You are not your developer, either: A research agenda for usable security and privacy research beyond end users

Y Acar, S Fahl, ML Mazurek - 2016 IEEE Cybersecurity …, 2016 - ieeexplore.ieee.org
While researchers have developed many tools, techniques, and protocols for improving
software security, exploits and breaches are only becoming more frequent. Some of this gap …

Comparing the usability of cryptographic apis

Y Acar, M Backes, S Fahl, S Garfinkel… - … IEEE Symposium on …, 2017 - ieeexplore.ieee.org
Potentially dangerous cryptography errors are well-documented in many applications.
Conventional wisdom suggests that many of these errors are caused by cryptographic …

SoK: secure messaging

N Unger, S Dechand, J Bonneau, S Fahl… - … IEEE Symposium on …, 2015 - ieeexplore.ieee.org
Motivated by recent revelations of widespread state surveillance of personal communication,
many solutions now claim to offer secure and private messaging. This includes both a large …

" If HTTPS Were Secure, I Wouldn't Need 2FA"-End User and Administrator Mental Models of HTTPS

K Krombholz, K Busse, K Pfeffer… - … IEEE Symposium on …, 2019 - ieeexplore.ieee.org
HTTPS is one of the most important protocols used to secure communication and is,
fortunately, becoming more pervasive. However, especially the long tail of websites is still …

A secure data deduplication scheme for cloud storage

J Stanek, A Sorniotti, E Androulaki, L Kencl - Financial Cryptography and …, 2014 - Springer
As more corporate and private users outsource their data to cloud storage providers, recent
data breach incidents make end-to-end encryption an increasingly prominent requirement …

Security developer studies with {GitHub} users: Exploring a convenience sample

Y Acar, C Stransky, D Wermke, ML Mazurek… - … Symposium on Usable …, 2017 - usenix.org
The usable security community is increasingly considering how to improve security decision-
making not only for end users, but also for information technology professionals, including …

Signing in four public software package registries: Quantity, quality, and influencing factors

TR Schorlemmer, KG Kalu, L Chigges… - … IEEE Symposium on …, 2024 - ieeexplore.ieee.org
Many software applications incorporate open-source third-party packages distributed by
public package registries. Guaranteeing authorship along this supply chain is a challenge …

An empirical study of a decentralized identity wallet: Usability, security, and perspectives on user control

M Korir, S Parkin, P Dunphy - … symposium on usable privacy and security …, 2022 - usenix.org
User-centric digital identity initiatives are emerging with a mission to shift control over online
identity disclosures to the individual. However, there is little representation of prospective …

Why Johnny still, still can't encrypt: Evaluating the usability of a modern PGP client

S Ruoti, J Andersen, D Zappala, K Seamons - arxiv preprint arxiv …, 2015 - arxiv.org
This paper presents the results of a laboratory study involving Mailvelope, a modern PGP
client that integrates tightly with existing webmail providers. In our study, we brought in pairs …

Why doesn't Jane protect her privacy?

K Renaud, M Volkamer… - … Symposium, PETS 2014 …, 2014 - Springer
End-to-end encryption has been heralded by privacy and security researchers as an
effective defence against dragnet surveillance, but there is no evidence of widespread end …