Ignore These At Your Peril: Ten principles for trust design

Online trust has been discussed for more than 10 years, yet little practical guidance has emerged that has proven to be applicable across contexts or useful in the long run. 'Trustworthy UI design guidelines' created in the late 90ies to address the then big question of online trust: how to get shoppers online, are now happily employed by people preparing phishing scams. In this paper we summarize, in practical terms, a conceptual framework for online trust we've established in 2005. Because of its abstract nature it is still useful as a lens through which to view the current big questions of the online trust debate - large focused on usable security and phishing attacks. We then deduct practical 10 rules for providing effective trust support to help practitioners and researchers of usable security

The mechanics of trust: a framework for research and design

With an increasing number of technologies supporting transactions over distance and replacing traditional forms of interaction, designing for trust in mediated interactions has become a key concern for researchers in human computer interaction (HCI). While much of this research focuses on increasing users’ trust, we present a framework that shifts the perspective towards factors that support trustworthy behavior. In a second step, we analyze how the presence of these factors can be signalled. We argue that it is essential to take a systemic perspective for enabling well-placed trust and trustworthy behavior in the long term. For our analysis we draw on relevant research from sociology, economics, and psychology, as well as HCI. We identify contextual properties (motivation based on temporal, social, and institutional embeddedness) and the actor's intrinsic properties (ability, and motivation based on internalized norms and benevolence) that form the basis of trustworthy behavior. Our analysis provides a frame of reference for the design of studies on trust in technology-mediated interactions, as well as a guide for identifying trust requirements in design processes. We demonstrate the application of the framework in three scenarios: call centre interactions, B2C e-commerce, and voice-enabled on-line gaming

Gate-capacitance extraction from RF C-V measurements

In this work, a full two-port analysis of an RF C-V measurement set-up is given. This two-port analysis gives insight on the limitations of the commonly used gate capacitance extraction, based on the Y/sub 11/ parameter of the device. It is shown that the parasitics of the device can disturb the extracted gate capacitance and a new extraction scheme, based on the Z-matrix, is introduced that eliminates the effect of these parasitics. Measurement results prove the validity of this new extraction scheme, under different conditions

Depending on the Kindness of Strangers? Trust Relationships in Ambient Societies

The vision of the ambient society relies on the constant exchange of personal information among multiple devices, individuals and organisations. The high number of microtrust decisions required in such a scenario calls for automated trust management. In this paper we discuss a set of contextual properties of transactions that ensure trust and trustworthy action in everyday situation and suggest how they can be incorporated in trust management for ambient technologies. We identify institutions, repeated interactions and reputation as contextual properties that support cooperation. We then discuss the limitations and risks of assuring cooperation based on contextual properties alone. Firstly, a subjective assessment of personal properties (e.g.benevolence and integrity) also forms an important basis for trust in others. Furthermore trust based on contextual properties is hard to establish in the case of vague outcomes, and multi-dimensional risks. Finally, establishing one’s own trustworthiness requires giving access to personal information. Ambient technologies must also allow individuals to remain untrusted but private

Transmission of primary resistance mutation K103N in a cluster of Belgian young patients from different risk groups

Background: We analysed the distribution of an HIV-1 subtype B strain resistant to efavirenz and nevirapine among incident infections in the Belgian population. Method: The Belgian AIDS reference laboratories searched their databases for HIV-1 subtype B sequences harbouring the K103N mutation in the reverse transcriptase (RT) or the C67S and V77I mutations in the protease (PR). We included the earliest RT sequence available of drug-naïve patients as well as sequences related to treatment failure. Fifty sequences were aligned omitting the codon 103 and submitted to phylogenetic analysis. Epidemiological data were collected through the Institute of Public Health national database. In addition, three sequences from the cluster were analysed by deep sequencing using the Roche GS Junior platform. Results: Phylogenetic analysis revealed the presence of a 24 virus sequences cluster. All except one of those sequences resulted from patients who were ARV-naïve at the time of sampling, and 21 had the K103N mutation. Two thirds of the clustered patients were infected through homosexual or bisexual contacts while the others were heterosexuals. No case was related to migrants contaminated abroad. Fifteen of the clustered patients were diagnosed between January 2011 and June 2012; 87% of them were aged between 20 and 29 at the time of diagnosis. Interestingly, 60% of them reside in the province of Namur. Deep sequencing analysis of 3 individuals sampled near seroconversion revealed no other resistance mutations at a frequency > 1% than those already picked up by Sanger sequencing (RT A98S, K103N; PR V77I), except the RT V90I. Conclusion: We identified a transmission cluster of drug resistant HIV-1 variants mainly including homo- and heterosexual young adults. Most individuals are of Belgian origin and are living around the city of Namur (Belgium). The K103N mutation had no apparent impact on transmission fitness as its spread raised during the last years. These observations may impact on local prevention and ARV prophylaxis strategies

Rebooting IT Security Awareness – How Organisations Can Encourage and Sustain Secure Behaviours

Most organisations are using online security awareness training and simulated phishing attacks to encourage their employees to behave securely. Buying off-the-shelf training packages and making it mandatory for all employees to complete them is easy, and satisfies most regulatory and audit requirements, but does not lead to secure behaviour becoming a routine. In this paper, we identify the additional steps employees must go through to develop secure routines, and the blockers that stop a new behaviour from becoming a routine. Our key message is: security awareness as we know it is only the first step; organisations who want employees have to do more to smooth the path: they have to ensure that secure behaviour is feasible, and support their staff through the stages of the Security Behaviour Curve – concordance, self-efficacy, and embedding – for secure behaviour to become a routine. We provide examples of those organisational activities, and specific recommendations to different organisational stakeholders

A two-way interactive broadband satellite architecture to break the digital divide barrier

September 24-26, 2007, Turin, Ital

TV-Centric technologies to provide remote areas with two-way satellite broadband access

October 1-2, 2007, Rome, Italy TV-Centric Technologies To Provide Remote Areas With Two-Way Satellite Broadband Acces

Trust economics feasibility study

We believe that enterprises and other organisations currently lack sophisticated methods and tools to determine if and how IT changes should be introduced in an organisation, such that objective, measurable goals are met. This is especially true when dealing with security-related IT decisions. We report on a feasibility study, Trust Economics, conducted to demonstrate that such methodology can be developed. Assuming a deep understanding of the IT involved, the main components of our trust economics approach are: (i) assess the economic or financial impact of IT security solutions; (ii) determine how humans interact with or respond to IT security solutions; (iii) based on above, use probabilistic and stochastic modelling tools to analyse the consequences of IT security decisions. In the feasibility study we apply the trust economics methodology to address how enterprises should protect themselves against accidental or malicious misuse of USB memory sticks, an acute problem in many industries