Title :
Heuristics and Biases: Implications for Security Design
Author :
Garg, Vaibhav ; Camp, Joseph
Author_Institution :
Sch. of Inf. & Comput., Indiana Univ., Bloomington, IN, USA
Abstract :
Failures of security technology are often attributed to individual fault. The lack of adoption of privacy enhancing technologies is explained as a societal failure, i.e., that people don´t care. Security designers consider the individual user to be rational, certain, and self-optimizing. Thus, academic and practitioner efforts have focused on incentive alignment and education. But even the effectiveness of initiatives such as security education can be improved if well-known human decision heuristics are taken as initial inputs to improve technical solutions, rather than sources of failure to be bemoaned.
Keywords :
computer science education; data privacy; education; human decision heuristics; incentive alignment; privacy enhancing technology; security design; security education; security technology; societal failure; technical solution; Computer security; Decision making; Heuristic algorithms; Human factors; Network security; Privacy; Security;
Journal_Title :
Technology and Society Magazine, IEEE
DOI :
10.1109/MTS.2013.2241294
