Research Projects

A number of projects available (but not limited to) in the area of usable security and privacy are listed here:

Improving usability of security APIs: Software companies are placing more burden on the API (Application Programming Interface) developers to create usable security mechanisms as a result of continuing research into encouraging secure user behavior. Let's assume that API developers create an API which is read-only. Therefore, the application developer can only view information but cannot alter the information in the API's data under any circumstances. For example, API for stock market allows developers to request data (i.e. the value) on the current stock. However, what if the application developer can put in new data or change any of the records. It is vital that these security APIs (e.g. TLS, SHA or HTTPS) are designed with usability in mind, which enhance the overall programming user experience. On the other hand, programmers, who use APIs, are not the security experts in most cases. They are task oriented, which sometime negatively aects the security aspect of the application they develop with the use of APIs. The software development style can eect its application security developed by programmers in many ways. Therefore, it is worth designing and developing security APIs with usability in mind where non security experts can also utilize them within their applications (e.g. TLS, SHA or HTTPS).

However, we know to our cost that there is no such a systematic approach available to evaluate the usability of security APIs. While numerous denitions of the term usability have been suggested, the ISO 9241-11 usability standard defines the extent to which a product can be used by specied users to achieve specied goals with eectiveness, eciency and satisfaction in a specied context of use". Eectiveness is the user's ability to complete tasks using the system and the quality of the output. Eciency is the level of resources consumed by the system to perform the particular tasks. Satisfaction is the user's subjective reaction of performing given tasks in the system use or what the user thinks about the system's easy of use. In general, it is not an easy task to dene the usability of a particular system without exactly knowing its intended users, performing tasks, characteristics of the physical, social and organizational environments. Programmers make use of security APIs created by the API developers during their software development tasks within the organization. However, they have a lack of security expertise in most cases. Researchers and industry experts have stressed the mantra of "The User is the Enemy" in the computer systems security. On the other hand, security APIs research has been treated the programmer as the enemy in the banking industry. This is mainly because programmers concentrate solely on protecting secrets (e.g. developing encryption keys) of the APIs. However, there is a lack of research investigating how programmers make use of security APIs in the software development process. It is imperative to increase the security of the software application developed as well as the libraries utilized in the software development process. Therefore, this research attempts to develop a systematic approach to evaluate the usability of security APIs.

Improving the usability of security testing tools:In order to protect user privacy in software system, various authentication and authorization protocols have been introduced. With the increased adoption of such protocols, so far there is little work on investigating usability of security testing tools. The usability aspect is considered mostly for the protocol itself, but not for the security testing tools that are used to ensure the system is safe enough to be publicly exposed. There are security testing tools developed having common usability issues. In this research, various security testing tools that are used for testing authentication and authorization protocols would be considered to identify common design issues that have caused usability problems. Feedback will be taken from users during the experimental studies and improvements are suggested to x the usability problems in security testing tools. Furthermore, it is expected to improve the tools by xing these issues and evaluate again with the users for validating their suggestions. Based on the findings, a set of design guidelines is introduced for developers adhere to enhance the usability and security of testing tools.

A bespoke fall-back authentication mechanism as an extra layer of security: Republican vice presidential candidate Sarah Palin's Yahoo! email account was "hijacked" in the run-up to the 2008 US election. The \hacker" simply used the password reset prompt and answered her security questions. As reported, the Palin hack didn't require much technical skills. Instead, the hacker merely used social engineering techniques to reset Palin's password using her birth-date, ZIP code and information about where she met her spouse. The answers to these questions were easily accessible with a quick Google search. The simplicity of the attack, of course, does not make less impact of the crime and makes it no less illegal either. However, when setting up a user account, almost all the major companies (e.g., insurance, banks, health care industries, hospitals, post oces, educational institutions, Apple, eBay, etc.) still ask their clients to set up a security question.

Security questions (a.k.a., "personal knowledge questions", "secret questions" or "challenge questions" among other names) have been designed to provide an extra layer of security and verify that the person requesting access to her account. For example, as backup mechanism to reclaim a lost account of eBay (Fig. 1.). On-line service providers such as eBay and banks are used security questions to protect their clients against suspicious logins. Despite the pervasiveness of security questions among many on-line services, far less attention has been paid to their security and usability. Previous research has argued in their favour on the ground that security questions should be more memorable than passwords. Their arguments were based on two reasons. First, the cued recall task instead of the free recall task: the presence of a security question makes the retrival of information from one's memory is assisted by the provision of cues. Second, the information being asked for is something users naturally recall rather than a secret stored explicitly for verication. However, security wise, previous studies have revealed potential weaknesses of security questions based on laboratory-based experiments and analysis as well as large-scale empirical data analysis of security questions based on the deployment at Google.

Alternate email accounts are already in use by some on-line services such as Amazon to authenticate users who have forgotten their passwords. For example, via a code sent to an alternate email address created at the time of the registration with the on-line service provider. Even if the user provided the alternate email address, this address may expire when the user changes her aliations such as job, organisation, institution, school, or Internet Service Provider (ISP). Likewise, login information loss could occur in case the user stored her password on her oce computer and used her organisational email address as the backup authenticator and then lost her job. On the other hand, web-mail service providers such as Yahoo!, Google, Microsoft, and AOL cannot always ask their users to register with alternate email addresses, because many of their users employ their email accounts as a primary email address and may not have another dependable email account for them to use as a backup authenticator. Even if their users managed to provide with alternate email addresses, chances are high to forget them as alternate email addresses are not being frequently used.

The SMS based account recovery mechanism, authentication code via SMS messages sent to the mobile telephone, is the other alternative currently in use as a secondary authentication factor by some on-line services such as bank. Verifying users credentials using mobile phone is attractive, because of the mobility feature such as mobility of the user, mobility of the device, and mobility of the service. However, this mobility feature itself could oppose security, for example, SMS messages may fail if the user does not have access to their mobile telephones while travelling overseas. On the other hand, mobile telephones are not only prone to get stolen and lost but also frequently shared among family and peers.

The capability to verify the user identity when an account hijacking attempt has occurred is an integral part of the login risk analysis system. Google researchers along with academics have revealed that current security questions are neither secure nor reliable enough to be used as a backup mechanism to reclaim a lost account. Their argument was security questions suer from a fundamental aw of usable security: the security questions and their answers are either

somewhat secure or usable, but rarely both. They also stressed that security questions can still be useful when the risk level is considered low. To design a better extra level of security, it is worth understanding the strength of the answers users provided for security questions. This research asks how one can design and develop a bespoke fall-back authentication mechanism as an extra layer of security. Initially, we will measure the strength of answers given to security questions

and then provides a set of guidelines to design an interface called "secret question meter" based on the mMnemonicCuesnemonic cues. The "secret question meter" interface provides visual feedback on the strength of answers given in security questions to nudge users towards stronger answers. The visual representation of answers' strength to security questions is often presented as a coloured bar on screen. Our "secret question meter" interface provides suggestions to assist users in selecting strong security questions and their answers.

Conceptualizing teens' privacy in the technology-filled world: Teens and their parents predominantly assume the use of the Internet enriches their social life and academic work. On the other hand, there are aspects of the Internet that cause strain and make teens and their parents worry that these technologies are not unbenecial in teens' lives. Researchers have stressed that this description of teens' on-line life is still valid but remarkably resonant today.

Internet technology is so pervasive today that it provides the backbone for modern living enabling teens to chat, socialize, and be entertained and educated in the digital world. However, the complexity of teens' on-line interactions has increased dramatically due to the vast adoption of social media and mobile devices. As reported by the Pew Internet Project in 2013, eight in ten on-line teens use social media websites. Previous research has revealed that teens share a plethora of sensitive personal information about themselves on social media website than they did in the past. Of course, it is true that those websites are designed to encourage the sharing of information and the expansion of networks. However, as teens' reliance on the social media and mobile devices through the Internet grows, so does the possibility of their privacy invasion and other security breaches. When teens are on-line, they are likely to experiments in ways they typically wouldn't face-to-face, including who they talk with and what they talk about. This may cause to increase their risk of being vulnerable towards privacy exploitation. For example, a teen sharing personal information about her/his insecurities, or problems that worries, with somebody on-line who s/he doesn't know well. This may end up with teens particularly being vulnerable to individuals who may be seeking opportunities to take advantage of them. Teens' on-line conversations may initially appear as harmless, friendly banter but progress to sexual exploitation.

To design better privacy solutions and educational interventions, it is worth understanding how teens make privacy decisions, and characterize the privacy risks that result from these decisions. We believe designing better privacy solutions and educational interventions can contribute to make the cyberspace a safer place for every teen. Therefore, this proposal investigates how teens conceptualize privacy in the technology-lled world.

Privacy-preserving e-healthcare system: The e-healthcare system has recently been considered one of the major advancements in healthcare industry. For example, a personally controlled electronic health record (PCEHR) system is proposed by the Australian government to build the healthcare system more agile, secure, and sustainable. Although existing e-health systems claim that the patients can only access their electronic records, healthcare professionals and system/database operators may happen to access the patients electronic health record information. The conventional methods for preserving the privacy of healthcare systems entirely trust the system operators. Therefore, the health related information is vulnerable to be exploited by even the authorised personnel in an immoral/unethical way. Furthermore, issues such as the absolute number of healthcare records, their sensitive nature, exible access, and ecient user revocation have remained the most vital challenges towards ne-grained, cryptographically enforced data access control.

On the other hand, the rapid growth and enormous adoption of e-healthcare systems have transformed Web to a platform for communication and social interaction. Although e-healthcare systems have been designed and developed with a goal of sharing information, many users struggle to appropriately manage and share their information via existing information systems. Most existing e-health systems dene privacy either as private/ public dichotomy or in terms of a network of friends relationship; in which, all friends are treated equal and all relationships are mutual. These systems fail to support the privacy expectations that non-technical users bring from their real life experiences.

support the privacy expectations that non-technical users bring from their real life experiences. Sharing health information in on-line social networks (OSNs) has been shown to be benecial for people with various health conditions. People can benet from sharing their health information in OSNs in a number of ways including take part in social support, share their experiences and self-management education. Despite the acquired benets, people consider their health issues to be more personal and sensitive in nature, and raised privacy concerns when it comes to sharing health information with others. Furthermore, sharing health information has been shown to be vulnerable to dierent attacks, for example, users health information might be exposed to un-intended disclosure, resulting in privacy invasion, data re-identication and medical data misuse. Therefore, to protect patients privacy and create a sustainable health information-sharing environment, privacy-preserving features/functionalities could be implemented in OSNs.

From a scientic and technological point of view, there are several challenges that need to be addressed to make e-healthcare systems an enabling means to address privacy problems. Of special interests are implementations that demonstrate novel applications addressing privacy-preserving features/functionalities in e-healthcare systems.

Usable access control games:Previous research has ensured that technology alone is insucient to combat critical IT security issues. Little work in cyber security has addressed `user awareness' as a means of protecting computer users against cyber threats. The application of security policies for computer systems into mechanisms of access control is vital as well as a varied eld within computer security. The primary goal of any access control mechanism is to provide a veriable system for ensuring the protection of information from unauthorized access as outlined in one or more security policies. I propose a game design framework, which enhances the individuals' behavior through their motivation to adhere to best practices when setting up access controls. The motivation for this work is that existing security mechanisms have been partially successful in promoting security solutions, however, in many instances these controls are less than perfect, and are used instead of a more appropriate set of controls. It has recently been shown that a considerable attention has paid to researching and addressing the security issues related to individuals, commercial and civilian government organizations. Those individuals and organizations rely heavily on information processing systems to meet their customers operational, nancial, and information technology needs. Therefore, Condentiality, Integrity, Availability (CIA) of key software systems, databases, and data networks are major concerns throughout all sectors. I argue that the corruption,unauthorized observation or disclosure, or theft of corporate resources could interrupt an organization's smooth operations and have immediate, serious nancial, legal, human safety, personal privacy and public condence impact. My approach will be rstly to develop a game design framework, parameterized by the individual's or organization's own circumstances. The developed game design framework will be informed by an empirical investigation (e.g., Human-Centered Design), and validated through interviews/ questionnaire surveys with a considerable sample of representative individuals. Secondly, I will use the elements of the framework to develop a game for both the mobile and desktop platforms, which allows the individual to enhance their behavior though motivation to adhere to best practices when setting up access controls. Previous research revealed that games based education and training could facilitate to embed learning and training in a natural environment. Therefore, my proposed work is based on the notion that not only can a computer game provide an education and training, but also games potentially provide a better learning and training environment, because game based education and training motivate the user and keep attention by providing immediate feedback. Finally, adopting an iterative approach as the game develops, I will undertake user trials to evaluate both the usability of the game and its eectiveness in setting up access controls in a real world environment.

Key contact

(+61) 424 457 049
nalin.asanka@adfa.edu.au