Applying Cognitive Control Modes to Identify Security Fatigue Hotspots
Simon Parkin, Kat Krol, Ingolf Becker, and M. Angela Sasse, University College London
Security tasks can burden the individual, to the extent that security fatigue promotes had security habits. Here we revisit a series of user-centred studies of security mechanisms as part of regular routines, such as two-factor authentication. These studies inform reflection upon the perceived contributors and consequences of fatigue, and strategies that a person may adopt in response to feeling overburdened by security. The fatigue produced by security tasks is then framed using a model of cognitive control modes, which explores human performance and error. Security tasks are then considered in terms of modes such as unconscious routines and knowledge-based ad-hoc approaches. Conscious attention can support adaptation to novel security situations, but is error-prone and tiring; both simple security routines and technology-driven automation can minimise e ffort, but may miss cues from the environment that a nuanced response is required.
Open Access Media
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
author = {Simon Parkin and Kat Krol and Ingolf Becker and M. Angela Sasse},
title = {Applying Cognitive Control Modes to Identify Security Fatigue Hotspots},
booktitle = {Twelfth Symposium on Usable Privacy and Security (SOUPS 2016)},
year = {2016},
address = {Denver, CO},
url = {https://www.usenix.org/conference/soups2016/workshop-program/wsf/presentation/parkin},
publisher = {USENIX Association},
month = jun
}