Issue No.01 - Jan.-Feb. (2014 vol.12)
M. Angela Sasse , University College London
Charles C. Palmer , IBM
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2014.11
Usable security is often seen as simply an enabler of good security behavior: if the actions required aren't too difficult or effortful, users will do so. But human-centered design of security means enabling users to make informed security choices. First, their preferred choice needs to be available. Authors of privacy policies should take note here, and service providers need to manage their security issues without burdening legitimate customers (solving CAPTCHAs to prove you are human isn't something a customer would choose to do, ever). Second, we need to accept that users sometimes choose to take risks. Protecting users means giving them an accurate understanding of possible consequences, and the likelihood of them occurring.
Special issues and sections, User centered design, Computer security, Consumer protection,risk, usable security, spear phishing
M. Angela Sasse, Charles C. Palmer, "Protecting You [Guest editors' introduction]", IEEE Security & Privacy, vol.12, no. 1, pp. 11-13, Jan.-Feb. 2014, doi:10.1109/MSP.2014.11