Recently, malicious computer users have been compromising computers en masse and combining them to form coordinated botnets. The rise of botnets has brought the problem of home computers to the forefront of security. Home computer users commonly have insecure systems; these users do not have the knowledge, experience, and skills necessary to maintain a secure system. I take steps toward designing a socio-technical system that will hopefully help home computer users make better security decisions. Designing such a system requires additional knowledge before a successful system can be developed.
First, more information is needed about the knowledge and skills that home computer users currently possess. I conducted an interview study of home computer users and identified eight distinct mental models of security threats; four are models of “viruses,” and four are models of “hackers.” The respondents in this study use the models to decide which security precautions should be used and which can be ignored.
Second, to share information, users need an incentive to exert the time and effort required for sharing. I describe two mechanisms that can be used in social computing systems to encourage contribution. I illustrate the first mechanism, the side effect mechanism, by describing how it is used in a popular social bookmarking website. I also illustrate a design feature that is important when applying this mechanism: incentive alignment. The second mechanism that I describe is technically simple: set a minimum threshold and exclude users who don’t contribute enough. I develop a theory of how users are likely to respond to such a mechanism and use that theory to characterize when such a mechanism should be used.
Finally, I bring all of these findings together to suggest some preliminary design features for a socio-technical security system to help home computer users. While there are many unanswered questions, these design features can serve as a starting point for future work in the area.
Download: PDF
Recently, malicioucomputer users have been compromising computers en masse and combining them to form coordinated botnets. The rise of botnets has brought the problem of home computers to the forefront of security. Home computer users commonly have insecure systems; these users do not have the knowledge, experience, and skills necessary to maintain a secure system. I take steps toward designing a socio-technical system that will hopefully help home computer users make better security decisions. Designing such a system requires additional knowledge before a successful system can be developed.
First, more information is needed about the knowledge and skills that home computer users currently possess. I conducted an interview study of home computer users and identified eight distinct mental models of security threats; four are models of “viruses,” and four are models of “hackers.” The respondents in this study use the models to decide which security precautions should be used and which can be ignored.
Second, to share information, users need an incentive to exert the time and effort required for sharing. I describe two mechanisms that can be used in social computing systems to encourage contribution. I illustrate the first mechanism, the side effect mechanism, by describing how it is used in a popular social bookmarking website. I also illustrate a design feature that is important when applying this mechanism: incentive alignment. The second mechanism that I describe is technically simple: set a minimum threshold and exclude users who don’t contribute enough. I develop a theory of how users are likely to respond to such a mechanism and use that theory to characterize when such a mechanism should be used.
Finally, I bring all of these findings together to suggest some preliminary design features for a socio-technical security system to help home computer users. While there are many unanswered questions, these design features can serve as a starting point for future work in the are
By Emilee Rader and Rick Wash
Collaborative tagging systems have the potential to produce socially constructed information organization schemes. The effectiveness of tags for finding and re-finding information depends upon how individual users choose tags; however, influences on users’ tag choices are poorly understood. We quantitatively test competing hypotheses from the literature concerning these choices, using data from del.icio.us (a collaborative tagging system for organizing web bookmarks) and a computer model of possible tag choice strategies. We find evidence that users choose tags in a pattern consistent with personal information management goals, rather than as a result of social influence.
Emilee Rader and Rick Wash. “Influences on Tag Choices in del.icio.us,” Proceedings of Computer Supported Cooperative Work (CSCW), November 2008
Download: PDF (Appendix)
By Rick Wash and Emilee Rader
Users of social computing websites are both producers and consumers of the information found on the site. This creates a novel problem for web-based software applications: how can website designers induce users to produce information that is useful for others? We study this question by interviewing users of the social bookmarking website del.icio.us. We find that for the users in our sample, metadata reflecting who bookmarked a webpage better supports information seeking than free-form keyword metadata (tags). We explain this finding by describing differences in the way that the design of del.icio.us motivates users to contribute by providing personal benefits for bookmarking and tagging.
Rick Wash and Emilee Rader. “Public Bookmarks and Private Benefits: An Analysis of Incentives in Social Computing,“ Proceedings of the ASIS&T Annual Meeting. December 2007
Download: PDF
