ATHENE
The National Research Center for Applied Cyber Security ATHENE, formerly CRISP, is a research center of the Fraunhofer-Gesellschaft with the participation of the Fraunhofer Institutes SIT and IGD as well as the TU Darmstadt and the Darmstadt University of Applied Sciences. The centre is funded by the German Federal Ministry of Education and Research (BMBF) and the Hessian Ministry of Higher Education, Research, Science and the Arts (HMWK). Within different subprojects, FAI, in cooperation with project partners from the Department of Informatics and the Fraunhofer Institutes, researches user perception and user behavior in the context of IT security applications.
All subprojects are funded by: Federal Ministry of Education and Research (BMBF); Hessian Ministry of Science and the Arts (HMWK)
SecUrban
The ATHENE research mission Secure, Urban Infrastructures, or SecUrban for short, is concerned with safety-critical infrastructures in smart cities. In particular, the FAI is researching the interactions of safety (operational safety) and security (attack security) that result from networking in a smart city. To this end, a stakeholder and infrastructure analysis is first conducted. Subsequently, iterative solutions will be developed for selected application scenarios and evaluated with the corresponding target group. These solutions are intended to help support security and restore it as quickly as possible in the event of an emergency, so that a smart city can return to its normal state as quickly as possible.
Duration: 01.2020 – 12.2023
Cooperation partners: Prof. Reuter, Prof. Mühlhäuser and Prof. Hollick from the Department of Informatics at TU Darmstadt, Prof. Shulman from Fraunhofer SIT, and Mr. Kirchbuchner from Fraunhofer IGD
CRISP-SaL4 (completed)
The aim of the research project in CRISP SaL4 is to develop robust and resilient systems, i.e. systems that are adaptable to different contexts. The FAI investigates the security perception of users with regard to self-learning systems and develops a user interface on this basis together with the project partners, which is evaluated iteratively in studies.
Duration: 06.2018 – 05.2021
Cooperation partners: , Prof. Katzenbeißer , Prof. Rinderknecht Prof. Buxmann
CRISP-SaL3 (completed)
The aim of the research project in CRISP SaL3 is to develop a secure and privacy-friendly concept for a smart home system. The FAI investigates the mental models of users and their requirements for smart homes and smart home interfaces. Measures and mock-ups are then developed on the basis of the users' ideas and needs, which are iteratively evaluated in studies.
Duration: 06.2017 – 05.2020
Cooperation partners: Prof. Mühlhäuser (TU Darmstadt), Dr.-Ing. Andreas Braun (Fraunhofer IGD)
CRISP-SaL2 (completed)
In this subproject of CRISP SaL2, a technical concept as well as mock-ups for a user-friendly interface are being developed that will enable the final users to communicate with each other confidentially and authentically by using encrypted e-mails, also via mobile devices. FAI's focus is on researching and designing secure and user-friendly authentication. In the development of the concept and the mockups, the “Human Centered Security by Design”-approach is used, which combines security by design and usability by design elements.
Duration: 08.2016 – 07.2018
Cooperation partners: ( Prof. Volkamer ), Dipl.-Inform. Michael Herfert (Fraunhofer SIT) Karlsruher Institut für Technologie
CRISP-SaL1 (completed)
The aim of the project in CRISP SaL1 is to determine how users can delegate the protection of their privacy, their data, and their end devices to a trustworthy entity (an individual, an institution, or a device). From a psychological perspective, the project will investigate and determine whom or which institutions users trust sufficiently under which conditions to delegate the protection of their own privacy to them.
Duration: 10.2015 – 09.2017
Cooperation partners: ( Prof. Volkamer ) Karlsruher Institut für Technologie
Publications
- Zimmermann, V. & Gerber, N. (2020) The password is dead, long live the password – A laboratory study on user perceptions of authentication schemes, International Journal of Human-Computer Studies (IJHCS), 133, 26-44, https://doi.org/10.1016/j.ijhcs.2019.08.006
- Zimmermann, V., Dickhaut, E., Gerber, P. & Vogt, J. (2019). Vision: Shining Light on Smart Homes – Supporting Informed Decision-Making of End Users. EuroUSEC 2019
- Renaud, K. & Zimmermann, V. (2019, June). Encouraging Password Manager Reuse. Network Security.
- Zimmermann, V. & Renaud, K. (2019). Moving from a “Human-as-Problem” to a “Human-as-Solution” Cybersecurity Mindset., International Journal of Human-Computer Studies (IJHCS), 131, 169-187, https://doi.org/10.1016/j.ijhcs.2019.05.005
- Zimmermann, V., Gerber, N., Mayer, P., Kleboth, M., von Preuschen, A. & Schmidt, K. (2019). Keep on rating – on the systematic rating and comparison of authentication schemes. Information and Computer Security.
- Zimmermann, V., Bennighof, M., Edel, M., Hofmann, O., Jung, J., & von Wick, M. (2018). ‘Home, Smart Home’–Exploring End Users’ Mental Models of Smart Homes. Mensch und Computer 2018-Workshopband.
- Gerber, N., Gerber, P., Volkamer, M. (2018). Explaining the privacy paradox: A systematic review of literature investigating privacy attitude and behavior. In: Computers & Security, Volume 77, pp. 226 – 261. doi: 10.1016/j.cose.2018.04.002
- Zimmermann, V., Gerber, N., Kleboth, M, von Preuschen, A., Schmidt, K. & Mayer, P. (2018). The Quest to Replace Passwords Revisited – Rating Authentication Schemes. HAISA 2018.
- Gerber, N., Zimmermann, V., Henhapl, B., Emeröz, S.& Volkamer, M. (2018). Finally Johnny Can Encrypt. But Does This Make Him Feel More Secure? In 13th International Conference on Availability, Reliability and Security. ARES 2018.
- Gerber, P., Ghiglieri, M., Henhapl, B., Kulyk, O., Marky, K., Mayer, P., Reinheimer, B., Volkamer, M. (2018). Human Factors in Security. In: Reuter C. (eds) Sicherheitskritische Mensch-Computer-Interaktion. pp. 83-98. Springer Vieweg, Wiesbaden. doi: 10.1007/978-3-658-19523-6_5
- Renaud, K. & Zimmermann, V. (2018). Ethical Guidelines for Nudging in Information Security & Privacy. International Journal of Human-Computer Studies (IJHCS).
- Renaud, K., & Zimmermann, V. (2018). Nudging folks towards stronger password choices: Providing certainty is the key. Behavioural Public Policy. doi:10.1017/bpp.2018.3.
- Renaud, K. & Zimmermann, V. (2018). Guidelines For Ethical Nudging In Password Authentication. SAIEE Africa Research Journal, 109(2), pp.101-117.
- Renaud, K., Maguire, J., Zimmermann, V., Draper, S. (2017). Lessons Learned from Evaluating Eight Password Nudges in the Wild. In LASER 2017.
- Zimmermann, V., Henhapl, B., Gerber, N., & Enzmann, M. (2017). Promoting Secure Email Communication and Authentication. Mensch und Computer 2017. Workshopband.
- Gerber, N., & Zimmermann, V. (2017). Security vs. privacy? User preferences regarding text passwords and biometric authentication. Mensch und Computer 2017. Workshopband.
- Renaud, K., & Zimmermann, V. (2017). Enriched Nudges Lead to Stronger Password Replacements … but Implement Mindfully. 2017 Information Security for South Africa (ISSA). IEEE Conference Publications.
- Zimmermann, V., & Gerber, N. (2017). “If It Wasn’t Secure, They Would Not Use It in the Movies”–Security Perceptions and User Acceptance of Authentication Technologies. In International Conference on Human Aspects of Information Security, Privacy, and Trust (pp. 265-283). Springer, Cham.
- Zimmermann, V., Henhapl, B., Volkamer, M., & Vogt, J. (2017). Ende-zu-Ende sichere E-Mail-Kommunikation. Datenschutz und Datensicherheit-DuD, 41(5), 308-313.