Abstract
Human attention is a scarce resource, and lack thereof can cause severe security breaches. As most security techniques rely on considerate human intervention in one way or another, this resource should be consumed economically. In this context, we postulate the view that every false alarm or unnecessary user interaction imposes a negative externality on all other potential consumers of this chunk of attention. The paper identifies incentive problems that stimulate overconsumption of human attention in security applications. It further outlines a lump-of-attention model, devised against the backdrop of established theories in the behavioral sciences, and discusses incentive mechanisms to fix the misallocation problem in security notification, for instance the idea of a Pigovian tax on attention consumption.
Original language | English (US) |
---|---|
Title of host publication | NSPW'11 - Proceedings of the 2011 New Security Paradigms Workshop |
Pages | 67-82 |
Number of pages | 16 |
DOIs | |
State | Published - Dec 1 2011 |
Event | 2011 New Security Paradigms Workshop, NSPW'11 - Marin County, CA, United States Duration: Sep 12 2011 → Sep 15 2011 |
Publication series
Name | Proceedings New Security Paradigms Workshop |
---|
Other
Other | 2011 New Security Paradigms Workshop, NSPW'11 |
---|---|
Country | United States |
City | Marin County, CA |
Period | 9/12/11 → 9/15/11 |
Fingerprint
All Science Journal Classification (ASJC) codes
- Safety, Risk, Reliability and Quality
- Hardware and Architecture
- Software
- Information Systems
Cite this
}
The security cost of cheap user interaction. / Böhme, Rainer; Grossklags, Jens.
NSPW'11 - Proceedings of the 2011 New Security Paradigms Workshop. 2011. p. 67-82 (Proceedings New Security Paradigms Workshop).Research output: Chapter in Book/Report/Conference proceeding › Conference contribution
TY - GEN
T1 - The security cost of cheap user interaction
AU - Böhme, Rainer
AU - Grossklags, Jens
PY - 2011/12/1
Y1 - 2011/12/1
N2 - Human attention is a scarce resource, and lack thereof can cause severe security breaches. As most security techniques rely on considerate human intervention in one way or another, this resource should be consumed economically. In this context, we postulate the view that every false alarm or unnecessary user interaction imposes a negative externality on all other potential consumers of this chunk of attention. The paper identifies incentive problems that stimulate overconsumption of human attention in security applications. It further outlines a lump-of-attention model, devised against the backdrop of established theories in the behavioral sciences, and discusses incentive mechanisms to fix the misallocation problem in security notification, for instance the idea of a Pigovian tax on attention consumption.
AB - Human attention is a scarce resource, and lack thereof can cause severe security breaches. As most security techniques rely on considerate human intervention in one way or another, this resource should be consumed economically. In this context, we postulate the view that every false alarm or unnecessary user interaction imposes a negative externality on all other potential consumers of this chunk of attention. The paper identifies incentive problems that stimulate overconsumption of human attention in security applications. It further outlines a lump-of-attention model, devised against the backdrop of established theories in the behavioral sciences, and discusses incentive mechanisms to fix the misallocation problem in security notification, for instance the idea of a Pigovian tax on attention consumption.
UR - http://www.scopus.com/inward/record.url?scp=84855681364&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84855681364&partnerID=8YFLogxK
U2 - 10.1145/2073276.2073284
DO - 10.1145/2073276.2073284
M3 - Conference contribution
AN - SCOPUS:84855681364
SN - 9781450310789
T3 - Proceedings New Security Paradigms Workshop
SP - 67
EP - 82
BT - NSPW'11 - Proceedings of the 2011 New Security Paradigms Workshop
ER -