The Security, Privacy, and Usability Triangle: Improving the Usability of Software Auto Update Mechanisms

2017 SIAM Conference on Computational Science and Engineering

Abstract. During the last two decades, computers became integral to our daily lives. The ubiquity of computers in every corner of society has led to exponential improvements in innovation, efficiency, and productivity. However, this same ubiquity has also led to a dramatic increase in security related incidents with computer systems. Most of these incidents could have been prevented had the systems been up to date with their critical security patches. Although the security beliefs of users in organizations has been widely studied, there are gaps in the literature on the acceptance and implementation of automatic or semi-automatic critical security patching solutions. The goal of the proposed study is to fill these gaps by looking at the problem from a Human-Computer-Interfaces (HCI) point of view. The study aims to gain a deeper understanding of the users’ beliefs concerning automated patching.

The study will gather data using a questionnaire instrument. The questionnaire will then be presented to participants via the Internet using Amazon’s Mechanical Turk. The proposed number of participants is from 40 to 60 people from the United States and its territories. The results are expected to help understand how user’s privacy, security, and usability beliefs intersects and how it influences the acceptance of automated patching solutions. The usefulness of the Usable Security Triangle Model as a way to measure the beliefs will also be studied. This data is expected to aid in the design of automated update tools with the goal of increasing their acceptance.


  • Heriberto A. Acosta-Maestre, Nova Southeastern University, USA,