RUST: A Retargetable Usability Testbed for Website Authentication Technologies

Maritza Lupe Johnson; Chaitanya Atreya; Adam Aviv; Mariana Petrova Raykova; Steven Michael Bellovin; Gail E. Kaiser

RUST: A Retargetable Usability Testbed for Website Authentication Technologies
Johnson, Maritza Lupe
Atreya, Chaitanya
Aviv, Adam
Raykova, Mariana Petrova
Bellovin, Steven Michael
Kaiser, Gail E.
Computer Science
Persistent URL:
Presented at USENIX Workshop on Usability, Psychology, and Security (UPSEC '08), San Francisco, April 14, 2008.
Website authentication technologies attempt to make the identity of a website clear to the user, by supplying information about the identity of the website. In practice however, usability issues can prevent users from correctly identifying the websites they are interacting with. To help identify usability issues we present RUST, a Retargetable USability Testbed for website authentication technologies. RUST is a testbed that consists of a test harness, which provides the ability to easily configure the environment for running usability study sessions, and a usability study design that evaluates usability based on spoofability, learnability, and acceptability. We present data collected by RUST and discuss preliminary results for two authentication technologies, Microsoft CardSpace and Verisign Secure Letterhead. Based on the data collected, we conclude that the testbed is useful for gathering data on a variety of technologies.
Computer science
Item views
text | xml
Suggested Citation:
Maritza Lupe Johnson, Chaitanya Atreya, Adam Aviv, Mariana Petrova Raykova, Steven Michael Bellovin, Gail E. Kaiser, 2008, RUST: A Retargetable Usability Testbed for Website Authentication Technologies, Columbia University Academic Commons, http://hdl.handle.net/10022/AC:P:9043.

Center for Digital Research and Scholarship at Columbia University Libraries | Policies