{"id":"https://openalex.org/W2097719378","doi":"https://doi.org/10.1145/1900546.1900553","title":"A stealth approach to usable security","display_name":"A stealth approach to usable security","publication_year":2010,"publication_date":"2010-09-21","ids":{"openalex":"https://openalex.org/W2097719378","doi":"https://doi.org/10.1145/1900546.1900553","mag":"2097719378"},"language":"en","primary_location":{"id":"doi:10.1145/1900546.1900553","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1900546.1900553","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2010 New Security Paradigms Workshop","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5016771481","display_name":"Simon Parkin","orcid":"https://orcid.org/0000-0002-6667-0440"},"institutions":[{"id":"https://openalex.org/I84884186","display_name":"Newcastle University","ror":"https://ror.org/01kj2bm70","country_code":"GB","type":"education","lineage":["https://openalex.org/I84884186"]}],"countries":["GB"],"is_corresponding":true,"raw_author_name":"Simon Parkin","raw_affiliation_strings":["Newcastle University, Newcastle, United Kingdom","Newcastle Univ, Newcastle, United Kingdom > > > >"],"affiliations":[{"raw_affiliation_string":"Newcastle University, Newcastle, United Kingdom","institution_ids":["https://openalex.org/I84884186"]},{"raw_affiliation_string":"Newcastle Univ, Newcastle, United Kingdom > > > >","institution_ids":["https://openalex.org/I84884186"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5072969450","display_name":"Aad van Moorsel","orcid":"https://orcid.org/0000-0001-7233-6943"},"institutions":[{"id":"https://openalex.org/I84884186","display_name":"Newcastle University","ror":"https://ror.org/01kj2bm70","country_code":"GB","type":"education","lineage":["https://openalex.org/I84884186"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Aad van Moorsel","raw_affiliation_strings":["Newcastle University, Newcastle, United Kingdom","Newcastle Univ, Newcastle, United Kingdom > > > >"],"affiliations":[{"raw_affiliation_string":"Newcastle University, Newcastle, United Kingdom","institution_ids":["https://openalex.org/I84884186"]},{"raw_affiliation_string":"Newcastle Univ, Newcastle, United Kingdom > > > >","institution_ids":["https://openalex.org/I84884186"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5029742737","display_name":"Philip Inglesant","orcid":"https://orcid.org/0000-0002-5265-8707"},"institutions":[{"id":"https://openalex.org/I45129253","display_name":"University College London","ror":"https://ror.org/02jx3x895","country_code":"GB","type":"education","lineage":["https://openalex.org/I124357947","https://openalex.org/I45129253"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Philip Inglesant","raw_affiliation_strings":["University College London, London, United Kingdom"],"affiliations":[{"raw_affiliation_string":"University College London, London, United Kingdom","institution_ids":["https://openalex.org/I45129253"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5108226584","display_name":"M. Angela Sasse","orcid":"https://orcid.org/0000-0003-1823-5505"},"institutions":[{"id":"https://openalex.org/I45129253","display_name":"University College London","ror":"https://ror.org/02jx3x895","country_code":"GB","type":"education","lineage":["https://openalex.org/I124357947","https://openalex.org/I45129253"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"M. Angela Sasse","raw_affiliation_strings":["University College London, London, United Kingdom"],"affiliations":[{"raw_affiliation_string":"University College London, London, United Kingdom","institution_ids":["https://openalex.org/I45129253"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5016771481"],"corresponding_institution_ids":["https://openalex.org/I84884186"],"apc_list":null,"apc_paid":null,"fwci":10.4056,"has_fulltext":false,"cited_by_count":45,"citation_normalized_percentile":{"value":0.98032652,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"33","last_page":"50"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9962000250816345,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11045","display_name":"Privacy, Security, and Data Protection","score":0.9940000176429749,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/usability","display_name":"Usability","score":0.6781423091888428},{"id":"https://openalex.org/keywords/human-computer-interaction-in-information-security","display_name":"Human-computer interaction in information security","score":0.6249198317527771},{"id":"https://openalex.org/keywords/usable","display_name":"USable","score":0.613662600517273},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6040782332420349},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.584057092666626},{"id":"https://openalex.org/keywords/security-information-and-event-management","display_name":"Security information and event management","score":0.5278924703598022},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.5152931213378906},{"id":"https://openalex.org/keywords/security-through-obscurity","display_name":"Security through obscurity","score":0.469843327999115},{"id":"https://openalex.org/keywords/security-controls","display_name":"Security controls","score":0.4474070072174072},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.4338317811489105},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.4145548641681671},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.3523958921432495},{"id":"https://openalex.org/keywords/risk-analysis","display_name":"Risk analysis (engineering)","score":0.3483712375164032},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.3415098190307617},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.29530593752861023},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.20426779985427856},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.1309109330177307},{"id":"https://openalex.org/keywords/control","display_name":"Control (management)","score":0.08929133415222168},{"id":"https://openalex.org/keywords/human\u2013computer-interaction","display_name":"Human\u2013computer interaction","score":0.0853099524974823}],"concepts":[{"id":"https://openalex.org/C170130773","wikidata":"https://www.wikidata.org/wiki/Q216378","display_name":"Usability","level":2,"score":0.6781423091888428},{"id":"https://openalex.org/C6353995","wikidata":"https://www.wikidata.org/wiki/Q17027910","display_name":"Human-computer interaction in information security","level":5,"score":0.6249198317527771},{"id":"https://openalex.org/C2780615836","wikidata":"https://www.wikidata.org/wiki/Q2471869","display_name":"USable","level":2,"score":0.613662600517273},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6040782332420349},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.584057092666626},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.5278924703598022},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.5152931213378906},{"id":"https://openalex.org/C114869243","wikidata":"https://www.wikidata.org/wiki/Q133735","display_name":"Security through obscurity","level":5,"score":0.469843327999115},{"id":"https://openalex.org/C178148461","wikidata":"https://www.wikidata.org/wiki/Q1632136","display_name":"Security controls","level":3,"score":0.4474070072174072},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.4338317811489105},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.4145548641681671},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.3523958921432495},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.3483712375164032},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.3415098190307617},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.29530593752861023},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.20426779985427856},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.1309109330177307},{"id":"https://openalex.org/C2775924081","wikidata":"https://www.wikidata.org/wiki/Q55608371","display_name":"Control (management)","level":2,"score":0.08929133415222168},{"id":"https://openalex.org/C107457646","wikidata":"https://www.wikidata.org/wiki/Q207434","display_name":"Human\u2013computer interaction","level":1,"score":0.0853099524974823},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/1900546.1900553","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1900546.1900553","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2010 New Security Paradigms Workshop","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.6700000166893005,"display_name":"Decent work and economic growth","id":"https://metadata.un.org/sdg/8"}],"awards":[{"id":"https://openalex.org/G318029066","display_name":null,"funder_award_id":"EP/F066937/1","funder_id":"https://openalex.org/F4320334627","funder_display_name":"Engineering and Physical Sciences Research Council"}],"funders":[{"id":"https://openalex.org/F4320334627","display_name":"Engineering and Physical Sciences Research Council","ror":"https://ror.org/0439y7842"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":41,"referenced_works":["https://openalex.org/W534311","https://openalex.org/W31171651","https://openalex.org/W85235666","https://openalex.org/W657731981","https://openalex.org/W1485200701","https://openalex.org/W1521077025","https://openalex.org/W1582830784","https://openalex.org/W1605824561","https://openalex.org/W1863259421","https://openalex.org/W1921097329","https://openalex.org/W1975217647","https://openalex.org/W1976539193","https://openalex.org/W1993325457","https://openalex.org/W1997349812","https://openalex.org/W1997501517","https://openalex.org/W2008332680","https://openalex.org/W2010573758","https://openalex.org/W2028171449","https://openalex.org/W2037202491","https://openalex.org/W2038368865","https://openalex.org/W2042720915","https://openalex.org/W2045591401","https://openalex.org/W2052255065","https://openalex.org/W2055112475","https://openalex.org/W2062830664","https://openalex.org/W2069832094","https://openalex.org/W2082231400","https://openalex.org/W2096194225","https://openalex.org/W2097245267","https://openalex.org/W2115034095","https://openalex.org/W2115218409","https://openalex.org/W2150341374","https://openalex.org/W2152702620","https://openalex.org/W2157720178","https://openalex.org/W2171920515","https://openalex.org/W2398411232","https://openalex.org/W2787781977","https://openalex.org/W2807898355","https://openalex.org/W4251625295","https://openalex.org/W6639365601","https://openalex.org/W6640284056"],"related_works":["https://openalex.org/W2345270111","https://openalex.org/W2372674753","https://openalex.org/W2894900144","https://openalex.org/W2026081827","https://openalex.org/W2553295645","https://openalex.org/W2979370664","https://openalex.org/W4382365358","https://openalex.org/W2293554594","https://openalex.org/W2165572034","https://openalex.org/W2368805764"],"abstract_inverted_index":{"Recent":[0],"advances":[1],"in":[2,25],"the":[3,50,59,86],"research":[4],"of":[5,53,73,88,125],"usable":[6],"security":[7,12,31,35,44,55,71,89,110],"have":[8,20,63],"produced":[9],"many":[10],"new":[11,78],"mechanisms":[13,19,145],"that":[14,61,118],"improve":[15],"usability.":[16,42],"However,":[17],"these":[18,120,148],"not":[21,58],"been":[22],"widely":[23],"adopted":[24],"practice.":[26],"In":[27],"most":[28],"organisations,":[29],"IT":[30,43,109],"managers":[32,45,72,111],"decide":[33],"on":[34,64,91],"policies":[36],"and":[37,49,94,101,133],"mechanisms,":[38],"seemingly":[39],"without":[40],"considering":[41],"consider":[46],"risk":[47,102],"reduction":[48],"business":[51,99],"impact":[52,60,87,100],"information":[54],"controls,":[56],"but":[57],"controls":[62,90],"users.":[65],"Rather":[66],"than":[67],"trying":[68],"to":[69,96,142,146],"remind":[70],"usability,":[74],"we":[75],"present":[76],"a":[77,81,123],"paradigm":[79],"--":[80],"stealth":[82],"approach":[83],"which":[84],"incorporates":[85],"users'":[92],"productivity":[93],"willingness":[95],"comply":[97],"into":[98],"reduction.":[103],"During":[104],"two":[105],"2-hour":[106],"sessions,":[107],"3":[108],"discussed":[112],"with":[113],"us":[114],"mock-up":[115],"tool":[116,137],"prototypes":[117],"embody":[119],"principles,":[121],"alongside":[122],"range":[124],"potential":[126],"usage":[127],"scenarios":[128],"(e.g.":[129],"cloud-based":[130],"password-cracking":[131],"attacks":[132],"\"hot-desking\"":[134],"initiatives).":[135],"Our":[136],"design":[138],"process":[139],"elicits":[140],"findings":[141],"help":[143],"develop":[144],"visualise":[147],"tradeoffs.":[149]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":3},{"year":2023,"cited_by_count":2},{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":3},{"year":2020,"cited_by_count":2},{"year":2019,"cited_by_count":5},{"year":2018,"cited_by_count":1},{"year":2017,"cited_by_count":1},{"year":2016,"cited_by_count":4},{"year":2015,"cited_by_count":4},{"year":2014,"cited_by_count":3},{"year":2013,"cited_by_count":5},{"year":2012,"cited_by_count":4}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}