Number of co-authors:22
Number of publications with 3 favourite co-authors:Erika Chin:2Adrienne Porter Felt:2Akshay Krishnamurthy:1
David Wagner's 3 most productive colleagues in number of publications:Barbara Simons:18Serge Egelman:13Aviel D. Rubin:11
go to course
User-Centred Design - Module 2
92% booked. Starts in 3 days
go to course
Design Thinking: The Beginner's Guide
91% booked. Starts in 4 days
Marc Hassenzahl explains the fascinating concept of User Experience and Experience Design. Commentaries by Don Norman, Eric Reiss, Mark Blythe, and Whitney Hess
User Experience and Experience Design !
Our Latest Books
The Social Design of Technical Systems: Building technologies for communities. 2nd Edition
by Brian Whitworth and Adnan Ahmad
Gamification at Work: Designing Engaging Business Software
by Janaki Mythily Kumar and Mario Herger
The Social Design of Technical Systems: Building technologies for communities
by Brian Whitworth and Adnan Ahmad
The Encyclopedia of Human-Computer Interaction, 2nd Ed.
by Mads Soegaard and Rikke Friis Dam
Publications by David Wagner (bibliography)
Chin, Erika, Felt, Adrienne Porter, Sekar, Vyas and Wagner, David (2012): Measuring user confidence in smartphone security and privacy. In: Proceedings of the 2012 Symposium on Usable Privacy and Security 2012. p. 1.
In order to direct and build an effective, secure mobile ecosystem, we must first understand user attitudes toward security and privacy for smartphones and how they may differ from attitudes toward more traditional computing systems. What are users' comfort levels in performing different tasks? How do users select applications? What are their overall perceptions of the platform? This understanding will help inform the design of more secure smartphones that will enable users to safely and confidently benefit from the potential and convenience offered by mobile platforms. To gain insight into user perceptions of smartphone security and installation habits, we conduct a user study involving 60 smartphone users. First, we interview users about their willingness to perform certain tasks on their smartphones to test the hypothesis that people currently avoid using their phones due to privacy and security concerns. Second, we analyze why and how they select applications, which provides information about how users decide to trust applications. Based on our findings, we present recommendations and opportunities for services that will help users safely and confidently use mobile applications and platforms.
© All rights reserved Chin et al. and/or their publisher
Felt, Adrienne Porter, Ha, Elizabeth, Egelman, Serge, Haney, Ariel, Chin, Erika and Wagner, David (2012): Android permissions: user attention, comprehension, and behavior. In: Proceedings of the 2012 Symposium on Usable Privacy and Security 2012. p. 3.
Android's permission system is intended to inform users about the risks of installing applications. When a user installs an application, he or she has the opportunity to review the application's permission requests and cancel the installation if the permissions are excessive or objectionable. We examine whether the Android permission system is effective at warning users. In particular, we evaluate whether Android users pay attention to, understand, and act on permission information during installation. We performed two usability studies: an Internet survey of 308 Android users, and a laboratory study wherein we interviewed and observed 25 Android users. Study participants displayed low attention and comprehension rates: both the Internet survey and laboratory study found that 17% of participants paid attention to permissions during installation, and only 3% of Internet survey respondents could correctly answer all three permission comprehension questions. This indicates that current Android permission warnings do not help most users make correct security decisions. However, a notable minority of users demonstrated both awareness of permission warnings and reasonable rates of comprehension. We present recommendations for improving user attention and comprehension, as well as identify open challenges.
© All rights reserved Felt et al. and/or their publisher
Krishnamurthy, Akshay, Mettler, Adrian and Wagner, David (2010): Fine-grained privilege separation for web applications. In: Proceedings of the 2010 International Conference on the World Wide Web 2010. pp. 551-560.
We present a programming model for building web applications with security properties that can be confidently verified during a security review. In our model, applications are divided into isolated, privilege-separated components, enabling rich security policies to be enforced in a way that can be checked by reviewers. In our model, the web framework enforces privilege separation and isolation of web applications by requiring the use of an object-capability language and providing interfaces that expose limited, explicitly-specified privileges to application components. This approach restricts what each component of the application can do and quarantines buggy or compromised code. It also provides a way to more safely integrate third-party, less-trusted code into a web application. We have implemented a prototype of this model based upon the Java Servlet framework and used it to build a webmail application. Our experience with this example suggests that the approach is viable and helpful at establishing reviewable application-specific security properties.
© All rights reserved Krishnamurthy et al. and/or their publisher
Karlof, Chris, Tygar, J. D. and Wagner, David (2009): Conditioned-safe ceremonies and a user study of an application to web authentication. In: Proceedings of the 2009 Symposium on Usable Privacy and Security 2009. p. 38.
Coney, Lillie, Hall, Joseph Lorenzo, Vora, Poorvi L. and Wagner, David (2005): Towards a privacy measurement criterion for voting systems. In: Delcambre, Lois M. L. and Giuliano, Genevieve (eds.) DG.O 2005 - Proceedings of the 2005 National Conference on Digital Government Research May 15-18, 2005, Atlanta, Georgia, USA. pp. 287-288.
Jefferson, David, Rubin, Aviel D., Simons, Barbara and Wagner, David (2004): Analyzing internet voting security. In Communications of the ACM, 47 (10) pp. 59-64.
Perrig, Adrian, Stankovic, John A. and Wagner, David (2004): Security in wireless sensor networks. In Communications of the ACM, 47 (6) pp. 53-57.
Cam-Winget, Nancy, Housley, Russell, Wagner, David and Walker, Jesse (2003): Security flaws in 802.11 data link protocols. In Communications of the ACM, 46 (5) pp. 35-39.
Goldberg, Ian and Wagner, David (1998): TAZ Servers and the Rewebber Network: Enabling Anonymous Publishing on the World Wide Web. In First Monday, 3 (4) .
Join our community and advance:
Changes to this page (author)23 Nov 2012: Modified23 Nov 2012: Modified
03 Nov 2010: Modified
08 Sep 2009: Modified
18 Aug 2009: Modified
17 Aug 2009: Modified
17 Aug 2009: Modified
19 Jun 2009: Modified
31 May 2009: Added
Page maintainer: The Editorial Team