@inproceedings{394bfac7cff34669a119f32e047dea72,
title = "What can johnny do?-factors in an end-user expertise instrument",
abstract = "Security and computer expertise of end users can be significant predictors of user behaviour and interactions in the security and privacy context. Standardized, externally valid instruments for measuring end-user security expertise are non-existent. To address this need, we developed a questionnaire to identify critical factors that constitute expertise in end-users. It combines skills and knowledge based questions. Using exploratory factor analysis on the results from 898 participants from a range of populations, we identified 12 questions within 4 factors that correspond to computing and security expertise. Ordered logistic regression models were applied to measure efficacy of proposed security and computing factors in predicting user comprehension of security concepts (phishing and certificates). We conclude with a framework for informing future user-centered security expertise research.",
keywords = "Expertise, Privacy, Psychometrics, Security, Security Comprehension",
author = "P. Rajivan and P. Moriano and T. Kelley and Camp, {L. J.}",
year = "2016",
language = "English",
series = "Proceedings of the 10th International Symposium on Human Aspects of Information Security and Assurance, HAISA 2016",
publisher = "University of Plymouth",
pages = "199--208",
editor = "Clarke, {Nathan L} and Furnell, {Steven M}",
booktitle = "Proceedings of the 10th International Symposium on Human Aspects of Information Security and Assurance, HAISA 2016",
note = "10th International Symposium on Human Aspects of Information Security and Assurance, HAISA 2016 ; Conference date: 19-07-2016 Through 21-07-2016",
}