Dartmouth logo Dartmouth College Computer Science
Technical Report series
CS home
TR home
TR search TR listserv
By author: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
By number: 2017, 2016, 2015, 2014, 2013, 2012, 2011, 2010, 2009, 2008, 2007, 2006, 2005, 2004, 2003, 2002, 2001, 2000, 1999, 1998, 1997, 1996, 1995, 1994, 1993, 1992, 1991, 1990, 1989, 1988, 1987, 1986

The Effects of Introspection on Computer Security Policies
Stephanie A. Trudeau
Dartmouth TR2009-652

Abstract:

What does it mean to be an expert? And what makes an expert more capable than a non-expert when it comes to evaluating and articulating their impressions about something as commonly practiced as food tasting? How do we explain those behaviors that humans perform very well, but don't quite know why? Studies have shown that there exists a class of activities that we as humans execute well intuitively, but that we perform much worse upon introspection. Evidence supports the claim that the act of introspection actually causes us to do more poorly at these tasks.

My goal is to apply this idea to computer security. At present, designs for most security policy interfaces leave much to be desired. This lack of usability leaves these systems in need of improvement, possibly causing users to become more vulnerable than they otherwise would have. My research includes a user study on the privacy policies of the interface for a social networking website similar to Facebook. Evidence from the study supports the claim that the act of introspecting upon one's personal security policy actually makes one worse at making policy decisions.

Note: Senior Honors Thesis. Advisor: Sean Smith, Scout Sinclair.


PDF PDF (40924KB)

Bibliographic citation for this report: [plain text] [BIB] [BibTeX] [Refer]

Or copy and paste:
   Stephanie A. Trudeau, "The Effects of Introspection on Computer Security Policies." Dartmouth Computer Science Technical Report TR2009-652, June 2009.


Notify me about new tech reports.

Search the technical reports.

To receive paper copy of a report, by mail, send your address and the TR number to reports AT cs.dartmouth.edu


Copyright notice: The documents contained in this server are included by the contributing authors as a means to ensure timely dissemination of scholarly and technical work on a non-commercial basis. Copyright and all rights therein are maintained by the authors or by other copyright holders, notwithstanding that they have offered their works here electronically. It is understood that all persons copying this information will adhere to the terms and constraints invoked by each author's copyright. These works may not be reposted without the explicit permission of the copyright holder.

Technical reports collection maintained by David Kotz.