Number of co-authors:25
Number of publications with 3 favourite co-authors:Ivayla Dermendjieva:Hussein Yapit:Alexei Czeskis:
Tadayoshi Kohno's 3 most productive colleagues in number of publications:Gaetano Borriello:37James Fogarty:35Batya Friedman:34
go to course
Gestalt Psychology and Web Design: The Ultimate Guide
91% booked. Starts in 4 days
go to course
The Psychology of Online Sales: The Beginner's Guide
87% booked. Starts in 8 days
Marc Hassenzahl explains the fascinating concept of User Experience and Experience Design. Commentaries by Don Norman, Eric Reiss, Mark Blythe, and Whitney Hess
User Experience and Experience Design !
Our Latest Books
The Social Design of Technical Systems: Building technologies for communities. 2nd Edition
by Brian Whitworth and Adnan Ahmad
Gamification at Work: Designing Engaging Business Software
by Janaki Mythily Kumar and Mario Herger
The Social Design of Technical Systems: Building technologies for communities
by Brian Whitworth and Adnan Ahmad
The Encyclopedia of Human-Computer Interaction, 2nd Ed.
by Mads Soegaard and Rikke Friis Dam
Publications by Tadayoshi Kohno (bibliography)
Roesner, Franziska, Fogarty, James and Kohno, Tadayoshi (2012): User interface toolkit mechanisms for securing interface elements. In: Proceedings of the 2012 ACM Symposium on User Interface Software and Technology 2012. pp. 239-250. Available online
User interface toolkit research has traditionally assumed that developers have full control of an interface. This assumption is challenged by the mashup nature of many modern interfaces, in which different portions of a single interface are implemented by multiple, potentially mutually distrusting developers (e.g., an Android application embedding a third-party advertisement). We propose considering security as a primary goal for user interface toolkits. We motivate the need for security at this level by examining today's mashup scenarios, in which security and interface flexibility are not simultaneously achieved. We describe a security-aware user interface toolkit architecture that secures interface elements while providing developers with the flexibility and expressivity traditionally desired in a user interface toolkit. By challenging trust assumptions inherent in existing approaches, this architecture effectively addresses important interface-level security concerns.
© All rights reserved Roesner et al. and/or ACM Press
Czeskis, Alexei, Dermendjieva, Ivayla, Yapit, Hussein, Borning, Alan, Friedman, Batya, Gill, Brian and Kohno, Tadayoshi (2010): Parenting from the pocket: value tensions and technical directions for secure and private parent-teen mobile safety. In: Proceedings of the 2010 Symposium on Usable Privacy and Security 2010. p. 15. Available online
An increasing number of high-tech devices, such as driver monitoring systems and Internet usage monitoring tools, are advertised as useful or even necessary for good parenting of teens. Simultaneously, there is a growing market for mobile "personal safety" devices. As these trends merge, there will be significant implications for parent-teen relationships, affecting domains such as privacy, trust, and maturation. Not only the teen and his or her parents are affected; other important stakeholders include the teen's friends who may be unwittingly monitored. This problem space, with less clear-cut assets, risks, and affected parties, thus lies well outside of more typical computer security applications. To help understand this problem domain and what, if anything, should be built, we turn to the theory and methods of Value Sensitive Design, a systematic approach to designing for human values in technology. We first develop value scenarios that highlight potential issues, benefits, harms, and challenges. We then conducted semi-structured interviews with 18 participants (9 teens and their parents). Results show significant differences with respect to information about: 1) internal state (e.g., mood) versus external environment (e.g., location) state; 2) situation (e.g., emergency vs. non-emergency); and 3) awareness (e.g., notification vs. non-notification). The value scenario and interview results positioned us to identify key technical challenges -- such as strongly protecting the privacy of a teen's contextual information during ordinary situations but immediately exposing that information to others as appropriate in an emergency -- and corresponding architectural levers for these technologies. In addition to laying a foundation for future work in this area, this research serves as a prototypical example of using Value Sensitive Design to explicate the underlying human values in complex security domains.
© All rights reserved Czeskis et al. and/or their publisher
Denning, Tamara, Borning, Alan, Friedman, Batya, Gill, Brian T., Kohno, Tadayoshi and Maisel, William H. (2010): Patients, pacemakers, and implantable defibrillators: human values and security for wireless implantable medical devices. In: Proceedings of ACM CHI 2010 Conference on Human Factors in Computing Systems 2010. pp. 917-926. Available online
Implantable medical devices (IMDs) improve patients' quality of life and help sustain their lives. In this study, we explore patient views and values regarding their devices to inform the design of computer security for wireless IMDs. We interviewed 13 individuals with implanted cardiac devices. Key questions concerned the evaluation of 8 mockups of IMD security systems. Our results suggest that some systems that are technically viable are nonetheless undesirable to patients. Patients called out a number of values that affected their attitudes towards the systems, including perceived security, safety, freedom from unwanted cultural and historical associations, and self-image. In our analysis, we extend the Value Sensitive Design value dams and flows technique in order to suggest multiple, complementary systems; in our discussion, we highlight some of the usability, regulatory, and economic complexities that arise from offering multiple options. We conclude by offering design guidelines for future security systems for IMDs.
© All rights reserved Denning et al. and/or their publisher
Everitt, Katherine M., Bragin, Tanya, Fogarty, James and Kohno, Tadayoshi (2009): A comprehensive study of frequency, interference, and training of multiple graphical passwords. In: Proceedings of ACM CHI 2009 Conference on Human Factors in Computing Systems 2009. pp. 889-898. Available online
Graphical password systems have received significant attention as one potential solution to the need for more usable authentication, but nearly all prior work makes the unrealistic assumption of studying a single password. This paper presents the first study of multiple graphical passwords to systematically examine frequency of access to a graphical password, interference resulting from interleaving access to multiple graphical passwords, and patterns of access while training multiple graphical passwords. We find that all of these factors significantly impact the ease of authenticating using multiple facial graphical passwords. For example, participants who accessed four different graphical passwords per week were ten times more likely to completely fail to authenticate than participants who accessed a single password once per week. Our results underscore the need for more realistic evaluations of the use of multiple graphical passwords, have a number of implications for the adoption of graphical password systems, and provide a new basis for comparing proposed graphical password systems.
© All rights reserved Everitt et al. and/or ACM Press
Kohno, Tadayoshi (2008): An Interview with RFID Security Expert Ari Juels. In IEEE Pervasive Computing, 7 (1) pp. 10-11. Available online
Halperin, Daniel, Heydt-Benjamin, Thomas S., Fu, Kevin, Kohno, Tadayoshi and Maisel, William H. (2008): Security and Privacy for Implantable Medical Devices. In IEEE Pervasive Computing, 7 (1) pp. 30-39. Available online
Kriplean, Travis, Welbourne, Evan, Khoussainova, Nodira, Rastogi, Vibhor, Balazinska, Magdalena, Borriello, Gaetano, Kohno, Tadayoshi and Suciu, Dan (2007): Physical Access Control for Captured RFID Data. In IEEE Pervasive Computing, 6 (4) pp. 48-55. Available online
Viega, John, Kohno, Tadayoshi and Potter, Bruce (2001): Trust (and mistrust) in secure applications. In Communications of the ACM, 44 (2) pp. 31-36. Available online
Join our community and advance:
Page maintainer: The Editorial Team