Abstract
Anonymous credentials are a fundamental technology for preserving end users’ privacy by enforcing data minimization for online applications. However, the design of user-friendly interfaces that convey their privacy benefits to users is still a major challenge. Users are still unfamiliar with the new and rather complex concept of anonymous credentials, since no obvious real-world analogies exists that can help them create the correct mental models. In this paper we explore different ways in which suitable mental models of the data minimization property of anonymous credentials can be evoked on end users. To achieve this, we investigate three different approaches in the context of an e-shopping scenario: a card-based approach, an attribute-based approach and an adapted card-based approach. Results show that the adapted card-based approach is a good approach towards evoking the right mental models for anonymous credential applications. However, better design paradigms are still needed to make users understand that attributes can be used to satisfy conditions without revealing the value of the attributes themselves.
Access provided by Autonomous University of Puebla. Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
References
Brands, S.: Rethinking Public Key Infrastructure and Digital certificates - Building in Privacy. Ph.D. thesis, Eindhoven. Institute of Technology (1999)
Camenisch, J., Lysyanskaya, A.: An Efficient System for Non-Transferable Anonymous Credentials with Optional Anonymity Revocation. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 93–118. Springer, Heidelberg (2001)
Camenisch, J., Crane, S., Fischer-Hübner, S., Leenes, R., Pearson, S., Pettersson, J.S., Sommer, D., Andersson, C.: Trust in PRIME. In: Proceedings of Fifth IEEE International Symposium on Signal Processing and Information Technology, pp. 552–559 (December 2005)
Camenisch, J., Shelat, A., Sommer, D., Zimmermann, R.: Securing user inputs for the web. In: Proceedings of the Second ACM Workshop on Digital Identity Management, DIM 2006, pp. 33–44. ACM, New York (2006)
Chaum, D.: Security without identification: Transaction systems to make big brother obsolete. Communications of the ACM 28(10), 1030–1044 (1985)
Johnson-Laird, P.N.: Mental models: towards a cognitive science of language, inference, and consciousness. Harvard University Press, Cambridge (1983)
Jonassen, D.H.: Operationalizing mental models: strategies for assessing mental models to support meaningful learning and design-supportive learning environments. In: The First International Conference on Computer Support for Collaborative Learning, CSCL 1995, pp. 182–186. L. Erlbaum Associates Inc., Hillsdale (1995)
Pettersson, J.S.: HCI Guidelines. PRIME deliverable D6.1.f (February 2008)
Pettersson, J.S., Fischer-Hübner, S., Danielsson, N., Nilsson, J., Bergmann, M., Clauss, S., Kriegelstein, T., Krasemann, H.: Making PRIME usable. In: Proceedings of the 2005 Symposium on Usable Privacy and Security, SOUPS 2005, pp. 53–64. ACM, New York (2005)
Wästlund, E., Fischer-Hübner, S.: The Users’ Mental Models’ Effect on their Comprehension of Anonymous Credentials. In: Privacy and Identity Management for Life, pp. 229–240. Springer, Heidelberg (2011)
Whitten, A., Tygar, J.D.: Why Johnny Can’t Encrypt: A Usability Evaluation of PGP 5.0. In: Proceedings of the 8th USENIX Security Symposium (1999)
Young, I.: Mental Models: Aligning Design Strategy with Human Behavior. Rosenfeld media (2008)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Wästlund, E., Angulo, J., Fischer-Hübner, S. (2012). Evoking Comprehensive Mental Models of Anonymous Credentials. In: Camenisch, J., Kesdogan, D. (eds) Open Problems in Network Security. iNetSec 2011. Lecture Notes in Computer Science, vol 7039. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-27585-2_1
Download citation
DOI: https://doi.org/10.1007/978-3-642-27585-2_1
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-27584-5
Online ISBN: 978-3-642-27585-2
eBook Packages: Computer ScienceComputer Science (R0)