The security cost of cheap user interaction

Rainer Böhme, Jens Grossklags

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

39 Scopus citations

Abstract

Human attention is a scarce resource, and lack thereof can cause severe security breaches. As most security techniques rely on considerate human intervention in one way or another, this resource should be consumed economically. In this context, we postulate the view that every false alarm or unnecessary user interaction imposes a negative externality on all other potential consumers of this chunk of attention. The paper identifies incentive problems that stimulate overconsumption of human attention in security applications. It further outlines a lump-of-attention model, devised against the backdrop of established theories in the behavioral sciences, and discusses incentive mechanisms to fix the misallocation problem in security notification, for instance the idea of a Pigovian tax on attention consumption.

Original languageEnglish
Title of host publicationNSPW'11 - Proceedings of the 2011 New Security Paradigms Workshop
Pages67-82
Number of pages16
DOIs
StatePublished - 2011
Externally publishedYes
Event2011 New Security Paradigms Workshop, NSPW'11 - Marin County, CA, United States
Duration: 12 Sep 201115 Sep 2011

Publication series

NameProceedings New Security Paradigms Workshop

Conference

Conference2011 New Security Paradigms Workshop, NSPW'11
Country/TerritoryUnited States
CityMarin County, CA
Period12/09/1115/09/11

Keywords

  • HCI
  • attention economics
  • bounded rationality
  • interdisciplinary security and privacy
  • notice and consent
  • policy
  • security economics
  • security warnings
  • usable security

Fingerprint

Dive into the research topics of 'The security cost of cheap user interaction'. Together they form a unique fingerprint.

Cite this