Skip to main content
Top

2019 | OriginalPaper | Chapter

Privacy and Power Implications of Web Location of Personal Data Authenticators

Author : Kirsten E. Richards

Published in: HCI for Cybersecurity, Privacy and Trust

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config
loading …

Abstract

Knowledge of personal data enjoys a long history of use in authentication. Given expanding personal data availability, authentication systems are at risk from sharing data online. This study explores the discoverability of the data – specifically, whether individuals tasked with finding the data were able to accurately identify it using public online sources. The location of successfully located data reveals patterns of data availability and demonstrates vulnerabilities of personal data, which inform current and future models of authentication from a human computer interaction (HCI) perspective. Data location suggests the control users exert of their personal data availability in the United States. The impact of personal control is vital to understanding privacy behaviors, human computer interaction around privacy and authentication, building usable authenticators, and providing meaningful advances in security and privacy.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Literature
1.
go back to reference Schneier, B.: Schneier on security: privacy and control. J. Priv. Confidentiality 2(1), 3–4 (2010) Schneier, B.: Schneier on security: privacy and control. J. Priv. Confidentiality 2(1), 3–4 (2010)
2.
go back to reference Richards, K.E.: Risk analysis of the discoverability of personal data used for primary and secondary authentication. University of Maryland Baltimore County, MD, US (2017) Richards, K.E.: Risk analysis of the discoverability of personal data used for primary and secondary authentication. University of Maryland Baltimore County, MD, US (2017)
3.
go back to reference Reeder, R., Schechter, S.: When the password doesn’t work: secondary authentication for websites. IEEE Secur. Priv. Mag. 9(2), 43 (2011)CrossRef Reeder, R., Schechter, S.: When the password doesn’t work: secondary authentication for websites. IEEE Secur. Priv. Mag. 9(2), 43 (2011)CrossRef
5.
go back to reference Beldad, A., de Jong, M., Steehouder, M.: A comprehensive theoretical framework for personal information-related behaviors on the internet. Inf. Soc. 27(4), 220–232 (2011)CrossRef Beldad, A., de Jong, M., Steehouder, M.: A comprehensive theoretical framework for personal information-related behaviors on the internet. Inf. Soc. 27(4), 220–232 (2011)CrossRef
6.
go back to reference Schau, H.J., Gilly, M.C.: We are what we post? Self-presentation in personal web space. J. Consum. Res. 30(3), 385–404 (2003)CrossRef Schau, H.J., Gilly, M.C.: We are what we post? Self-presentation in personal web space. J. Consum. Res. 30(3), 385–404 (2003)CrossRef
7.
go back to reference van Dijck, J.: ‘You have one identity’: performing the self on Facebook and LinkedIn. Media Cult. Soc. 35(2), 199–215 (2013)CrossRef van Dijck, J.: ‘You have one identity’: performing the self on Facebook and LinkedIn. Media Cult. Soc. 35(2), 199–215 (2013)CrossRef
8.
go back to reference Lindamood, J., et al.: Inferring private information using social network data. In: Proceedings of the 18th International Conference on World Wide Web, pp. 1145–1146. ACM, Madrid (2009) Lindamood, J., et al.: Inferring private information using social network data. In: Proceedings of the 18th International Conference on World Wide Web, pp. 1145–1146. ACM, Madrid (2009)
11.
go back to reference Rabkin, A.: Personal knowledge questions for fallback authentication. In: ACM International Conference Proceeding Series, p. 13 (2008) Rabkin, A.: Personal knowledge questions for fallback authentication. In: ACM International Conference Proceeding Series, p. 13 (2008)
12.
go back to reference Oravec, J.A.: Deconstructing “personal privacy” in an age of social media: information control and reputation mangement dimensions. Int. J. Acad. Bus. World 6(1), 95–104 (2012) Oravec, J.A.: Deconstructing “personal privacy” in an age of social media: information control and reputation mangement dimensions. Int. J. Acad. Bus. World 6(1), 95–104 (2012)
13.
go back to reference Dlamini, M.T., Eloff, J.P., Eloff, M.M.: Information security: the moving target. Comput. Secur. 28(3/4), 189–198 (2009)CrossRef Dlamini, M.T., Eloff, J.P., Eloff, M.M.: Information security: the moving target. Comput. Secur. 28(3/4), 189–198 (2009)CrossRef
14.
go back to reference Pavlou, P.A.: State of the information privacy literature: where are we now and where should we go? MIS Q. 35(4), 977–988 (2011)CrossRef Pavlou, P.A.: State of the information privacy literature: where are we now and where should we go? MIS Q. 35(4), 977–988 (2011)CrossRef
15.
go back to reference Bonneau, J., et al.: The quest to replace passwords: a framework for comparative evaluation of web authentication schemes. In: IEEE Symposium on Security and Privacy, pp. 553–567 (2012) Bonneau, J., et al.: The quest to replace passwords: a framework for comparative evaluation of web authentication schemes. In: IEEE Symposium on Security and Privacy, pp. 553–567 (2012)
16.
go back to reference Brown, A.S., et al.: Generating and remembering passwords. Appl. Cogn. Psychol. 18(6), 641–651 (2004)CrossRef Brown, A.S., et al.: Generating and remembering passwords. Appl. Cogn. Psychol. 18(6), 641–651 (2004)CrossRef
17.
go back to reference Vu, K.-P.L., et al.: Improving password security and memorability to protect personal and organizational information. Int. J. Hum Comput Stud. 65(8), 744–757 (2007)CrossRef Vu, K.-P.L., et al.: Improving password security and memorability to protect personal and organizational information. Int. J. Hum Comput Stud. 65(8), 744–757 (2007)CrossRef
18.
go back to reference Sasse, M., Brostoff, S., Weirich, D.: Transforming the ‘weakest link’ a human-computer interaction approach to usable and effective security. BT Technol. J. 19(3) (2001) Sasse, M., Brostoff, S., Weirich, D.: Transforming the ‘weakest link’ a human-computer interaction approach to usable and effective security. BT Technol. J. 19(3) (2001)
19.
go back to reference Polakis, I., et al.: All your face are belong to us: breaking Facebook’s social authentication. In: Proceedings of the 28th Annual Computer Security Applications Conference, pp. 399–408. ACM, Orlando (2012) Polakis, I., et al.: All your face are belong to us: breaking Facebook’s social authentication. In: Proceedings of the 28th Annual Computer Security Applications Conference, pp. 399–408. ACM, Orlando (2012)
20.
go back to reference Madejski, M., Johnson, M., Bellovin, S.M.: A study of privacy settings errors in an online social network. In: 2012 IEEE International Conference on Pervasive Computing & Communications Workshops, p. 340 (2012) Madejski, M., Johnson, M., Bellovin, S.M.: A study of privacy settings errors in an online social network. In: 2012 IEEE International Conference on Pervasive Computing & Communications Workshops, p. 340 (2012)
21.
go back to reference Il-Horn, H., et al.: Overcoming online information privacy concerns: an information-processing theory approach. J. Manag. Inf. Syst. 24(2), 13–42 (2007)CrossRef Il-Horn, H., et al.: Overcoming online information privacy concerns: an information-processing theory approach. J. Manag. Inf. Syst. 24(2), 13–42 (2007)CrossRef
23.
go back to reference Lo, B.: Sharing clinical trial data: maximizing benefits, minimizing riskbenefits and risks of sharing clinical trial databenefits and risks of sharing clinical trial data. JAMA 313(8), 793–794 (2015)CrossRef Lo, B.: Sharing clinical trial data: maximizing benefits, minimizing riskbenefits and risks of sharing clinical trial databenefits and risks of sharing clinical trial data. JAMA 313(8), 793–794 (2015)CrossRef
24.
go back to reference Benson, V., Saridakis, G., Tennakoon, H.: Information disclosure of social media users: Does control over personal information, user awareness and security notices matter? Inf. Technol. People 28(3), 426–441 (2015)CrossRef Benson, V., Saridakis, G., Tennakoon, H.: Information disclosure of social media users: Does control over personal information, user awareness and security notices matter? Inf. Technol. People 28(3), 426–441 (2015)CrossRef
25.
go back to reference Schechter, S., Brush, A.J.B., Egelman, S.: Its o secret: measuring the reliability of authentication via ‘secret’ questions. In: Proceedings of the 2009 30th IEEE Symposium on Security and Privacy, pp. 375–390 (2009) Schechter, S., Brush, A.J.B., Egelman, S.: Its o secret: measuring the reliability of authentication via ‘secret’ questions. In: Proceedings of the 2009 30th IEEE Symposium on Security and Privacy, pp. 375–390 (2009)
26.
go back to reference Brenner, J., Smith, A.: 72% of online adults are social networking site users. Pew Internet & American Life Project, Washington, DC (2013) Brenner, J., Smith, A.: 72% of online adults are social networking site users. Pew Internet & American Life Project, Washington, DC (2013)
Metadata
Title
Privacy and Power Implications of Web Location of Personal Data Authenticators
Author
Kirsten E. Richards
Copyright Year
2019
DOI
https://doi.org/10.1007/978-3-030-22351-9_30