Human Aspects of Information Security, Privacy, and Trust, 2014 Second International Conference, HAS 2014, Held as Part of HCI International 2014, Heraklion, Crete, Greece, June 22-27, 2014, Proceedings Information Systems and Applications, incl. Internet/Web, and HCI Series

This book constitutes the proceedings of the Second International Conference on Human Aspects of Information Security, Privacy, and Trust, HAS 2014, held as part of HCI International 2014 which took place in Heraklion, Crete, Greece, in June 2014 and incorporated 14 conferences which similar thematic areas. HCII 2014 received a total of 4766 submissions, of which 1476 papers and 220 posters were accepted for publication after a careful reviewing process. These papers address the latest research and development efforts and highlight the human aspects of design and use of computing systems. The papers thoroughly cover the entire field of Human-Computer Interaction, addressing major advances in knowledge and effective use of computers in a variety of application areas. The 38 papers presented in the HAS 2014 proceedings are organized in topical sections named: usable security; authentication and passwords; security policy and awareness; human behaviour in cyber security and privacy issues.

Usable Security.- On Supporting Security and Privacy-Preserving Interaction through Adaptive Usable Security.- A Network Telescope for Early Warning Intrusion Detection.- Visualization of System Log Files for Post-incident Analysis and Response.- An Assessment Framework for Usable-Security Based on Decision Science.- On Designing Usable Policy Languages for Declarative Trust Aggregation.- An Image-Based CAPTCHA Using Sophisticated Mental Rotation.- What Usable Security Really Means: Trusting and Engaging Users.- QR Code Security: A Survey of Attacks and Challenges for Usable Security.- Designing Mobile Security Apps; a Paradigm Shift: A User Experience Case Study with Emerging Markets like India.- Discrete Hardware Apparatus and Method for Mobile Application and Communication Security.- Authentication and Passwords Complexity Metrics and User Strength Perceptions of the Pattern-Lock Graphical Authentication Method.- A Cognitive-Behavioral Framework of User Password Management Lifecycle.- Do Graphical Authentication Systems Solve the Password Memorability Problem.- E-voting Authentication with QR-codes.- I Can’t Type That! P@$$w0rd Entry on Mobile Devices.- Capturing Attention for Warnings about Insecure Password Fields – Systematic Development of a Passive Security Intervention.- ACCESS: Describing and Contrasting – Authentication Mechanisms.- Character Strings, Memory and Passwords: What a Recall Study Can Tell Us.- Security Policy and Awareness.- From Regulations to Practice: Achieving Information Security Compliance in Healthcare.- Rethinking the Smart Card Technology.- Compositional Security Modelling: Structure, Economics, and Behaviour.- End User Development and Information Security Culture.- DSAPE – Dynamic Security Awareness Program Evaluation.- A Critical Reflection on the Threat from Human Insiders – Its Nature, Industry Perceptions, and Detection Approaches.- Changing Faces: Identifying Complex Behavioural Profiles.- Human Behaviour in Cybersecurity.- A Conceptual Framework to Analyze Human Factors of Information Security Management System (ISMS) in Organizations.- Socio-technical Security Analysis of Wireless Hotspots.- A Conceptual Framework to Study Socio-Technical Security.- An Evaluation of Behavioural Profiling on Mobile Devices.- Nudging for Quantitative Access Control Systems.- Social Information Leakage: Effects of Awareness and Peer Pressure on User Behavior.- The Curious Incidence of Security Breaches by Knowledgeable Employees and the Pivotal Role of Security Culture.- Privacy Issues.- User Acceptance of Privacy-ABCs: An Exploratory Study.- “My Life Doesn’t Have to Be an Open Book”: A Model to Help Designers to Enhance Privacy Controls on Social Network Sites.- Paper Audit Trails and Voters’ Privacy Concerns.- Mental Models for Usable Privacy: A Position Paper.- Web Privacy Policies in Higher Education: How Are Content and Design Used to Provide Notice (Or a Lack Thereof) to Users.- Privacy Protection Based Privacy ConflictDetection and Solution in Online Social Networks.