While Working Around Security

Publication: ResearchPh.D. thesis

Documents

  • Niels Raabjerg Mathiasen
    Niels Raabjerg MathiasenDenmark
Users of technology encounter various IT security mechanisms in their everyday
lives. If these mechanisms fail to support everyday activities, they either
get in the way, or the users find a way to work around them. Even though
users manage to carry out everyday activities by using substandard IT security
mechanisms or via workarounds, it will influence their experience of security.
If researchers and designers only focus on IT security artifacts and fail to take
the user experience into account, incorrect processes or workarounds will occur.
Accordingly, to get users to follow the correct process may seem to be a
criterion of success, even though it may yield a less appropriate experience of
security.
This dissertation deals with an improved understanding of IT security sensitive
IT artifacts and presents three design methods, and a framework for addressing
the complexities and contingencies of security experiences in design.
The methods: Mobile probing, Prompted exploration workshops, and Acting
out security involve potential future users in the process of designing IT security
sensitive IT artifacts. Mobile probing collects narratives of user encounters
with IT security. Prompted exploration workshops present the users with
seven themes and involve them in the design of IT security sensitive IT artifacts.
Acting out security lets users try out prototypes in situations where
security handling is infrequent and quick. All three methods have been developed
and deployed as an integral part of a research through design process.
An everyday mobile digital signature solution has been designed, and the design
problem, the design process, and the design results are presented in this
dissertation.
Several of my empirical findings show that the way users experience security
does matter. Users’ experiences of security influence the way they make
sense of, assess, and handle IT security mechanisms. Moreover, I studied cases
in which the users handled IT security sensitive technology in a secure way,
but still had unwanted experiences of security. Through the developed design
methods I was able to activate and access study participants’ prior experiences
of making sense of IT security sensitive technology. Moreover, the methods
helped clarify users’ immediate experience in an encounter with IT security
sensitive technology. The findings were integrated into the design of a digital
signature solution, and in this process I developed a framework for structuring
empirical findings for the design of IT security sensitive IT artifacts.
Original languageEnglish
Publication year2012
PublisherDepartment of Computer Science, Aarhus University
Number of pages190
StatePublished

Note re. dissertation

Supervisor: Susanne Bødker

See relations at Aarhus University Citationformats

Download statistics

No data available

ID: 36063146

Aarhus University
Nordre Ringgade 1
DK-8000 Aarhus C

Email: au@au.dk
Tel: +45 8715 0000
Fax: +45 8715 0201

CVR no: 31119103

AU on social media
Facebook
LinkedIn
Twitter
YouTube