Logo des Repositoriums

Auflistung nach Autor:in "Zimmermann, Verena"

1 - 9 von 9
  • Zeitschriftenartikel
    Assessing Users’ Privacy and Security Concerns of Smart Home Technologies
    (i-com: Vol. 18, No. 3, 2019) Zimmermann, Verena; Gerber, Paul; Marky, Karola; Böck, Leon; Kirchbuchner, Florian
    Smart Home technologies have the potential to increase the quality of life, home security and facilitate elderly care. Therefore, they require access to a plethora of data about the users’ homes and private lives. Resulting security and privacy concerns form a relevant barrier to adopting this promising technology. Aiming to support end users’ informed decision-making through addressing the concerns we first conducted semi-structured interviews with 42 potential and little-experienced Smart Home users. Their diverse concerns were clustered into four themes that center around attacks on Smart Home data and devices, the perceived loss of control, the trade-off between functionality and security, and user-centric concerns as compared to concerns on a societal level. Second, we discuss measures to address the four themes from an interdisciplinary perspective. The paper concludes with recommendations for addressing user concerns and for supporting developers in designing user-centered Smart Home technologies.
  • Workshopbeitrag
    Evaluating a Smart Car Interface in Terms of Usability, User Experience and User Acceptance
    (Mensch und Computer 2021 - Workshopband, 2021) Avramidis, Mario; Kellner, Christiane; Staudt, Josefine; Zimmermann, Verena; Gerber, Nina
    Although the automation of cars aims to facilitate driving, current systems still rely on the driver for handling critical driving situations. As long as fully automatic systems are not available, the driver has to be supported in the take-over maneuver. We thus propose an interface that relies on auditory and visual signals to support the take-over process. Our interface further provides assistance for driving in poor visibility conditions, such as bad weather or darkness, by highlighting other traffic participants and lane boundaries. An online evaluation of our interface with 22 participants indicates a good usability, user experience, and acceptance.
  • Konferenzbeitrag
    ‘Home, Smart Home’ – Exploring End Users’ Mental Models of Smart Homes
    (Mensch und Computer 2018 - Workshopband, 2018) Zimmermann, Verena; Bennighof, Merve; Edel, Miriam; Hofmann, Oliver; Jung, Judith; von Wick, Melina
    Smart Home technologies are increasingly available for private households. Still, the level of acceptance varies among potential users. Possible reasons include a lack of knowledge and negative user perceptions, e.g. in terms of privacy and security. To support researchers and practitioners in designing Smart Home technologies that align with the users’ needs and expectations the mental models of 42 potential Smart Home users were examined using a semi-structured interview approach. The results revealed that the users’ understanding of Smart Homes was rather superficial. The use cases and benefits reflected the options currently available for sale, such as automated heating and lighting. Nearly all users doubted that their data was secure within a Smart Home. However, the scenarios described often included remote control of the Smart Home and thus a transfer of the data to the internet. Hence, future work could ex-plore options to increase Smart Home security by e.g. limiting internet access to certain user-defined scenarios.
  • Konferenzbeitrag
    Promoting Secure Email Communication and Authentication
    (Mensch und Computer 2017 - Workshopband, 2017) Zimmermann, Verena; Henhapl, Birgit; Gerber, Nina; Enzmann, Matthias
    Nowadays, the possibility to communicate securely is crucial for users in the private as well as in the business context. However, to do so they have to face problems regarding mismatching mental models of encryption and bad usability not only concerning the encryption, but also the authentication process. To solve this problem, we evaluate users’ perception on encryption and authentication schemes in order to (1) derive a process, which is more in line with their expectations and (2) use authentication schemes which provide security but also achieve a high acceptance rate from users. We plan to integrate our findings into a prototypical software in order to evaluate users’ acceptance for our technical approach.
  • Workshopbeitrag
    Safe AND Secure Infrastructures? - Studying Human Aspects of Safety and Security Incidents with Experts from both Domains
    (Mensch und Computer 2023 - Workshopband, 2023) Zimmermann, Verena; Haunschild, Jasmin; Stöver, Alina; Gerber, Nina
    In today’s digitalized and interconnected world, the traditionally distinct concepts security and safety are increasingly intertwined. For example, a cyber attack on a hospital can negatively impact the patients’ physical safety. Thus, security research and practice should consider these interactions. To explore human-related challenges at the intersection of safety and security, we conducted three focus group workshops with N= 16 experts from both domains. We introduced two scenarios leading to a power outage, one with a safety-related cause (snow storm) and one with a security-related cause (cyber attack). The experts discussed interactions, differences and parallels in coping with the scenarios. Additionally, potential solutions for building response capacity by including volunteers were explored. The findings indicate similar consequences resulting from the safety- vs. security-related incidents. However, the experts identified relevant differences in the challenges preparing for and coping with the scenarios. While security-related challenges included the incalculable time horizon, impact and cascading effects as well as lack of emergency plans and training, safety challengesmainly concerned accessibility of the affected area. The implications for future work are discussed.
  • Konferenzbeitrag
    Security vs. privacy? User preferences regarding text passwords and biometric authentication
    (Mensch und Computer 2017 - Workshopband, 2017) Gerber, Nina; Zimmermann, Verena
    Although text passwords suffer from several flaws, they are still wide-spread. Biometric authentication schemes are one possible alternative.However, previous study results suggest there might be two user groups preferring either knowledge-based or biometric authentication, due to different reasons. We conducted an online survey with 95 German participants to test this assumption. Our results provide evidence for the existence of two user groups, with preferences varying between different usage scenarios. Main reasons named for both methods are efficiency, security and habit, whereas privacy is another advantage provided by text passwords. Service providers should consider this diverging preferences in their decision to implement a particular authentication method.
  • Zeitschriftenartikel
    Sicherheitsherausforderungen für Smart-City-Infrastrukturen
    (Wirtschaftsinformatik & Management: Vol. 14, No. 2, 2022) Zimmermann, Verena; Haunschild, Jasmin; Unden, Marita; Gerber, Paul; Gerber, Nina
  • Zeitschriftenartikel
    Towards Resilient Critical Infrastructures – Motivating Users to Contribute to Smart Grid Resilience
    (i-com: Vol. 20, No. 2, 2021) Egert, Rolf; Gerber, Nina; Haunschild, Jasmin; Kuehn, Philipp; Zimmermann, Verena
    Smart cities aim at improving efficiency while providing safety and security by merging conventional infrastructures with information and communication technology. One strategy for mitigating hazardous situations and improving the overall resilience of the system is to involve citizens. For instance, smart grids involve prosumers—capable of producing and consuming electricity—who can adjust their electricity profile dynamically (i. e., decrease or increase electricity consumption), or use their local production to supply electricity to the grid. This mitigates the impact of peak consumption periods on the grid and makes it easier for operators to control the grid. This involvement of prosumers is accompanied by numerous socio-technical challenges, including motivating citizens to contribute by adjusting their electricity consumption to the requirements of the energy grid. Towards this end, this work investigates motivational strategies and tools, including nudging, persuasive technologies, and incentives, that can be leveraged to increase the motivation of citizens. We discuss long-term and side effects and ethical and privacy considerations, before portraying bug bounty programs, gamification and apps as technologies and strategies to communicate the motivational strategies to citizens.
  • Workshopbeitrag
    Website operators are not the enemy either - Analyzing options for creating cookie consent notices without dark patterns
    (Mensch und Computer 2022 - Workshopband, 2022) Stöver, Alina; Gerber, Nina; Cornel, Christin; Henz, Mona; Marky, Karola; Zimmermann, Verena; Vogt, Joachim
    Users frequently receive cookie consent notices when they enter a website. They are supposed to enable an informed decision about data collection. Instead, they often contain deceptive designs - also known as dark patterns - that can nudge users to consent and thus compromise their privacy. In this paper, we explore the causes of the widespread use of dark patterns in cookie consents. To do so, we take the perspective of website operators, who are responsible for the use of cookie consent notices and are increasingly making use of Consent Management Platforms (CMPs) to manage end-user consent. CMPs usually contain certain design templates. To find out whether it is possible for website operators to generate notices without dark patterns using CMPs, we analyzed a selection of the templates offered by major CMPs. We show that 60% of the notices created with default settings contain at least one dark pattern. A notice that does not nudge toward a certain choice could only be generated with 62.5% of the CMPs. Our results imply that the responsibility for privacy-friendly notices lies more with the CMPs than with the website operators.