Joakim Koskela
Andrei Gurtov
ABSTRACT
The use of Voice over IP (VoIP) applications involves a number of security threats and usability issues, leading to possible breaches of security and privacy. With the adoption of future peer-to-peer communication systems, the challenges grow even more as we rely on untrusted peers to access the service. We are developing a peer-to-peer VoIP system which features techniques for improving the security and privacy of users in future networks. However, as the threats are seldom well understood, presenting them in a usable manner is problematic. Implemented on a mobile device, the small user interface provides additional challenges for the end user. Via interviews, a questionnaire and usability testing, we seek to improve both the usability of managing and understanding the additional security, as well as the overall user experience of the emerging application.
- M. S. Ackerman, L. F. Cranor, and J. Reagle. Privacy in e-commerce: examining user scenarios and privacy preferences. In ACM Conference on Electronic Commerce, pages 1--8, 1999. Google Scholar
Digital Library
- A. Adams and M. A. Sasse. Users are not the enemy. Commun. ACM, 42(12):40--46, 1999. Google ScholarDigital Library
- D. Balfanz, G. Durfee, R. E. Grinter, and D. Smetters. In search of usable security: Five lessons from the field. IEEE Security and Privacy, 2:19--24, 2004. Google ScholarDigital Library
- A. J. DeWitt and J. Kuljis. Aligning usability and security: a usability study of polaris. In SOUPS '06: Proceedings of the second symposium on Usable privacy and security, pages 1--7, New York, NY, USA, 2006. ACM. Google ScholarDigital Library
- J. Heikkila and A. Gurtov. Filtering spam in p2psip communities with web of trust. In Schmidt and Lian {11}, pages 110--121.Google Scholar
- IETF P2PSIP WG.Google Scholar
- J. Koskela and S. Tarkoma. Simple peer-to-peer sip privacy. In Schmidt and Lian {11}, pages 226--237.Google Scholar
- R. Moskowitz and P. Nikander. Host Identity Protocol (HIP) Architecture. RFC 4423 (Informational), May 2006.Google Scholar
- D. A. Norman. When security gets in the way. Interactions, 17, 2010.Google Scholar
- J. H. Saltzer and M. D. Schroeder. The protection of information in computer systems. In Proceedings of the IEEE, volume 63, pages 1278--1308. IEEE, 1975.Google ScholarCross Ref
- A. U. Schmidt and S. Lian, editors. Security and Privacy in Mobile Information and Communication Systems, First International ICST Conference, MobiSec 2009, Turin, Italy, June 3-5, 2009, Revised Selected Papers, volume 17 of Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering. Springer, 2009. Google ScholarDigital Library
- A. Whitten and J. D. Tygar. Why johnny can't encrypt: A usability evaluation of pgp 5.0. In In Proceedings of the 8th USENIX Security Symposium, Berkeley, CA, USA, 1999. USENIX Association. Google ScholarDigital Library
- K.-P. Yee. User interaction design for secure systems. In In Proceedings of the 4th International Conference on Information and Communications Security, pages 278--290. Springer-Verlag, 2003. Google ScholarDigital Library
Index Terms
- Secure and usable P2P VoIP for mobile devices
Recommendations
Usable and Secure P2P VoIP for Mobile Use
The use of Voice over IP VoIP applications is relatively insecure and can involve a number of security threats and usability issues, potentially leading to loss of privacy. With the adoption of future peer-to-peer P2P communication systems the ...
Usable and secure? User perception of four authentication methods for mobile banking
Highlights- The study investigates perception of the usability and security of four authentication methods for two age groups: those aged 26-54 (N = 229) and older group ...
AbstractSmartphone authentication is becoming a cornerstone security component, so it is necessary to have methods that are usable and secure to ensure adequate protection, especially for mobile banking. Though biometric authentication seems ...
Practical Implementations for Securing VoIP Enabled Mobile Devices
NSS '09: Proceedings of the 2009 Third International Conference on Network and System SecurityVoice over Internet Protocol is the ability of transmitting Voice using the Internet protocol. This paper addresses an introduction to VoIP, threats of VoIP and studies previous works of secure VoIP. We also propose practical implementations for ...
Comments