Lorrie Cranor Carnegie-Mellon University

Supporting Trust Decisions

Internet users frequently encounter situations in which they are asked to make implicit or explicit trust decisions. Examples of such decisions include decisions about whether or not to open an email attachment or provide information and decisions made in response to specific trust- or security-related prompts. The consequences of a wrong decision include infecting their own computers with malware or spyware, unwittingly propagating malware, and revealing information to con artists and identity thieves. Attackers are able to take advantage of most users' poor trust decision-making skills through a class of attacks known as "semantic attacks." While some efforts have been made to find ways of developing information systems that do not force users to make security- or trust-related decisions that they are not prepared to make, it is not always possible for systems to make accurate trust decisions on a user's behalf, especially when those decisions require knowledge of contextual information. There remain many trust decisions that users must therefore make on their own, usually with limited or no assistance or protections from their computer. The goal of this research is to develop approaches to supporting users when they make these trust decisions so that they are better informed and make the best decisions possible. The research will begin with a mental models study aimed at understanding and modeling how people make trust decisions in the online context and ultimately result in the development and evaluation of new software and design patterns.

Agency
National Science Foundation (NSF)
Institute
Division of Computer and Communication Foundations (CCF)
Application #
0524189
Program Officer
Sol J. Greenspan
Project Start
Project End
Budget Start
2005-09-01
Budget End
2010-08-31
Support Year
Fiscal Year
2005
Total Cost
$1,712,000
Indirect Cost
Name
Carnegie-Mellon University
Department
Type
DUNS #
City
Pittsburgh
State
PA
Country
United States
Zip Code
15213