As the Internet of Things (IoT) technology continues to grow, more and more people with no technical expertise are demanding the ability to get the most out of smart devices according to their level of knowledge. To meet user needs, task automation systems (TAS) are used to customize the behavior of IoT devices by defining trigger-action rules. However, while TASs allow different types of behavior to be defined, they do not address the aspects that can make smart devices vulnerable to security and privacy threats. To truly democratize cybersecurity in smart environments, TAS should enable end users (both experts and novices) to protect their devices from external threats. To design TASs that are effective for both types of users, it is necessary to investigate how they differ in the definition of rules in natural language. This research aims to contribute to this issue by investigating the mental models of cybersecurity novices and experts when faced with the need to protect their smart environment from security and privacy threats through the definition of security-oriented rules.

Democratizing Cybersecurity in Smart Environments: Investigating the Mental Models of Novices and Experts

Breve B.;Deufemia V.
2023-01-01

Abstract

As the Internet of Things (IoT) technology continues to grow, more and more people with no technical expertise are demanding the ability to get the most out of smart devices according to their level of knowledge. To meet user needs, task automation systems (TAS) are used to customize the behavior of IoT devices by defining trigger-action rules. However, while TASs allow different types of behavior to be defined, they do not address the aspects that can make smart devices vulnerable to security and privacy threats. To truly democratize cybersecurity in smart environments, TAS should enable end users (both experts and novices) to protect their devices from external threats. To design TASs that are effective for both types of users, it is necessary to investigate how they differ in the definition of rules in natural language. This research aims to contribute to this issue by investigating the mental models of cybersecurity novices and experts when faced with the need to protect their smart environment from security and privacy threats through the definition of security-oriented rules.
2023
978-3-031-34432-9
978-3-031-34433-6
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11386/4854092
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 2
  • ???jsp.display-item.citation.isi??? ND
social impact