs and buying intention: the moderating role of usability

El presente trabajo ha planteado un modelo conceptual a fin de mostrar como los antecedentes de la intención de compra se ven reforzados en contextos de Webs altamente usables. Específicamente, el trabajo analiza en profundidad el rol moderador de la usabilidad en la explicación de la conexión entre seguridad de una Web e intención de compra. Entre ambos extremos (seguridad e intención de compra), se han incluido diversas variables para explicar mejor su conexión. Para ello, ha sido diseñada una Web ficticia de ropa dirigida al segmento joven de clase media. A fin de alterar la usabilidad de la Web se han realizado dos tipos de manipulaciones: la velocidad y la facilidad de uso de la Web. Las dos Webs creadas (alta usabilidad y baja usabilidad) fueron visitadas por un total de 170 encuestados que fueron compensados con un USB valorado en 15 euros. Los resultados muestran que la seguridad percibida en la Web acarrea tres interesantes efectos (especialmente para la Web altamente usable): (i) mejora las actitudes agrado, (ii) reduce el nivel de riesgo percibido; (iii) aumenta la confianza. Los dos últimos efectos, a su vez, acaban aumentando la intención de compra.. Por último, se ha demostrado que la usabilidad, efectivamente, refuerza las relaciones consideradas en el modelo propuesto para explicar la intención de compra.A conceptual model has been proposed to show how buying intention antecedents are reinforced in highly usable contexts. Specifically, this paper deeply analyses the moderator role of system variables (usability) on explaining the relationship between Web security and buying intention. Between both extremes (security and buying intention), several relationships have also been stated to better explain this effect. An “ideal” fictitious Website was designed for a non existent clothing company directed at the segment of middle class consumers. In order to alter Web usability, two blocks of changes were made, one concerning Website speed and the other related to ease of use. Our experiment sample consisted of 170 respondents who participated in exchange for a pen-drive (USB) valued at 15 euros. The results show that improving website security has three interesting effects (especially in high usable contexts): (i) it improves pleasure attitudes, (ii) reduces the level of perceived risk and (iii) increases trust. Secondly, it has been found that to increase buying intention, two actions must be taken: (i) to diminish perceived risk and (ii) to improve users’ pleasure attitudes towards the Website. Finally, usability has been found to have a moderating role in all the relationships considered (reinforcing them)

Online privacy: towards informational self-determination on the internet : report from Dagstuhl Perspectives Workshop 11061

The Dagstuhl Perspectives Workshop "Online Privacy: Towards Informational Self-Determination on the Internet" (11061) has been held in February 6-11, 2011 at Schloss Dagstuhl. 30 participants from academia, public sector, and industry have identified the current status-of-the-art of and challenges for online privacy as well as derived recommendations for improving online privacy. Whereas the Dagstuhl Manifesto of this workshop concludes the results of the working groups and panel discussions, this article presents the talks of this workshop by their abstracts

Security and Privacy Issues of Big Data

This chapter revises the most important aspects in how computing infrastructures should be configured and intelligently managed to fulfill the most notably security aspects required by Big Data applications. One of them is privacy. It is a pertinent aspect to be addressed because users share more and more personal data and content through their devices and computers to social networks and public clouds. So, a secure framework to social networks is a very hot topic research. This last topic is addressed in one of the two sections of the current chapter with case studies. In addition, the traditional mechanisms to support security such as firewalls and demilitarized zones are not suitable to be applied in computing systems to support Big Data. SDN is an emergent management solution that could become a convenient mechanism to implement security in Big Data systems, as we show through a second case study at the end of the chapter. This also discusses current relevant work and identifies open issues.Comment: In book Handbook of Research on Trends and Future Directions in Big Data and Web Intelligence, IGI Global, 201

The Exploitation of Web Navigation Data: Ethical Issues and Alternative Scenarios

Nowadays, the users' browsing activity on the Internet is not completely private due to many entities that collect and use such data, either for legitimate or illegal goals. The implications are serious, from a person who exposes unconsciously his private information to an unknown third party entity, to a company that is unable to control its information to the outside world. As a result, users have lost control over their private data in the Internet. In this paper, we present the entities involved in users' data collection and usage. Then, we highlight what are the ethical issues that arise for users, companies, scientists and governments. Finally, we present some alternative scenarios and suggestions for the entities to address such ethical issues.Comment: 11 pages, 1 figur