CISPA
Browse

File(s) not publicly available

A Systematic Literature Review of Empirical Methods and Risk Representation in Usable Privacy and Security Research

journal contribution
posted on 2023-11-29, 18:06 authored by Verena Distler, Matthias FasslMatthias Fassl, Hana Habib, Katharina KrombholzKatharina Krombholz, Gabriele Lenzini, Carine Lallemand, Lorrie Faith Cranor, Vincent Koenig
Usable privacy and security researchers have developed a variety of approaches to represent risk to research participants. To understand how these approaches are used and when each might be most appropriate, we conducted a systematic literature review of methods used in security and privacy studies with human participants. From a sample of 633 papers published at five top conferences between 2014 and 2018 that included keywords related to both security/privacy and usability, we systematically selected and analyzed 284 full-length papers that included human subjects studies. Our analysis focused on study methods; risk representation; the use of prototypes, scenarios, and educational intervention; the use of deception to simulate risk; and types of participants. We discuss benefits and shortcomings of the methods, and identify key methodological, ethical, and research challenges when representing and assessing security and privacy risk. We also provide guidelines for the reporting of user studies in security and privacy.

History

Preferred Citation

Verena Distler, Matthias Fassl, Hana Habib, Katharina Krombholz, Gabriele Lenzini, Carine Lallemand, Lorrie Cranor and Vincent Koenig. A Systematic Literature Review of Empirical Methods and Risk Representation in Usable Privacy and Security Research. In: ACM Transactions on Computer-Human Interaction. 2021.

Primary Research Area

  • Empirical and Behavioral Security

Legacy Posted Date

2021-12-24

Journal

ACM Transactions on Computer-Human Interaction

Pages

1 - 50

Open Access Type

  • Gold

Sub Type

  • Article

BibTeX

@article{cispa_all_3565, title = "A Systematic Literature Review of Empirical Methods and Risk Representation in Usable Privacy and Security Research", author = "Distler, Verena and Fassl, Matthias and Habib, Hana and Krombholz, Katharina and Lenzini, Gabriele and Lallemand, Carine and Cranor, Lorrie Faith and Koenig, Vincent", journal="{ACM Transactions on Computer-Human Interaction}", year="2021", }

Usage metrics

    Categories

    No categories selected

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC