In 2014, we launched our open-access repository which offers full text access to conference proceedings from many of our events including the INC and HAISA series. These papers are free to access and distribute (subject to citing the source).
Tenth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2016)
Title: What Can Johnny Do?–Factors in an End-User Expertise Instrument
Author(s): Prashanth Rajivan, Pablo Moriano, Timothy Kelley, Linda Jean Camp
Keywords: Expertise, Security, Privacy, Psychometrics, Security Comprehension
Abstract: Security and computer expertise of end users can be significant predictors of user behaviour and interactions in the security and privacy context. Standardized, externally valid instruments for measuring end-user security expertise are non-existent. To address this need, we developed a questionnaire to identify critical factors that constitute expertise in end-users. It combines skills and knowledge based questions. Using exploratory factor analysis on the results from 898 participants from a range of populations, we identified 12 questions within 4 factors that correspond to computing and security expertise. Ordered logistic regression models were applied to measure efficacy of proposed security and computing factors in predicting user comprehension of security concepts (phishing and certificates). We conclude with a framework for informing future user-centered security expertise research.
Download count: 692
How to get this paper:
PDF copy of this paper is free to download. You may distribute this copy providing you cite this page as the source.