{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,6]],"date-time":"2026-04-06T10:20:18Z","timestamp":1775470818246,"version":"3.50.1"},"publisher-location":"Berlin, Heidelberg","reference-count":112,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783642420009","type":"print"},{"value":"9783642420016","type":"electronic"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2013]]},"DOI":"10.1007\/978-3-642-42001-6_18","type":"book-chapter","created":{"date-parts":[[2013,11,21]],"date-time":"2013-11-21T04:25:02Z","timestamp":1385007902000},"page":"255-280","source":"Crossref","is-referenced-by-count":19,"title":["Mental Models \u2013 General Introduction and Review of Their Application to Human-Centred Security"],"prefix":"10.1007","author":[{"given":"Melanie","family":"Volkamer","sequence":"first","affiliation":[]},{"given":"Karen","family":"Renaud","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"issue":"12","key":"18_CR1","doi-asserted-by":"publisher","first-page":"40","DOI":"10.1145\/322796.322806","volume":"42","author":"A. Adams","year":"1999","unstructured":"Adams, A., Sasse, M.A.: Users are not the enemy. Communications of the ACM\u00a042(12), 40\u201346 (1999)","journal-title":"Communications of the ACM"},{"key":"18_CR2","unstructured":"Anderson, L., Krathwohl, D., Airasian, P., Cruikshank, K., Mayer, R., Pintrich, P., Raths, J., Wittrock, M.: A taxonomy for learning, teaching, and assessing. In: Anderson, L., Krathwohl, D. (eds.) A Revision of Bloom\u2019s Taxonomy of Educational Objectives, Complete Edition, pp. 212\u2013218. Longman (2001)"},{"issue":"1","key":"18_CR3","doi-asserted-by":"publisher","first-page":"499","DOI":"10.1016\/S0169-7552(98)00016-6","volume":"30","author":"W. Appelt","year":"1998","unstructured":"Appelt, W., Hinrichs, E., Woetzel, G.: Effectiveness and efficiency: the need for tailorable user interfaces on the web. Computer Networks and ISDN Systems\u00a030(1), 499\u2013508 (1998)","journal-title":"Computer Networks and ISDN Systems"},{"key":"18_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"367","DOI":"10.1007\/978-3-540-77366-5_34","volume-title":"Financial Cryptography and Data Security","author":"F. Asgharpour","year":"2007","unstructured":"Asgharpour, F., Liu, D., Camp, L.J.: Mental models of security risks. In: Dietrich, S., Dhamija, R. (eds.) FC 2007 and USEC 2007. LNCS, vol.\u00a04886, pp. 367\u2013377. Springer, Heidelberg (2007)"},{"key":"18_CR5","doi-asserted-by":"crossref","unstructured":"Asgharpour, F., Liu, D., Camp, L.J.: Mental models of computer security risks. In: WEIS: Workshop on the Economics of Information Security, Carnegie Mellon University, June 7-8 (2007)","DOI":"10.1007\/978-3-540-77366-5_34"},{"issue":"3","key":"18_CR6","doi-asserted-by":"publisher","first-page":"22","DOI":"10.4018\/joeuc.2004070102","volume":"16","author":"K. Aytes","year":"2004","unstructured":"Aytes, K., Connolly, T.: Computer security and risky computing practices: A rational choice perspective. Journal of Organizational and End User Computing (JOEUC)\u00a016(3), 22\u201340 (2004)","journal-title":"Journal of Organizational and End User Computing (JOEUC)"},{"key":"18_CR7","doi-asserted-by":"crossref","unstructured":"Bain, K.: What the best college teachers do. Harvard University Press (2011)","DOI":"10.4159\/harvard.9780674067479"},{"issue":"35","key":"18_CR8","doi-asserted-by":"publisher","first-page":"13868","DOI":"10.1073\/pnas.0706627104","volume":"104","author":"M. Bang","year":"2007","unstructured":"Bang, M., Medin, D.L., Atran, S.: Cultural mosaics and mental models of nature. Proceedings of the National Academy of Sciences\u00a0104(35), 13868\u201313874 (2007)","journal-title":"Proceedings of the National Academy of Sciences"},{"key":"18_CR9","unstructured":"Bartsch, S., Model, M.: Effectively communicate risks for diverse users: A mental-models approach for individualized security interventions. In: Informatik Jahrestagung (to appear)"},{"key":"18_CR10","doi-asserted-by":"crossref","unstructured":"Bartsch, S., Volkamer, M., Theuerling, H., Karayumak, F.: Contextualized web warnings, and how they cause distrust. In: 6th International Conference on Trust & Trustworthy Computing, London, United Kingdom, June 17-19, pp. 205\u2013222 (2013)","DOI":"10.1007\/978-3-642-38908-5_16"},{"issue":"5","key":"18_CR11","doi-asserted-by":"publisher","first-page":"407","DOI":"10.1108\/eb024320","volume":"13","author":"M.J. Bates","year":"1989","unstructured":"Bates, M.J.: The design of browsing and berrypicking techniques for the online search interface. Online Information Review\u00a013(5), 407\u2013424 (1989)","journal-title":"Online Information Review"},{"key":"18_CR12","doi-asserted-by":"publisher","first-page":"817","DOI":"10.1145\/2468356.2468502","volume-title":"CHI 2013 Extended Abstracts on Human Factors in Computing Systems, CHI EA 2013","author":"Z. Benenson","year":"2013","unstructured":"Benenson, Z., Gassmann, F., Reinfelder, L.: Android and iOS users\u2019 differences concerning security and privacy. In: CHI 2013 Extended Abstracts on Human Factors in Computing Systems, CHI EA 2013, pp. 817\u2013822. ACM, New York (2013)"},{"key":"18_CR13","doi-asserted-by":"crossref","unstructured":"Blythe, J., Camp, L.J.: Implementing mental models. In: IEEE Symposium on Security and Privacy Workshops, pp. 86\u201390. IEEE Computer Society (2012)","DOI":"10.1109\/SPW.2012.31"},{"key":"18_CR14","volume-title":"UCINET for Windows: Software for social network analysis","author":"S.P. Borgatti","year":"2002","unstructured":"Borgatti, S.P., Everett, M.G., Freeman, L.C.: UCINET for Windows: Software for social network analysis. Analytic Technologies, Harvard (2002)"},{"issue":"4","key":"18_CR15","doi-asserted-by":"publisher","first-page":"85","DOI":"10.1111\/j.1540-4560.1992.tb01946.x","volume":"48","author":"A. Bostrom","year":"1992","unstructured":"Bostrom, A., Fischhoff, B., Morgan, M.G.: Characterizing mental models of hazardous processes: A methodology and an application to radon. Journal of Social Issues\u00a048(4), 85\u2013100 (1992)","journal-title":"Journal of Social Issues"},{"issue":"2","key":"18_CR16","doi-asserted-by":"publisher","first-page":"18","DOI":"10.1109\/MSP.2010.198","volume":"9","author":"C. Bravo-Lillo","year":"2011","unstructured":"Bravo-Lillo, C., Cranor, L.F., Downs, J.S., Komanduri, S.: Bridging the gap in computer security warnings: A mental model approach. Security & Privacy\u00a09(2), 18\u201326 (2011)","journal-title":"Security & Privacy"},{"issue":"2","key":"18_CR17","doi-asserted-by":"publisher","first-page":"151","DOI":"10.1080\/0305498870130203","volume":"13","author":"M. Buchmann","year":"1987","unstructured":"Buchmann, M.: Teaching knowledge: The lights that teachers live by. Oxford Review of Education\u00a013(2), 151\u2013164 (1987)","journal-title":"Oxford Review of Education"},{"issue":"18","key":"18_CR18","doi-asserted-by":"publisher","first-page":"3921","DOI":"10.1016\/j.vaccine.2006.02.033","volume":"24","author":"D.C. Burgess","year":"2006","unstructured":"Burgess, D.C., Burgess, M.A., Leask, J.: The mmr vaccination and autism controversy in united kingdom 1998\u20132005: Inevitable community outrage or a failure of risk communication? Vaccine\u00a024(18), 3921\u20133928 (2006)","journal-title":"Vaccine"},{"issue":"3","key":"18_CR19","doi-asserted-by":"publisher","first-page":"37","DOI":"10.1109\/MTS.2009.934142","volume":"28","author":"L.J. Camp","year":"2006","unstructured":"Camp, L.J.: Mental models of privacy and security. IEEE Technology and Society Magazine\u00a028(3), 37\u201346 (2006)","journal-title":"IEEE Technology and Society Magazine"},{"issue":"3","key":"18_CR20","doi-asserted-by":"crossref","first-page":"601","DOI":"10.1093\/sf\/70.3.601","volume":"70","author":"K. Carley","year":"1992","unstructured":"Carley, K., Palmquist, M.: Extracting, representing, and analyzing mental models. Social Forces\u00a070(3), 601\u2013636 (1992)","journal-title":"Social Forces"},{"key":"18_CR21","doi-asserted-by":"crossref","unstructured":"Castelfranchi, C., Falcone, R.: Trust is much more than subjective probability: Mental components and sources of trust. In: Proceedings of the 33rd Annual Hawaii International Conference on System Sciences 2000, p. 10. IEEE (2000)","DOI":"10.1109\/HICSS.2000.926815"},{"issue":"2","key":"18_CR22","doi-asserted-by":"publisher","first-page":"231","DOI":"10.5172\/jmo.2012.18.2.231","volume":"18","author":"J.-G. Cegarra-Navarro","year":"2012","unstructured":"Cegarra-Navarro, J.-G., Eldridge, S., Gamo S\u00e1nchez, A.L.: How an unlearning context can help managers overcome the negative effects of counter-knowledge. Journal of Management & Organization\u00a018(2), 231\u2013246 (2012)","journal-title":"Journal of Management & Organization"},{"issue":"4","key":"18_CR23","doi-asserted-by":"publisher","first-page":"398","DOI":"10.1108\/EUM0000000006087","volume":"2","author":"J.A. Chapman","year":"2001","unstructured":"Chapman, J.A., Ferfolja, T.: Fatal flaws: the acquisition of imperfect mental models and their use in hazardous situations. Journal of Intellectual Capital\u00a02(4), 398\u2013409 (2001)","journal-title":"Journal of Intellectual Capital"},{"key":"18_CR24","unstructured":"Chiasson, S., van Oorschot, P.C., Biddle, R.: A usability study and critique of two password managers. In: Proceedings of the 15th Conference on USENIX Security Symposium, USENIX-SS 2006, vol.\u00a015. USENIX Association, Berkeley (2006)"},{"issue":"2","key":"18_CR25","doi-asserted-by":"publisher","first-page":"184","DOI":"10.1504\/GBER.2008.019017","volume":"10","author":"S.R. Clegg","year":"2008","unstructured":"Clegg, S.R.: Ten propositions concerning security, terrorism and business. Global Business and Economics Review\u00a010(2), 184\u2013196 (2008)","journal-title":"Global Business and Economics Review"},{"issue":"2","key":"18_CR26","first-page":"139","volume":"9","author":"D. Conrad","year":"2008","unstructured":"Conrad, D.: Building knowledge through portfolio learning in prior learning assessment and recognition. Quarterly Review of Distance Education\u00a09(2), 139\u2013150 (2008)","journal-title":"Quarterly Review of Distance Education"},{"key":"18_CR27","doi-asserted-by":"crossref","unstructured":"Converse, S.A., Cannon-Bowers, J.A., Salas, E.: Team member shared mental models: A theory and some methodological issues. In: Proceedings of the Human Factors and Ergonomics Society Annual Meeting, vol.\u00a035, pp. 1417\u20131421. SAGE Publications (1991)","DOI":"10.1177\/154193129103501917"},{"key":"18_CR28","unstructured":"Craik, K.J.W.: The nature of explanation. Cambridge University Press (1967)"},{"issue":"3","key":"18_CR29","doi-asserted-by":"publisher","first-page":"295","DOI":"10.1002\/sce.3730790305","volume":"79","author":"Z.R. Dagher","year":"1995","unstructured":"Dagher, Z.R.: Review of studies on the effectiveness of instructional analogies in science education. Science Education\u00a079(3), 295\u2013312 (1995)","journal-title":"Science Education"},{"key":"18_CR30","unstructured":"d\u2019Andrade, R.G.: The development of cognitive anthropology. Cambridge University Press (1995)"},{"issue":"2","key":"18_CR31","doi-asserted-by":"publisher","first-page":"79","DOI":"10.1007\/s10111-003-0136-9","volume":"6","author":"S. Dekker","year":"2004","unstructured":"Dekker, S., Hollnagel, E.: Human factors and folk models. Cognition, Technology & Work\u00a06(2), 79\u201386 (2004)","journal-title":"Cognition, Technology & Work"},{"key":"18_CR32","unstructured":"Diesner, J., Carley, K.M.: Automap1.2 - extract, analyze, represent, and compare mental models from texts. Technical report, CMU (2004)"},{"key":"18_CR33","unstructured":"Diesner, J., Kumaraguru, P., Carley, K.M.: Mental models of data privacy and security extracted from interviews with Indians. In: 55th Annual Conference of the International Communication Association (ICA), New York, May 26-30 (2005)"},{"key":"18_CR34","doi-asserted-by":"crossref","unstructured":"Donker, H., Klante, P., Gorny, P.: The design of auditory user interfaces for blind users. In: Proceedings of the Second Nordic Conference on Human-Computer Interaction, pp. 149\u2013156. ACM (2002)","DOI":"10.1145\/572020.572038"},{"issue":"1","key":"18_CR35","doi-asserted-by":"publisher","first-page":"87","DOI":"10.1177\/104687818001100108","volume":"11","author":"D. D\u00f6rner","year":"1980","unstructured":"D\u00f6rner, D.: On the difficulties people have in dealing with complexity. Simulation & Gaming\u00a011(1), 87\u2013106 (1980)","journal-title":"Simulation & Gaming"},{"key":"18_CR36","unstructured":"Dourish, P., Delgado De La Flor, J., Joseph, M.: Security as a practical problem: Some preliminary observations of everyday mental models. In: Proceedings of CHI 2003 Workshop on HCI and Security Systems, Fort Lauderdale, Florida, April 5-10 (2003)"},{"issue":"6","key":"18_CR37","doi-asserted-by":"publisher","first-page":"391","DOI":"10.1007\/s00779-004-0308-5","volume":"8","author":"P. Dourish","year":"2004","unstructured":"Dourish, P., Grinter, R.E., De La Flor, J.D., Joseph, M.: Security in the wild: user strategies for managing security as an everyday, practical problem. Personal and Ubiquitous Computing\u00a08(6), 391\u2013401 (2004)","journal-title":"Personal and Ubiquitous Computing"},{"issue":"3","key":"18_CR38","doi-asserted-by":"publisher","first-page":"83","DOI":"10.1111\/1467-8721.01235","volume":"12","author":"D. Dunning","year":"2003","unstructured":"Dunning, D., Johnson, K., Ehrlinger, J., Kruger, J.: Why people fail to recognize their own incompetence. Current Directions in Psychological Science\u00a012(3), 83\u201387 (2003)","journal-title":"Current Directions in Psychological Science"},{"issue":"3","key":"18_CR39","doi-asserted-by":"publisher","first-page":"183","DOI":"10.1037\/h0047707","volume":"66","author":"J.A. Easterbrook","year":"1959","unstructured":"Easterbrook, J.A.: The effect of emotion on cue utilization and the organization of behavior. Psychological Review\u00a066(3), 183 (1959)","journal-title":"Psychological Review"},{"key":"18_CR40","doi-asserted-by":"crossref","unstructured":"Edwards, W.K., Poole, E.S., Stoll, J.: Security automation considered harmful? In: Proceedings of the 2007 Workshop on New Security Paradigms, pp. 33\u201342. ACM (2008)","DOI":"10.1145\/1600176.1600182"},{"key":"18_CR41","doi-asserted-by":"crossref","unstructured":"Felt, A.P., Ha, E., Egelman, S., Haney, A., Chin, E., Wagner, D.: Android permissions: user attention, comprehension, and behavior. In: Proceedings of the Eighth Symposium on Usable Privacy and Security, SOUPS 2012, pp. 3:1\u20133:14. ACM, New York (2012)","DOI":"10.1145\/2335356.2335360"},{"key":"18_CR42","first-page":"608","volume-title":"Proceedings of the 2nd International Joint Conference on Artificial Intelligence, IJCAI 1971","author":"R.E. Fikes","year":"1971","unstructured":"Fikes, R.E., Nilsson, N.J.: Strips: a new approach to the application of theorem proving to problem solving. In: Proceedings of the 2nd International Joint Conference on Artificial Intelligence, IJCAI 1971, pp. 608\u2013620. Morgan Kaufmann Publishers Inc., San Francisco (1971)"},{"issue":"2","key":"18_CR43","doi-asserted-by":"publisher","first-page":"137","DOI":"10.1111\/j.1539-6924.1995.tb00308.x","volume":"15","author":"B. Fischhoff","year":"1995","unstructured":"Fischhoff, B.: Risk perception and communication unplugged: Twenty years of process1. Risk Analysis\u00a015(2), 137\u2013145 (1995)","journal-title":"Risk Analysis"},{"issue":"1","key":"18_CR44","doi-asserted-by":"publisher","first-page":"183","DOI":"10.1146\/annurev.pu.14.050193.001151","volume":"14","author":"B. Fischhoff","year":"1993","unstructured":"Fischhoff, B., Bostrom, A., Quadrel, M.J.: Risk perception and communication. Annual Review of Public Health\u00a014(1), 183\u2013203 (1993)","journal-title":"Annual Review of Public Health"},{"key":"18_CR45","doi-asserted-by":"crossref","unstructured":"Friedman, B., Hurley, D., Howe, D.C., Felten, E., Nissenbaum, H.: Users\u2019 conceptions of web security: A comparative study. In: CHI 2002 Extended Abstracts on Human factors in Computing Systems, pp. 746\u2013747. ACM (2002)","DOI":"10.1145\/506443.506577"},{"issue":"2","key":"18_CR46","doi-asserted-by":"publisher","first-page":"40","DOI":"10.1109\/MSP.2011.180","volume":"10","author":"S.M. Furman","year":"2012","unstructured":"Furman, S.M., Theofanos, M.F., Choong, Y.-Y., Stanton, B.: Basing cybersecurity training on user perceptions. IEEE Security & Privacy\u00a010(2), 40\u201349 (2012)","journal-title":"IEEE Security & Privacy"},{"issue":"5","key":"18_CR47","doi-asserted-by":"publisher","first-page":"410","DOI":"10.1016\/j.cose.2007.03.001","volume":"26","author":"S. Furnell","year":"2007","unstructured":"Furnell, S., Bryant, P., Phippen, A.D.: Assessing the security perceptions of personal internet users. Computers & Security\u00a026(5), 410\u2013417 (2007)","journal-title":"Computers & Security"},{"key":"18_CR48","volume-title":"Mental models","author":"D. Gentner","year":"1983","unstructured":"Gentner, D., Stevens, A.L.: Mental models. Lawrence Erlbaum, Hillsdale (1983)"},{"issue":"7136","key":"18_CR49","doi-asserted-by":"publisher","first-page":"978","DOI":"10.1136\/bmj.316.7136.978","volume":"316","author":"T. Greenhalgh","year":"1998","unstructured":"Greenhalgh, T., Helman, C., Chowdhury, A.M.: Health beliefs and folk models of diabetes in british bangladeshis: a qualitative study. BMJ: British Medical Journal\u00a0316(7136), 978 (1998)","journal-title":"BMJ: British Medical Journal"},{"key":"18_CR50","doi-asserted-by":"crossref","unstructured":"Gross, J.B., Rosson, M.B.: End user concern about security and privacy threats. In: Cranor, L.F. (ed.) SOUPS. ACM International Conference Proceeding Series, vol.\u00a0229, pp. 167\u2013168. ACM (2007)","DOI":"10.1145\/1280680.1280711"},{"key":"18_CR51","doi-asserted-by":"crossref","unstructured":"Gross, J.B., Rosson, M.B.: Looking for trouble: understanding end-user security management. In: Proceedings of the 2007 Symposium on Computer Human interaction For the Management of information Technology, p. 10. ACM (2007)","DOI":"10.1145\/1234772.1234786"},{"issue":"4","key":"18_CR52","doi-asserted-by":"publisher","first-page":"287","DOI":"10.1504\/IJKL.2005.008352","volume":"1","author":"S. Gupta","year":"2005","unstructured":"Gupta, S., Bostrom, R.P.: Theoretical model for investigating the impact of knowledge portals on different levels of knowledge processing. International Journal of knowledge and Learning\u00a01(4), 287\u2013304 (2005)","journal-title":"International Journal of knowledge and Learning"},{"key":"18_CR53","doi-asserted-by":"crossref","unstructured":"Harris, M., Furnell, S.: Routes to security compliance: be good or be shamed? Computer Fraud & Security\u00a0(12), 12\u201320 (2012)","DOI":"10.1016\/S1361-3723(12)70122-7"},{"issue":"3","key":"18_CR54","doi-asserted-by":"publisher","first-page":"396","DOI":"10.1504\/IJPD.2007.012504","volume":"4","author":"R. Helm","year":"2007","unstructured":"Helm, R., Mark, A.: Implications from cue utilisation theory and signalling theory for firm reputation and the marketing of new products. International Journal of Product Development\u00a04(3), 396\u2013411 (2007)","journal-title":"International Journal of Product Development"},{"issue":"2","key":"18_CR55","doi-asserted-by":"publisher","first-page":"107","DOI":"10.1007\/BF00054580","volume":"2","author":"C.G. Helman","year":"1978","unstructured":"Helman, C.G.: \u201cfeed a cold, starve a fever\u201d folk models of infection in an english suburban community, and their relation to medical treatment. Culture, Medicine and Psychiatry\u00a02(2), 107\u2013137 (1978)","journal-title":"Culture, Medicine and Psychiatry"},{"issue":"4","key":"18_CR56","doi-asserted-by":"publisher","first-page":"770","DOI":"10.1016\/j.intcom.2005.10.008","volume":"18","author":"Y. Hsu","year":"2006","unstructured":"Hsu, Y.: The effects of metaphors on novice and expert learners performance and mental-model development. Interacting with Computers\u00a018(4), 770\u2013792 (2006)","journal-title":"Interacting with Computers"},{"key":"18_CR57","unstructured":"Johnson-Laird, P.N.: Mental models: Towards a cognitive science of language, inference, and consciousness, vol.\u00a06. Harvard University Press (1983)"},{"key":"18_CR58","unstructured":"Johnson-Laird, P.N.: Mental models and thought. In: Holyoak, K.J., Morrison, R.G. (eds.) The Cambridge Handbook of Thinking and Reasoning, pp. 185\u2013208. Cambridge University Press (2005)"},{"issue":"1","key":"18_CR59","doi-asserted-by":"crossref","first-page":"46","DOI":"10.5751\/ES-03802-160146","volume":"16","author":"N.A. Jones","year":"2011","unstructured":"Jones, N.A., Ross, H., Lynam, T., Perez, P., Leitch, A.: Mental models: an interdisciplinary synthesis of theory and methods. Ecology and Society\u00a016(1), 46 (2011)","journal-title":"Ecology and Society"},{"key":"18_CR60","doi-asserted-by":"crossref","unstructured":"Karayumak, F., Kauer, M., Olembo, M.M., Volk, T., Volkamer, M.: User study of the improved Helios voting system interface. In: 1st Workshop on Socio-Technical Aspects in Security and Trust (STAST), pp. 37\u201344. IEEE Digital Library (2011)","DOI":"10.1109\/STAST.2011.6059254"},{"key":"18_CR61","unstructured":"Kaspersky. The evolution of phishing attacks: 2011-2013 (2013), http:\/\/media.kaspersky.com\/pdf\/Kaspersky_Lab_KSN_report_The_Evolution_of_Phishing_Attacks_2011-2013.pdf"},{"key":"18_CR62","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"100","DOI":"10.1007\/978-3-642-39345-7_11","volume-title":"Human Aspects of Information Security, Privacy, and Trust","author":"M. Kauer","year":"2013","unstructured":"Kauer, M., G\u00fcnther, S., Storck, D., Volkamer, M.: A comparison of American and German folk models of home computer security. In: Marinos, L., Askoxylakis, I. (eds.) HAS 2013. LNCS, vol.\u00a08030, pp. 100\u2013109. Springer, Heidelberg (2013)"},{"key":"18_CR63","doi-asserted-by":"crossref","unstructured":"Kauer, M., Kiesel, F., Ueberschaer, F., Volkamer, M., Bruder, R.: The influence of trustworthiness of website layout on security perception of websites. In: Current Issues in IT Security 2012, May 7-11, vol.\u00a0(18), pp. 215\u2013220. Duncker & Humblot (2012); 5th MPICC Interdisciplinary Conference on Current Issues in IT Security, Freiburg i Breisgau, Germany","DOI":"10.1016\/S1353-4858(12)70102-2"},{"key":"18_CR64","first-page":"68","volume-title":"Proceedings of the 16th International Conference on Financial Cryptography and Data Security, FC 2012","author":"P.G. Kelley","year":"2012","unstructured":"Kelley, P.G., Consolvo, S., Cranor, L.F., Jung, J., Sadeh, N., Wetherall, D.: A conundrum of permissions: installing applications on an android smartphone. In: Proceedings of the 16th International Conference on Financial Cryptography and Data Security, FC 2012, pp. 68\u201379. Springer, Heidelberg (2012)"},{"key":"18_CR65","doi-asserted-by":"crossref","unstructured":"Kempton, W.: Variation in folk models and consequent behavior. In: American Behavioral Scientist; American Behavioral Scientist (1987)","DOI":"10.1177\/000276487031002006"},{"key":"18_CR66","doi-asserted-by":"publisher","first-page":"365","DOI":"10.1145\/286498.286830","volume-title":"Cconference Summary on Human Factors in Computing Systems, CHI 1998","author":"J. Khaslavsky","year":"1998","unstructured":"Khaslavsky, J.: Integrating culture into interface design. In: Cconference Summary on Human Factors in Computing Systems, CHI 1998, pp. 365\u2013366. ACM, New York (1998)"},{"key":"18_CR67","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"196","DOI":"10.1007\/978-3-540-30119-6_12","volume-title":"UbiComp 2004: Ubiquitous Computing","author":"T. Kindberg","year":"2004","unstructured":"Kindberg, T., Sellen, A., Geelhoed, E.: Security and trust in mobile interactions: A study of users perceptions and reasoning. In: Mynatt, E.D., Siio, I. (eds.) UbiComp 2004. LNCS, vol.\u00a03205, pp. 196\u2013213. Springer, Heidelberg (2004)"},{"key":"18_CR68","doi-asserted-by":"crossref","unstructured":"King, J.: How come I\u2019m allowing strangers to go through my phone? - Smartphones and privacy expectations (2013), http:\/\/jenking.net\/mobile\/","DOI":"10.2139\/ssrn.2493412"},{"issue":"2","key":"18_CR69","doi-asserted-by":"crossref","first-page":"403","DOI":"10.1177\/014920639402000206","volume":"20","author":"R. Klimoski","year":"1994","unstructured":"Klimoski, R., Mohammed, S.: Team mental model: Construct or metaphor? Journal of Management\u00a020(2), 403\u2013437 (1994)","journal-title":"Journal of Management"},{"issue":"2","key":"18_CR70","doi-asserted-by":"publisher","first-page":"7","DOI":"10.1007\/BF02299087","volume":"42","author":"R.B. Kozma","year":"1994","unstructured":"Kozma, R.B.: Will media influence learning? Reframing the debate. Educational Technology Research and Development\u00a042(2), 7\u201319 (1994)","journal-title":"Educational Technology Research and Development"},{"issue":"2","key":"18_CR71","doi-asserted-by":"publisher","first-page":"221","DOI":"10.1037\/0022-3514.77.2.221","volume":"77","author":"J. Kruger","year":"1999","unstructured":"Kruger, J.: Lake wobegon be gone! the \u201cbelow-average effect\u201d and the egocentric nature of comparative ability judgments. Journal of Personality and Social Psychology\u00a077(2), 221 (1999)","journal-title":"Journal of Personality and Social Psychology"},{"key":"18_CR72","unstructured":"Kumaraguru, P., Cranor, L.F., Newton, E.: Privacy perceptions in India and the United States: An interview study. In: In The 33rd Research Conference on Communication, Information and Internet Policy (TPRC) (September 2005)"},{"issue":"2","key":"18_CR73","doi-asserted-by":"publisher","first-page":"242","DOI":"10.1518\/001872000779656534","volume":"42","author":"J. Langan-Fox","year":"2000","unstructured":"Langan-Fox, J., Code, S., Langfield-Smith, K.: Team mental models: Techniques, methods, and analytic approaches. Human Factors: The Journal of the Human Factors and Ergonomics Society\u00a042(2), 242\u2013271 (2000)","journal-title":"Human Factors: The Journal of the Human Factors and Ergonomics Society"},{"key":"18_CR74","doi-asserted-by":"publisher","first-page":"501","DOI":"10.1145\/2370216.2370290","volume-title":"Proceedings of the 2012 ACM Conference on Ubiquitous Computing, UbiComp 2012","author":"J. Lin","year":"2012","unstructured":"Lin, J., Amini, S., Hong, J.I., Sadeh, N., Lindqvist, J., Zhang, J.: Expectation and purpose: understanding users\u2019 mental models of mobile app privacy through crowdsourcing. In: Proceedings of the 2012 ACM Conference on Ubiquitous Computing, UbiComp 2012, pp. 501\u2013510. ACM, New York (2012)"},{"issue":"4","key":"18_CR75","doi-asserted-by":"publisher","first-page":"341","DOI":"10.1016\/0164-1212(87)90033-1","volume":"7","author":"D.C. Littman","year":"1987","unstructured":"Littman, D.C., Pinto, J., Letovsky, S., Soloway, E.: Mental models and software maintenance. Journal of Systems and Software\u00a07(4), 341\u2013355 (1987)","journal-title":"Journal of Systems and Software"},{"key":"18_CR76","unstructured":"Liu, D., Asgharpour, F., Camp, L.: Risk communication in security using mental models (2008), Usable Security Website: http:\/\/usablesecurity.org\/papers\/liu.pdf"},{"issue":"4","key":"18_CR77","doi-asserted-by":"publisher","first-page":"308","DOI":"10.1108\/EUM0000000004602","volume":"1","author":"D. Morey","year":"1997","unstructured":"Morey, D., Frangioso, T.: Aligning an organization for learning-the six principles of effective learning. Journal of Knowledge Management\u00a01(4), 308\u2013314 (1997)","journal-title":"Journal of Knowledge Management"},{"key":"18_CR78","doi-asserted-by":"crossref","unstructured":"Muslukhov, I., Boshmaf, Y., Kuo, C., Lester, J., Beznosov, K.: Understanding users\u2019 requirements for data protection in smartphones. In: 2012 IEEE 28th International Conference on Data Engineering Workshops (ICDEW), pp. 228\u2013235. IEEE (2012)","DOI":"10.1109\/ICDEW.2012.83"},{"key":"18_CR79","doi-asserted-by":"crossref","unstructured":"Nemire, K.: Case study: The wrong mental model can kill you. In: Proceedings of the Human Factors and Ergonomics Society Annual Meeting, vol.\u00a051, pp. 554\u2013558. Sage Publications (2007)","DOI":"10.1177\/154193120705100901"},{"key":"18_CR80","unstructured":"Norman, D.: Some observations on mental models. In: Gentner, D., Stevens, A. (eds.) Mental Models. Erlbaum, Hillsdale (1983)"},{"key":"18_CR81","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"142","DOI":"10.1007\/978-3-642-39185-9_9","volume-title":"E-Voting and Identify","author":"M.M. Olembo","year":"2013","unstructured":"Olembo, M.M., Bartsch, S., Volkamer, M.: Mental models of verifiability in voting. In: Heather, J., Schneider, S., Teague, V. (eds.) Vote-ID 2013. LNCS, vol.\u00a07985, pp. 142\u2013155. Springer, Heidelberg (2013)"},{"key":"18_CR82","doi-asserted-by":"crossref","unstructured":"Orgill, G.L., Romney, G.W., Bailey, M.G., Orgill, P.M.: The urgency for effective user privacy-education to counter social engineering attacks on secure computer systems. In: Proceedings of the 5th Conference on Information Technology Education, pp. 177\u2013181. ACM (2004)","DOI":"10.1145\/1029533.1029577"},{"issue":"1","key":"18_CR83","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1080\/01449299108924268","volume":"10","author":"S.J. Payne","year":"1991","unstructured":"Payne, S.J.: A descriptive study of mental models. Behaviour & Information Technology\u00a010(1), 3\u201321 (1991)","journal-title":"Behaviour & Information Technology"},{"issue":"2","key":"18_CR84","doi-asserted-by":"publisher","first-page":"123","DOI":"10.1002\/hrm.20053","volume":"44","author":"J. Pfeffer","year":"2005","unstructured":"Pfeffer, J.: Changing mental models: HR\u2019s most important task. Human Resource Management\u00a044(2), 123\u2013128 (2005)","journal-title":"Human Resource Management"},{"key":"18_CR85","first-page":"1585","volume-title":"CHI 2011 Extended Abstracts on Human Factors in Computing Systems, CHI EA 2011","author":"F. Raja","year":"2011","unstructured":"Raja, F., Hawkey, K., Hsu, S., Wang, K.-L., Beznosov, K.: Promoting a physical security mental model for personal firewall warnings. In: CHI 2011 Extended Abstracts on Human Factors in Computing Systems, CHI EA 2011, pp. 1585\u20131590. ACM, New York (2011)"},{"key":"18_CR86","doi-asserted-by":"crossref","unstructured":"Raja, F., Hawkey, K., Jaferian, P., Beznosov, K., Booth, K.S.: It\u2019s too complicated, so I turned it off! Expectations, perceptions, and misconceptions of personal firewalls. In: Proceedings of the 3rd ACM Workshop on Assurable and Usable Security Configuration, pp. 53\u201362. ACM (2010)","DOI":"10.1145\/1866898.1866907"},{"key":"18_CR87","doi-asserted-by":"crossref","unstructured":"Rao, A.R., Monroe, K.B.: The moderating effect of prior knowledge on cue utilization in product evaluations. Journal of Consumer Research, 253\u2013264 (1988)","DOI":"10.1086\/209162"},{"issue":"3","key":"18_CR88","doi-asserted-by":"publisher","first-page":"57","DOI":"10.1109\/MSP.2011.157","volume":"10","author":"K. Renaud","year":"2012","unstructured":"Renaud, K.: Blaming noncompliance is too convenient: What really causes information breaches? IEEE Security & Privacy\u00a010(3), 57\u201363 (2012)","journal-title":"IEEE Security & Privacy"},{"key":"18_CR89","unstructured":"Richardson, G.P., Andersen, D.F., Maxwell, T.A., Stewart, T.R.: Foundations of mental model research. In: Proceedings of the 1994 International System Dynamics Conference, pp. 181\u2013192 (1994)"},{"issue":"1","key":"18_CR90","doi-asserted-by":"publisher","first-page":"19","DOI":"10.1080\/01449298508901784","volume":"4","author":"I.T. Robertson","year":"1985","unstructured":"Robertson, I.T.: Human information-processing strategies and style. Behaviour & Information Technology\u00a04(1), 19\u201329 (1985)","journal-title":"Behaviour & Information Technology"},{"issue":"3","key":"18_CR91","doi-asserted-by":"publisher","first-page":"349","DOI":"10.1037\/0033-2909.100.3.349","volume":"100","author":"W.B. Rouse","year":"1986","unstructured":"Rouse, W.B., Morris, N.M.: On looking into the black box: Prospects and limits in the search for mental models. Psychological Bulletin\u00a0100(3), 349 (1986)","journal-title":"Psychological Bulletin"},{"issue":"3","key":"18_CR92","doi-asserted-by":"publisher","first-page":"243","DOI":"10.1002\/hrdq.3920060303","volume":"6","author":"A.L. Rowe","year":"1995","unstructured":"Rowe, A.L., Cooke, N.J.: Measuring mental models: Choosing the right tools for the job. Human Resource Development Quarterly\u00a06(3), 243\u2013255 (1995)","journal-title":"Human Resource Development Quarterly"},{"key":"18_CR93","unstructured":"Rumelhart, D.E., Norman, D.A.: Representation in memory. In: Cognitive Science Laboratory, Center for Human Information Processing, University of California, San Diego (1983)"},{"key":"18_CR94","doi-asserted-by":"crossref","unstructured":"Schechter, S.E., Dhamija, R., Ozment, A., Fischer, I.: The emperor\u2019s new security indicators. In: IEEE Symposium on Security and Privacy, SP 2007, pp. 51\u201365. IEEE (2007)","DOI":"10.1109\/SP.2007.35"},{"key":"18_CR95","first-page":"373","volume-title":"Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, CHI 2010","author":"S. Sheng","year":"2010","unstructured":"Sheng, S., Holbrook, M., Kumaraguru, P., Cranor, L.F., Downs, J.: Who falls for phish?: a demographic analysis of phishing susceptibility and effectiveness of interventions. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, CHI 2010, pp. 373\u2013382. ACM, New York (2010)"},{"issue":"7","key":"18_CR96","doi-asserted-by":"publisher","first-page":"261","DOI":"10.1016\/S1364-6613(97)01080-2","volume":"1","author":"D.J. Simons","year":"1997","unstructured":"Simons, D.J., Levin, D.T.: Change blindness. Trends in Cognitive Sciences\u00a01(7), 261\u2013267 (1997)","journal-title":"Trends in Cognitive Sciences"},{"issue":"4799","key":"18_CR97","doi-asserted-by":"publisher","first-page":"280","DOI":"10.1126\/science.3563507","volume":"236","author":"P. Slovic","year":"1987","unstructured":"Slovic, P.: Perception of risk. Science\u00a0236(4799), 280\u2013285 (1987)","journal-title":"Science"},{"issue":"3","key":"18_CR98","doi-asserted-by":"crossref","first-page":"503","DOI":"10.2307\/25750689","volume":"34","author":"J.L. Spears","year":"2010","unstructured":"Spears, J.L., Barki, H.: User participation in information systems security risk management. MIS Quarterly\u00a034(3), 503\u2013522 (2010)","journal-title":"MIS Quarterly"},{"issue":"4","key":"18_CR99","doi-asserted-by":"publisher","first-page":"587","DOI":"10.1006\/imms.1993.1028","volume":"38","author":"N. Staggers","year":"1993","unstructured":"Staggers, N., Norcio, A.F.: Mental models: concepts for human-computer interaction research. International Journal of Man-Machine Studies\u00a038(4), 587\u2013605 (1993)","journal-title":"International Journal of Man-Machine Studies"},{"key":"18_CR100","doi-asserted-by":"crossref","unstructured":"Staw, B.M., Barsade, S.G.: Affect and managerial performance: A test of the sadder-but-wiser vs. happier-and-smarter hypotheses. Administrative Science Quarterly, 304\u2013331 (1993)","DOI":"10.2307\/2393415"},{"issue":"5","key":"18_CR101","doi-asserted-by":"publisher","first-page":"732","DOI":"10.1002\/sce.10079","volume":"87","author":"K.S. Taber","year":"2003","unstructured":"Taber, K.S.: Mediating mental models of metals: Acknowledging the priority of the learner\u2019s prior learning. Science Education\u00a087(5), 732\u2013758 (2003)","journal-title":"Science Education"},{"issue":"4","key":"18_CR102","doi-asserted-by":"publisher","first-page":"299","DOI":"10.1016\/S0169-8141(97)00081-4","volume":"22","author":"A. Thatcher","year":"1998","unstructured":"Thatcher, A., Greyling, M.: Mental models of the internet. International Journal of Industrial Ergonomics\u00a022(4), 299\u2013305 (1998)","journal-title":"International Journal of Industrial Ergonomics"},{"key":"18_CR103","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"14","DOI":"10.1007\/3-540-57207-4_2","volume-title":"Spatial Information Theory","author":"B. Tversky","year":"1993","unstructured":"Tversky, B.: Cognitive maps, cognitive collages, and spatial mental models. In: Campari, I., Frank, A.U. (eds.) COSIT 1993. LNCS, vol.\u00a0716, pp. 14\u201324. Springer, Heidelberg (1993)"},{"issue":"4","key":"18_CR104","doi-asserted-by":"publisher","first-page":"535","DOI":"10.1016\/0010-0285(92)90018-W","volume":"24","author":"S. Vosniadou","year":"1992","unstructured":"Vosniadou, S., Brewer, W.F.: Mental models of the earth: A study of conceptual change in childhood. Cognitive Psychology\u00a024(4), 535\u2013585 (1992)","journal-title":"Cognitive Psychology"},{"key":"18_CR105","doi-asserted-by":"crossref","unstructured":"Wash, R.: Folk models of home computer security. In: Proceedings of the Sixth Symposium on Usable Privacy and Security, p. 11. ACM (2010)","DOI":"10.1145\/1837110.1837125"},{"key":"18_CR106","doi-asserted-by":"publisher","first-page":"57","DOI":"10.1145\/2073276.2073283","volume-title":"Proceedings of the 2011 Workshop on New Security Paradigms Workshop, NSPW 2011","author":"R. Wash","year":"2011","unstructured":"Wash, R., Rader, E.: Influencing mental models of security: a research agenda. In: Proceedings of the 2011 Workshop on New Security Paradigms Workshop, NSPW 2011, pp. 57\u201366. ACM, New York (2011)"},{"key":"18_CR107","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-642-27585-2_1","volume-title":"Open Problems in Network Security","author":"E. W\u00e4stlund","year":"2012","unstructured":"W\u00e4stlund, E., Angulo, J., Fischer-H\u00fcbner, S.: Evoking comprehensive mental models of anonymous credentials. In: Camenisch, J., Kesdogan, D. (eds.) iNetSec 2011. LNCS, vol.\u00a07039, pp. 1\u201314. Springer, Heidelberg (2012)"},{"key":"18_CR108","doi-asserted-by":"publisher","first-page":"137","DOI":"10.1145\/508171.508195","volume-title":"Proceedings of the 2001 Workshop on New Security Paradigms, NSPW 2001","author":"D. Weirich","year":"2001","unstructured":"Weirich, D., Sasse, M.A.: Pretty good persuasion: a first step towards effective password security in the real world. In: Proceedings of the 2001 Workshop on New Security Paradigms, NSPW 2001, pp. 137\u2013143. ACM, New York (2001)"},{"key":"18_CR109","unstructured":"Whitten, A., Tygar, J.: Why Johnny Can\u2019t Encrypt. In: Proceedings of the 8th USENIX Security Symposium, vol.\u00a099, p. 1. McGraw-Hill (1999)"},{"key":"18_CR110","doi-asserted-by":"crossref","unstructured":"Willingham, D.T.: Why don\u2019t students like school: A cognitive scientist answers questions about how the mind works and what it means for the classroom. Wiley. com (2009)","DOI":"10.1002\/9781118269527"},{"key":"18_CR111","doi-asserted-by":"crossref","unstructured":"Wu, M., Miller, R.C., Garfinkel, S.L.: Do security toolbars actually prevent phishing attacks? In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 601\u2013610. ACM (2006)","DOI":"10.1145\/1124772.1124863"},{"issue":"3","key":"18_CR112","doi-asserted-by":"publisher","first-page":"461","DOI":"10.1080\/00140139608964475","volume":"39","author":"N. Ye","year":"1996","unstructured":"Ye, N., Salverndy, G.: Expert-novice knowledge of computer programming at different levels of abstraction. Ergonomics\u00a039(3), 461\u2013481 (1996)","journal-title":"Ergonomics"}],"container-title":["Lecture Notes in Computer Science","\u2018"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-42001-6_18","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,4,30]],"date-time":"2025-04-30T22:36:53Z","timestamp":1746052613000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-42001-6_18"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013]]},"ISBN":["9783642420009","9783642420016"],"references-count":112,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-42001-6_18","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2013]]}}}