Maintaining the security of one's systems and devices in a way that ensures the right balance between functionality, security, and convenience remains complicated for most people. For example, people are routinely asked by their systems whether to accept a security certificate, install an application, heed security warnings, or reconfigure operating-system security settings. While these examples represent situations in which people regularly find themselves, people rarely have any basis to make an informed decision or to establish one conveniently. This research examines the concept of 'crowdsourced security' where the solution lies in people leveraging members of their community to secure their systems and devices.
The primary goal of this research is to determine the potential of crowdsourcing as a complementary strategy for enhancing security. An example challenge addressed in this research pertains to the security of one's personal data. Specifically the research seeks to develop security mechanisms that can exploit naturally occurring social relationships and utilize 'human computation' to shift the burden of security via authentication from machines to humans. Within this framework, the research investigates both questions about the technical effectiveness of crowdsourced security solutions, as well as socio-behavioral questions about users' preferences, motivations, and privacy concerns about such systems. This research will benefit society by producing a deeper understanding of how systems can be better secured through human participation and collaboration, moving beyond the status quo of current security mechanisms.