ATHENE
National Research Center for Applied Cyber Security (ATHENE)

SecUrban

The ATHENE research mission Secure, Urban Infrastructures, or SecUrban for short, is concerned with safety-critical infrastructures in smart cities. In particular, the FAI is researching the interactions of safety (operational safety) and security (attack security) that result from networking in a smart city. To this end, a stakeholder and infrastructure analysis is first conducted. Subsequently, iterative solutions will be developed for selected application scenarios and evaluated with the corresponding target group. These solutions are intended to help support security and restore it as quickly as possible in the event of an emergency, so that a smart city can return to its normal state as quickly as possible.

Duration: 01.2020 – 12.2023

Cooperation partners: Prof. Reuter, Prof. Mühlhäuser and Prof. Hollick from the Department of Informatics at TU Darmstadt, Prof. Shulman from Fraunhofer SIT, and Mr. Kirchbuchner from Fraunhofer IGD

CRISP-SaL4 (completed)

The aim of the research project in CRISP SaL4 is to develop robust and resilient systems, i.e. systems that are adaptable to different contexts. The FAI investigates the security perception of users with regard to self-learning systems and develops a user interface on this basis together with the project partners, which is evaluated iteratively in studies.

Duration: 06.2018 – 05.2021

Cooperation partners: Prof. Katzenbeißer , Prof. Rinderknecht, Prof. Buxmann

CRISP-SaL3 (completed)

The aim of the research project in CRISP SaL3 is to develop a secure and privacy-friendly concept for a smart home system. The FAI investigates the mental models of users and their requirements for smart homes and smart home interfaces. Measures and mock-ups are then developed on the basis of the users' ideas and needs, which are iteratively evaluated in studies.

Duration: 06.2017 – 05.2020

Cooperation partners: Prof. Mühlhäuser (TU Darmstadt), Dr.-Ing. Andreas Braun (Fraunhofer IGD)

CRISP-SaL2 (completed)

In this subproject of CRISP SaL2, a technical concept as well as mock-ups for a user-friendly interface are being developed that will enable the final users to communicate with each other confidentially and authentically by using encrypted e-mails, also via mobile devices. FAI's focus is on researching and designing secure and user-friendly authentication. In the development of the concept and the mockups, the “Human Centered Security by Design”-approach is used, which combines security by design and usability by design elements.

Duration: 08.2016 – 07.2018

Cooperation partners: Prof. Volkamer (Karlsruher Institut für Technologie), Dipl.-Inform. Michael Herfert (Fraunhofer SIT)

CRISP-SaL1 (completed)

The aim of the project in CRISP SaL1 is to determine how users can delegate the protection of their privacy, their data, and their end devices to a trustworthy entity (an individual, an institution, or a device). From a psychological perspective, the project will investigate and determine whom or which institutions users trust sufficiently under which conditions to delegate the protection of their own privacy to them.

Duration: 10.2015 – 09.2017

Cooperation partners: Prof. Volkamer (Karlsruher Institut für Technologie)

Publications

  • Zimmermann, V. & Gerber, N. (2020) The password is dead, long live the password – A laboratory study on user perceptions of authentication schemes, International Journal of Human-Computer Studies (IJHCS), 133, 26-44, https://doi.org/10.1016/j.ijhcs.2019.08.006
  • Zimmermann, V., Dickhaut, E., Gerber, P. & Vogt, J. (2019). Vision: Shining Light on Smart Homes – Supporting Informed Decision-Making of End Users. EuroUSEC 2019
  • Renaud, K. & Zimmermann, V. (2019, June). Encouraging Password Manager Reuse. Network Security.
  • Zimmermann, V. & Renaud, K. (2019). Moving from a “Human-as-Problem” to a “Human-as-Solution” Cybersecurity Mindset., International Journal of Human-Computer Studies (IJHCS), 131, 169-187, https://doi.org/10.1016/j.ijhcs.2019.05.005
  • Zimmermann, V., Gerber, N., Mayer, P., Kleboth, M., von Preuschen, A. & Schmidt, K. (2019). Keep on rating – on the systematic rating and comparison of authentication schemes. Information and Computer Security.
  • Zimmermann, V., Bennighof, M., Edel, M., Hofmann, O., Jung, J., & von Wick, M. (2018). ‘Home, Smart Home’–Exploring End Users’ Mental Models of Smart Homes. Mensch und Computer 2018-Workshopband.
  • Gerber, N., Gerber, P., Volkamer, M. (2018). Explaining the privacy paradox: A systematic review of literature investigating privacy attitude and behavior. In: Computers & Security, Volume 77, pp. 226 – 261. doi: 10.1016/j.cose.2018.04.002
  • Zimmermann, V., Gerber, N., Kleboth, M, von Preuschen, A., Schmidt, K. & Mayer, P. (2018). The Quest to Replace Passwords Revisited – Rating Authentication Schemes. HAISA 2018.
  • Gerber, N., Zimmermann, V., Henhapl, B., Emeröz, S.& Volkamer, M. (2018). Finally Johnny Can Encrypt. But Does This Make Him Feel More Secure? In 13th International Conference on Availability, Reliability and Security. ARES 2018.
  • Gerber, P., Ghiglieri, M., Henhapl, B., Kulyk, O., Marky, K., Mayer, P., Reinheimer, B., Volkamer, M. (2018). Human Factors in Security. In: Reuter C. (eds) Sicherheitskritische Mensch-Computer-Interaktion. pp. 83-98. Springer Vieweg, Wiesbaden. doi: 10.1007/978-3-658-19523-6_5
  • Renaud, K. & Zimmermann, V. (2018). Ethical Guidelines for Nudging in Information Security & Privacy. International Journal of Human-Computer Studies (IJHCS).
  • Renaud, K., & Zimmermann, V. (2018). Nudging folks towards stronger password choices: Providing certainty is the key. Behavioural Public Policy. doi:10.1017/bpp.2018.3.
  • Renaud, K. & Zimmermann, V. (2018). Guidelines For Ethical Nudging In Password Authentication. SAIEE Africa Research Journal, 109(2), pp.101-117.
  • Renaud, K., Maguire, J., Zimmermann, V., Draper, S. (2017). Lessons Learned from Evaluating Eight Password Nudges in the Wild. In LASER 2017.
  • Zimmermann, V., Henhapl, B., Gerber, N., & Enzmann, M. (2017). Promoting Secure Email Communication and Authentication. Mensch und Computer 2017. Workshopband.
  • Gerber, N., & Zimmermann, V. (2017). Security vs. privacy? User preferences regarding text passwords and biometric authentication. Mensch und Computer 2017. Workshopband.
  • Renaud, K., & Zimmermann, V. (2017). Enriched Nudges Lead to Stronger Password Replacements … but Implement Mindfully. 2017 Information Security for South Africa (ISSA). IEEE Conference Publications.
  • Zimmermann, V., & Gerber, N. (2017). “If It Wasn’t Secure, They Would Not Use It in the Movies”–Security Perceptions and User Acceptance of Authentication Technologies. In International Conference on Human Aspects of Information Security, Privacy, and Trust (pp. 265-283). Springer, Cham.
  • Zimmermann, V., Henhapl, B., Volkamer, M., & Vogt, J. (2017). Ende-zu-Ende sichere E-Mail-Kommunikation. Datenschutz und Datensicherheit-DuD, 41(5), 308-313.