Can Declared Strategy Voting be an Effective Instrument for Group Decision-Making?

The goal of this research is to determine whether declared strategy voting can be an effective tool for group decision-making. Declared strategy voting is a novel group decision-making procedure in which preference is specified using voting strategies - first-order mathematical functions that specify a choice in terms of zero or more parameters. This research will focus on refining the declared strategy voting concept, developing an accessible implementation of declared strategy voting that can be used for mock elections, assessing the potential impacts of declared strategy voting, and evaluating the effectiveness of declared strategy voting for group decision-making. This proposal describes the signifcance of this research, preliminary studies, and proposed methodology for the remainder of this project

A framework for reasoning about the human in the loop

Many secure systems rely on a \u27human in the loop\u27 to perform security-critical functions. However, humans often fail in their security roles. Whenever possible, secure system designers should find ways of keeping humans out of the loop. However, there are some tasks for which feasible or cost effective alternatives to humans are not available. In these cases secure system designers should engineer their systems to support the humans in the loop and maximize their chances of performing their security-critical functions successfully. This paper proposes a framework for reasoning about the human in the loop that provides a systematic approach to identifying potential causes for human failure. This framework can be used by system designers to identify problem areas before a system is built and proactively address deficiencies. System operators can also use this framework to analyze the root cause of security failures that have been attributed to \u27human error.\u27 Examples are provided to illustrate the applicability of this framework to a variety of secure systems design problems, including anti-phishing warnings and password policies

Privacy Perceptions and Behaviors of Google Personal Account Holders in Saudi Arabia

While privacy perceptions and behaviors have been investigated in Western societies, little is known about these issues in non-Western societies. To bridge this gap, we interviewed 30 Google personal account holders in Saudi Arabia about their privacy perceptions (awareness, attitudes, preferences, and concerns) regarding the activity data that Google saves about them, as well as any steps they take to control Google's collection or use of this data. Our study focuses on Google's Activity Controls, which enable users to control whether, and how, Google saves their Web & App Activity, Location History, and YouTube History. Our results show that although most participants have some level of awareness about Google's data practices and the Activity Controls, many have only vague awareness, and the majority have not used the available controls. When participants viewed their saved activity data, many were surprised by what had been saved. While many participants find Google's use of their data to improve the services provided to them acceptable, the majority find the use of their data for ad purposes unacceptable. We observe that our Saudi participants exhibit similar trends and patterns in privacy awareness, attitudes, preferences, concerns, and behaviors to what has been found in studies in the US. However, our study is not a replication of any of the US studies, and further research is needed to directly compare US and Saudi participants. Our results emphasize the need for: (1) improved techniques to inform users about privacy settings during account sign-up, to remind users about their settings, and to raise awareness about privacy settings; (2) improved privacy setting interfaces to reduce the costs that deter many users from changing the settings; and (3) further research to explore privacy concerns in non-Western cultures

Design and Implementation of a Practical Security-Conscious Electronic Polling System

We present the design and implementation of Sensus, a practical, secure and private system for conducting surveys and elections over computer networks. Expanding on the work of Fujioka, Okamoto, and Ohta, Sensus uses blind signatures to ensure that only registered voters can vote and that each registered voter only votes once, while at the same time maintaining voters\u27 privacy. Sensus allows voters to verify independently that their votes were counted correctly, and anonymously challenge the results should their votes be miscounted. We outline seven desirable properties of voting systems and show that Sensus satisfied these properties well, in some cases better than traditional voting systems