Security When People Matter: Structuring Incentives For User Behavior
Wash, Rick; MacKie-Mason, Jeffrey K.
2007
Citation
International Conference on Electronic Commerce (ICEC'07), Minneapolis, MN, 19-22 August 2007. <http://hdl.handle.net/2027.42/55773>
Abstract
Humans are “smart components” in a system, but cannot be directly programmed to perform; rather, their autonomy must be respected as a design constraint and incentives provided to induce desired behavior. Sometimes these incentives are properly aligned, and the humans don’t represent a vulnerability. But often, a misalignment of incentives causes a weakness in the system that can be exploited by clever attackers. Incentive-centered design tools help us understand these problems, and provide design principles to alleviate them. We describe incentive-centered design and some tools it provides. We provide a number of examples of security problems for which Incentive Centered Design might be helpful. We elaborate with a general screening model that offers strong design principles for a class of security problems.Types
Article
Metadata
Show full item recordAccessibility: If you are unable to use this file in its current format, please select the Contact Us link and we can modify it to make it more accessible to you.