The Department of Computer Science at the University of Cyprus cordially invites you to the PhD Defense entitled:
Adaptive Usable Security: Personalizing User Authentication and CAPTCHA based on Individual Differences in Cognitive Processing
Speaker: Marios Belk
Human-computer interaction is nowadays shifting from traditional desktop computers and standalone applications towards mobile computing devices and cloud-based oriented applications and services, mainly triggered by developments in network communication technologies. Within this realm, security issues of interactive systems are gaining more than ever the attention not only from a technical and security perspective but also from the user’s point of view. The security community has come to understand the critical importance of usable security, which is primarily focused on designing secure systems that people can use. The predominant user security interactions over the World Wide Web are commonly related to user authentication and CAPTCHA mechanisms. Design and development of user authentication and CAPTCHA represents a cross-roads priority problem, between security and usability, which emerge from contradictory requirements posed by different stakeholders, inherent to the function and purpose of each security mechanism. On the one hand, security experts increase continuously the security levels of user authentication and CAPTCHA, while on the other, end-users demand transparent, adaptable and user-friendly solutions. In parallel, service providers together with user experience experts, try to find a viable equilibrium among security and usability in order to increase the acceptability of services and applications. In this context, research on these security mechanisms has received significant attention lately, aiming to offer high security standards and at the same time to maintain a seamless interaction for the legitimate users. Currently, deployment of user authentication and CAPTCHA mechanisms follow a “one-size-fits-all” paradigm. The same type of text-based password and text-recognition CAPTCHA is communicated to all users neglecting the fact that users have different cultural and cognitive backgrounds, and interact in different contexts of use. Bearing in mind that human-computer interactions with regard to user authentication and CAPTCHA mechanisms are in principal cognitive tasks that embrace perception, recognition, remembering and reasoning, this research work builds on the promise that human cognitive factors offer a widely ignored but very strategical perspective for examining user authentication and CAPTCHA tasks framed by theories of individual differences in human cognitive processing. Henceforth, this work attempts to revisit the definition of usable security by advocating an alternative approach which is driven by research in the intersection of User Modeling, Adaptation and Personalization, and Individual Differences. Main focus is to personalize and improve the usability of user interactions in authentication and CAPTCHA according to the unique cognitive processing characteristics of users. The high-level objectives of the thesis are: (i) Investigate the effects of human cognitive factors on user preference and task performance of different user authentication and CAPTCHA mechanisms, supported by a number of ecological valid user studies, and quantitative and qualitative metrics; (ii) propose a formalization of a cognitive factor-based user model and an adaptation engine for personalizing user authentication and CAPTCHA tasks on design type and complexity; and (iii) propose PAC (Personalized Authentication and CAPTCHA), a personalization framework that recommends the “best-fit” decision based on the aforementioned formalizations. We envision that this thesis will have primarily an effect on the existing state-of-the-art research in usable security regarding future deployment of related mechanisms, and positively impact E-Services and applications, since more usable security interactions, in less misuse and support costs, contribute to a more positive user acceptance and experience for almost all citizens.
Marios Belk is a Ph.D. candidate at the Department of Computer Science under the supervision of Professor George Samaras, and a member of the DMAC Laboratory at the University of Cyprus. He completed his B.Sc. and M.Sc. degrees in the same department in 2007 and 2009, respectively. Recently he was appointed as a Marie Curie research fellow at IDMind Systems Engineering in Lisbon, Portugal. His research interests span the areas of Human-Computer Interaction, Web Personalization and Usable Security. His Ph.D. work has been published in accredited scientific journals and conferences, such as Elsevier Journal of Human-Computer Studies, Elsevier Journal of Systems and Software, OUP Interacting with Computers Journal, ACM CHI, Springer UMAP, IFIP INTERACT, and IEEE Web Intelligence. His publications include a best paper award at the Springer SouthCHI 2013 conference and a best paper award nomination at the Springer UMAP 2014 conference.
|Other Presentations Web: https://www.cs.ucy.ac.cy/colloquium/presentations.php|
|Colloquia Web: https://www.cs.ucy.ac.cy/colloquium/|