{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2023,8,25]],"date-time":"2023-08-25T01:07:54Z","timestamp":1692925674849},"reference-count":50,"publisher":"Springer Science and Business Media LLC","issue":"11","license":[{"start":{"date-parts":[[2010,11,1]],"date-time":"2010-11-01T00:00:00Z","timestamp":1288569600000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["DuD"],"published-print":{"date-parts":[[2010,11]]},"DOI":"10.1007\/s11623-010-0210-4","type":"journal-article","created":{"date-parts":[[2010,11,16]],"date-time":"2010-11-16T12:15:58Z","timestamp":1289909758000},"page":"773-782","source":"Crossref","is-referenced-by-count":7,"title":["Usable Security und Privacy"],"prefix":"10.1007","volume":"34","author":[{"given":"Simone","family":"Fischer-H\u00fcbner","sequence":"first","affiliation":[]},{"given":"Luigi","family":"Lo Iacono","sequence":"additional","affiliation":[]},{"given":"Sebastian","family":"M\u00f6ller","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2010,11,17]]},"reference":[{"key":"210_CR1","doi-asserted-by":"crossref","unstructured":"C. Andersson, J. Camenisch, S. Crane, S. Fischer-Hubner, R. Leenes, S. Pearson, J.S. Pettersson, D. Sommer: Trust in PRIME. Proceedings of the 5th IEEE Int. Symposium on Signal Processing and IT, December 18\u201321, 2005, Athens, Greece.","DOI":"10.1109\/ISSPIT.2005.1577157"},{"key":"210_CR2","unstructured":"N.B. Asher, J. Meyer, S. Moller, R. Englert: An Experimental System for Studying the Tradeoff between Usability and Security, in: Security and Usability (SECUSAB09), Workshop in the context of the Forth International Conference on Availability, Reliability and Security (AreS 2009), 16\u201319 Mar., Fukuoka, 2009."},{"key":"210_CR3","unstructured":"ARTIKEL 29-DATENSCHUTZGRUPPE, 11987\/04\/DE WP 100, Stellungnahme 10\/2004 zu einheitlicheren Bestimmungen uber Informationspflichten angenommen am 25. November 2004"},{"key":"210_CR4","doi-asserted-by":"crossref","unstructured":"N. Borisov, I. Goldberg, E. Brewer: Off-the-Record Communication, or, Why Not To Use PGP, Workshop on Privacy in the Electronic Society (WPES 2004), 2004.","DOI":"10.1145\/1029179.1029200"},{"key":"210_CR5","unstructured":"D. Chappell, Introducing Windows CardSpace, MSDN Article, April 2006. Online verfugbar unter: http:\/\/msdn.microsoft.com\/en-us\/library\/aa480189.aspx"},{"key":"210_CR6","unstructured":"The Common Criteria for Information Technology Security Evaluation, Version 3.1, Juli 2009. Online verfugbar unter: http:\/\/www.commoncriteriaportal.org\/"},{"key":"210_CR7","doi-asserted-by":"publisher","first-page":"93","DOI":"10.1007\/3-540-44987-6_7","volume":"2045","author":"J. Camenisch","year":"2001","unstructured":"J. Camenisch, A. Lysyanskaya: Efficient nontransferable anonymous multi-show credential system with optional anonymity revocation. In Advances in Cryptology \u2014 Eurocrypt 2001, volume 2045, pages 93\u2013118, 2001.","journal-title":"Advances in Cryptology \u2014 Eurocrypt 2001"},{"key":"210_CR8","unstructured":"2010 CWE\/SANS Top 25 Most Dangerous Programming Errors: http:\/\/cwe.mitre.org\/top25\/"},{"issue":"2","key":"210_CR9","doi-asserted-by":"publisher","first-page":"24","DOI":"10.1109\/MSP.2008.49","volume":"6","author":"R. Dhamija","year":"2008","unstructured":"R. Dhamija, L. Dusseault: The Seven Flaws of Identity Management: Usability and Security Challenges. IEEE Security and Privacy, vol. 6, no. 2, pp. 24\u201329, Mar\/Apr, 2008.","journal-title":"IEEE Security and Privacy"},{"key":"210_CR10","doi-asserted-by":"crossref","unstructured":"R. Dhamija, J. D. Tygar, M. Hearst: Why phishing works. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, 2006.","DOI":"10.1145\/1124772.1124861"},{"key":"210_CR11","unstructured":"A. Dey, S. Weis: Keyczar: A Cryptographic Toolkit, Technical Design Report, 2008. Available online at: http:\/\/keyczar.googlecode.com\/files\/keyczar05b.pdf"},{"key":"210_CR12","doi-asserted-by":"crossref","unstructured":"S. Egelman, L. Cranor, J. Hong: You\u2019ve Been Warned: An Empirical Study of the Effectiveness of Web browser Phishing Warnings. CH 2008 Proceedings, Florence\/Italy, April 5\u201310, 2008","DOI":"10.1145\/1357054.1357219"},{"key":"210_CR13","doi-asserted-by":"crossref","unstructured":"N. S. Good, A. Krekelberg: Usability and Privacy: A Study of Kazaa P2P File Sharing, in Proceedings of the ACM SIGCHI Conference on Human Factors in Computing Systems (CHI 2003), pp. 137\u2013144, 2003.","DOI":"10.1145\/642611.642636"},{"key":"210_CR14","doi-asserted-by":"crossref","unstructured":"S.Fischer-Hubner, S. Furnell, C. Lambrinoudakis, Exploring Trust, Security and Privacy in Digital Business, Transactions on Large Scale Data and Knowledge Centered Systems, Vol.1, No.1, published by Springer Verlag within the LNCS journal subline 5729, September 2009.","DOI":"10.1007\/978-3-642-03722-1_8"},{"key":"210_CR15","unstructured":"S. Fischer-Hubner, J. Nilsson. Trust and Assurance Control \u2014 UI Prototypes. PrimeLife Project Deliverable D4.2.1, June 2009."},{"key":"210_CR16","doi-asserted-by":"crossref","unstructured":"B. Fogg, J. Marshall, O. Laraki, A. Osipovich, C. Varma, N. Fang, J. Paul, A. Rangekar, J. Shon, P. Swani, M. Treinen: What makes web sites credible? a report on a large quantitative study. In Proceedings of the SIGCHI Conference on in Computing Systems, Seattle, 2001.","DOI":"10.1145\/365024.365037"},{"key":"210_CR17","unstructured":"N. Gruschka, L. Lo Iacono: Password Visualization Beyond Password Masking, INC 2010."},{"key":"210_CR18","doi-asserted-by":"publisher","first-page":"53","DOI":"10.1007\/978-3-642-13241-4_6","volume-title":"Communications and Multimedia Security","author":"Nils Gruschka","year":"2010","unstructured":"N. Gruschka, L. Lo Iacono: Security for XML Data Binding, CMS 2010, 2010."},{"key":"210_CR19","volume-title":"Mental Models","author":"D. Gentner","year":"1983","unstructured":"D. Gentner, A.L. Stevens. Mental Models. Hillsdale NJ: Lawrence Erlenbaum Associates, 1983."},{"key":"210_CR20","unstructured":"A. Herzog: Usable Security Policies for Runtime Environments, Linkoping Studies in Science and Technology, Dissertation No. 1075, 2007. Online verfugbar unter: http:\/\/www.ida.liu.se\/~almhe\/thesis\/tek-dr-1075-full-version.pdf"},{"key":"210_CR21","unstructured":"Imperva Application Defense Center: Consumer Password Worst Practices. Imperva 2010. Online verfugbar unter: http:\/\/www.imperva.com\/docs\/WP_Consumer_Password_Worst_Practices.pdf"},{"key":"210_CR22","unstructured":"Information Card: http:\/\/informationcard.net\/"},{"key":"210_CR23","unstructured":"Java Security, Online available at: http:\/\/java.sun.com\/javase\/technologies\/security\/"},{"key":"210_CR24","unstructured":"I. Jermyn, A. Mayer, F. Monrose, M. K. Reiter, and A. D. Rubin: The Design and Analysis of Graphical Passwords, in Proceedings of the 8th USENIX Security Symposium, 1999."},{"key":"210_CR25","doi-asserted-by":"crossref","unstructured":"C. Jackson, D. R. Simon, D. S. Tan, A. Barth: An evaluation of extended validation and picture-in-picture phishing attacks, 1st International Workshop on Usable Security, Heidelberg, 2007.","DOI":"10.1007\/978-3-540-77366-5_27"},{"key":"210_CR26","first-page":"273","volume":"1","author":"C.-M. Karat","year":"1989","unstructured":"C.-M. Karat: Iterative Usability Testing of a Security Application, in: Computer Systems: Approaches to User Interface Design. Proc. Of the Human Factors Society 33rd Annual Meeting, vol.1, pp.273\u2013277, 1989.","journal-title":"Computer Systems: Approaches to User Interface Design. Proc. Of the Human Factors Society 33rd Annual Meeting"},{"key":"210_CR27","first-page":"551","volume":"4","author":"S. Lichtenstein","year":"1978","unstructured":"S. Lichtenstein, P. Slovic, B. Fischhoff, M. Layman, B. Combs. Judged frequency of lethal events. Journal of Experimental Psychology: Human Learning and Memory, 4, 551\u2013578, 1978.","journal-title":"Journal of Experimental Psychology: Human Learning and Memory"},{"key":"210_CR28","unstructured":"R. Leenes, M. Lips, R. Poels, M. Hoogwout, M. User aspects of Privacy and Identity Management in Online Environments: towards a theoretical model of social factors. in PRIME Framework V1 (chapter 9), Editors: S. Fischer-Hubner et al., PRIME project Deliverable D14.1.a, June 2005."},{"key":"210_CR29","unstructured":"T. Moses: Extensible access control markup language (XACML) version 2.0, 2005. OASIS Standard."},{"key":"210_CR30","unstructured":"R. Marty: Applied Security Visualization, Addison-Wesley Professional, 2008."},{"key":"210_CR31","unstructured":"J. Nielsen: Stop Password Masking. http:\/\/www.useit.com\/alertbox\/passwords.html"},{"key":"210_CR32","doi-asserted-by":"publisher","first-page":"115","DOI":"10.1016\/B978-0-08-052029-2.50008-5","volume-title":"Usability Engineering","author":"JAKOB NIELSEN","year":"1993","unstructured":"J. Nielsen: Usability Engineering, Morgan Kaufmann Publisher Inc., 1993."},{"key":"210_CR33","unstructured":"OpenSocial: http:\/\/www.opensocial.org\/"},{"key":"210_CR34","doi-asserted-by":"crossref","unstructured":"J.S. Pettersson, S. Fischer-Hubner, N. Danielsson, J. Nilsson, M. Bergmann, S. Claus, Th. Kriegelstein, H. Krasemann: Making PRIME usable. SOUPS 2005 Symposium on Usable Privacy and Security, Carnegie Mellon University, July 6\u20138 July, 2005, Pittsburgh.","DOI":"10.1145\/1073001.1073007"},{"key":"210_CR35","doi-asserted-by":"publisher","first-page":"107","DOI":"10.1007\/978-3-540-40956-4_8","volume-title":"Privacy Enhancing Technologies","author":"Andrew S. Patrick","year":"2003","unstructured":"A.S. Patrick, S. Kenny: From Privacy Legislation to Interface Design: Implementing Information Privacy in Human-Computer Interaction. Privacy Enhancing Technologies Workshop (PET2003), Dresden\/Germany, 2003."},{"key":"210_CR36","doi-asserted-by":"crossref","unstructured":"A.S. Patrick, A.C. Long, S. Flinn: HCI and Security Systems, ACM SIGCHI Conference on Human Factors in Computing Systems (CHI 2003), Extended Abstracts (Workshops), 2003.","DOI":"10.1145\/765891.766146"},{"issue":"1","key":"210_CR37","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1111\/0272-4332.00001","volume":"20","author":"L. Sjoberg","year":"2000","unstructured":"L. Sjoberg: Factors in Risk Perception, Risk Analysis 20(1), pp. 1\u201312, 2000.","journal-title":"Risk Analysis"},{"key":"210_CR38","unstructured":"P. Schaar: Tatigkeitsbericht zum Datenschutz fur die Jahre 2007 und 2008, April 2009. Online verfugbar unter: http:\/\/www.bfdi.bund.de\/cln_134\/DE\/Oeffentlichkeitsarbeit\/Taetigkeitsberichte\/TB_node.html"},{"key":"210_CR39","unstructured":"B. Schneier: The Pros and Cons of Password Masking. http:\/\/www.schneier.com\/blog\/archives\/2009\/07\/theprosandco.html"},{"key":"210_CR40","doi-asserted-by":"publisher","first-page":"156","DOI":"10.1016\/S0022-5371(67)80067-7","volume":"6","author":"R.N. Shepard","year":"1967","unstructured":"R.N. Shepard: Recognition Memory for Words, Sentences, and Pictures, Journal of Verbal Learning and Verbal Behavior, vol. 6, pp. 156\u2013163, 1967.","journal-title":"Journal of Verbal Learning and Verbal Behavior"},{"key":"210_CR41","unstructured":"M. Stepp, Ch. Collberg: Browser-based Anti-Phishing Tools. In: Phishing and Countermeasures. Editors: Markus Jakobsson und Steven Myers, John Wiley & Sons, Inc. 2007."},{"key":"210_CR42","unstructured":"J. Sunshine, S. Egelman, H. Almuhimedi, N. Atri, L. F. Cranor: Crying Wolf: An Empirical Study of SSL Warning Effectiveness, in Proceedings of the 18th USENIX Security Symposium, 2009. Online verfugbar unter: http:\/\/www.usenix.org\/events\/sec09\/tech\/full_papers\/sunshine.pdf"},{"key":"210_CR43","doi-asserted-by":"crossref","unstructured":"C. Sandom, R. S. Harvey (Ed.): Human Factors for Engineers, The Institution of Engineering and Technology, 2004.","DOI":"10.1049\/PBNS032E"},{"key":"210_CR44","unstructured":"SPARCLE Workbench: http:\/\/domino.research.ibm.com\/comm\/research_projects.nsf\/pages\/sparcle.index.html"},{"key":"210_CR45","doi-asserted-by":"crossref","unstructured":"R. Stedman, K. Yoshida, I. Goldberg: A User Study of Off-the-Record Messaging, SOUPS Symposium on Usable Privacy and Security, Carnegie Mellon University, 2008, Pittsburgh.","DOI":"10.1145\/1408664.1408678"},{"key":"210_CR46","unstructured":"X. Suo, Y. Zhu, G S. Owen: Graphical Passwords: A Survey, 21st 2005 Annual Computer Security Applications Conference (ACSAC), 2005."},{"key":"210_CR47","unstructured":"UMU-XACML Editor: http:\/\/ants.dif.um.es\/designs\/nas_saml\/"},{"key":"210_CR48","unstructured":"VZ-Netzwerke prasentieren einmaliges OpenSocial Konzept mit umfassender Datenschutzlosung: http:\/\/blog.studivz.net\/2009\/12\/07\/vz-netzwerke-prasentiereneinmaliges-opensocial-konzept-mit-umfassender-datenschutzlosung\/"},{"key":"210_CR49","doi-asserted-by":"crossref","unstructured":"M. Wu, R. Miller, S. Garfinkel: Do Browser Toolbars Actually Prevent Phishing? In: Phishing and Countermeasures. Editors: Markus Jakobsson und Steven Myers, John Wiley & Sons, Inc. 2007.","DOI":"10.1145\/1124772.1124863"},{"key":"210_CR50","unstructured":"A. Whitten, J.D. Tygar: Why Jonny can\u2019t encrypt. A usability evaluation of PGP 5.0. Proceedings of the 8th Usenix Security Symposium. S. 164\u2013184, 1999."}],"container-title":["Datenschutz und Datensicherheit - DuD"],"original-title":[],"language":"de","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11623-010-0210-4.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s11623-010-0210-4\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11623-010-0210-4","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11623-010-0210-4.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,11,13]],"date-time":"2021-11-13T16:20:13Z","timestamp":1636820413000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s11623-010-0210-4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2010,11]]},"references-count":50,"journal-issue":{"issue":"11","published-print":{"date-parts":[[2010,11]]}},"alternative-id":["210"],"URL":"https:\/\/doi.org\/10.1007\/s11623-010-0210-4","relation":{},"ISSN":["1614-0702","1862-2607"],"issn-type":[{"value":"1614-0702","type":"print"},{"value":"1862-2607","type":"electronic"}],"subject":[],"published":{"date-parts":[[2010,11]]}}}