Bridging the gap between human and machine trust : applying methods of user-centred design and usability to computer security

This work presents methods for improving the usability of security. The work focuses on trust as part of computer security. Methods of usability and user-centred design present an essential starting point for the research. The work uses the methods these fields provide to investigate differences between machine and human trust, as well as how the technical expressions of trust could be made more usable by applying these methods. The thesis is based on nine publications, which present various possibilities to research trust with user-centric methods. The publications proceed chronologically and logically from the first user interviews about trust, trusting attitudes and behaviours in general to the actual design and usability testing of user interfaces for security applications, finally presenting the outcomes and conclusions of the research. The work also presents a review of relevant previous work in the area, concentrating on work done in the fields of usability and user-centred design. The work is of cross-disciplinary nature, falling into the areas of human-computer interaction, computer science and telecommunications. The ultimate goal of the conducted research has been to find out 1) how trust is to be understood in this context; 2) what methods can be used to gain insight into trust thus defined; and, finally, 3) what means can be used to create trust in the end users in online situations, where trust is needed. The work aims at providing insight into how trust can be studied with the methods provided by user-centred design and usability. Further, it investigates how to take understanding of trust formation in humans into account when attempting to design trust-inducing systems and applications. The work includes an analysis and comparison of the methods used: what kinds of methods to study trust exist in the field of usability and user-centred design. Further, it is evaluated, what kind of results and when can be reached with the different methods available, by applying a variety of these methods. Recommendations for the appropriate application of these methods when studying the various parts of trust is one of the outcomes. The results received with the methods used have also been compared with results received by others by applying alternative methods to the same research questions. On a conceptual level, the work contains an analysis of the concept of trust. It also contains a brief investigation into both technical and humane ways to express trust, with a comparison between the two

Securing military decision making in a network-centric environment

The development of the society and warfare goes hand in hand. With the proliferation of modern information technology, in particular communication technology, concepts such as information warfare and network-centric warfare have emerged. Information has become one of the core elements in military decision making, where the purpose is to gain information superiority with respect to the enemy while denying the enemy from doing the same. Network-centricity comes from the fact that communication networks are used to enable information warfare in the theatre of operations. Thus, the role of the communication network is to support decision making. In this thesis, military decision making in a network-centric environment is analyzed from the perspective of information warfare. Based on the analysis, a set of security requirements are identified. The thesis also proposes a set of solutions and concepts to the vulnerabilities found and analyzes the solutions with respect to the requirements and a set of use scenarios. The main solutions are Packet Level Authentication, which secures the military infrastructure, and Self-healing Networks, which enable the network to restructure itself after a large-scale or dedicated attack. The restructuring process relies on a Context Aware Management architecture, which has originally been developed to allow network nodes to rapidly react to a changing environment. Furthermore, the thesis presents a trust management model based on incomplete trust to cope with compromised nodes. Also privacy issues are discussed; several different privacy classes are identified and the problems with each of them are addressed.reviewe

The role of trust in information integrity protocols

Paradoxically, one of the most important { and at the same time, probably one of the least understood { functions performed by information integrity protocols is to transfer trust from where it exists to where it is needed. Initially in any protocol, there are at least two types of trust: trust that designated participants, or groups of participants, will faithfully execute their assigned function in the protocol and trust in the integrity of the transfer mechanism(s) integral to the protocol. Consequently, almost all protocols enforce a set of restrictions as to who may exercise them { either spelled out explicitly or left implicit in the protocol speci cation. In addition there may be unanticipated or even unacceptable groupings of participants who can also exercise the protocol as a result of actions taken by some of the participants re ecting trusts that exist among them. Formal methods are developed to analyze trust as a fundamental dimension in protocol analysis and proof.