ACM SIGCHI General Interest Announcements (Mailing List)


Options: Use Forum View

Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Busch Marc <[log in to unmask]>
Reply To:
Busch Marc <[log in to unmask]>
Fri, 9 May 2014 16:33:12 +0000
text/plain (87 lines)
[Apologies for cross-posting]


* Workshop on Insecure Interfaces - Learning from User Interfaces that lead to Circumvention of Organizational Information Security Policies (

* Co-located at SOUPS 2014 - July 9-11, 2014, Menlo Park, CA (



* Submission deadline: May 15, 2014
* Notification of acceptance: May 30, 2014
* Camera-ready submission deadline: June 13, 2014

We aim to bring together researchers and practitioners from different disciplines to create, explore, evaluate, and discuss cases for weaknesses in organizational security resulting from user interface and usability considerations. From these cases, we will derive anti-patterns, anti-guidelines, and anti-heuristics to apply the "learn from mistakes" approach, which can lead to better UI design practice in the area of corporate information security.

Employee compliance with information security policies is critical for companies. Breaches of information security caused by employees can have a range of negative consequences. Critical and sensitive information may be compromised, potentially harming customers and employees, benefitting competitors, inviting legal and regulatory challenges, and damaging the reputation of the company.

In the realm of information security policies, it is typically advocated that all business information technology be designed in a way that enables and promotes employee compliance with the employer's information security policies. User Interfaces play a critical role in communicating security policies and ensuring employee compliance.
This workshop, however, turns this design practice around. Similar to the previous workshop "A Turn for the Worse: Trustbusters for User Interfaces" at SOUPS 2013, we aim to "learn from mistakes" and will explore examples of user interfaces in enterprise systems that lead employees to circumvent security policies and undermine the company's information security. A deeper understanding of factors that underlie circumvention and non-compliance with official security guidance can then be applied to "make interfaces better".

We invite original papers in PDF format describing/providing examples in which security is undermined by interface and usability aspects, including:

* a position, research, or anecdotal paper on use of a design that leads to circumvention of corporate security policies,
* screenshots of design(s) leading to circumvention of official security policies, or
* videos or audio material that demonstrate how interface design and usability aspects could weaken corporate information security.

Papers should use the SOUPS formatting template (LaTeX or MS Word). Submissions should be 2 to 4 pages in length, excluding appendices. The paper should be self-contained without requiring readers to read the appendices. The appendices need not conform to the formatting template. Submissions should not be anonymized. Supplemental material such as screenshots and videos should be made available in downloadable format. Accepted submissions will not be considered archival. Authors may choose whether to include the full paper or only the abstract on the Workshop Web site.
Inquiries can be emailed to: [log in to unmask]<mailto:[log in to unmask]>

Please email submissions to: [log in to unmask]<mailto:[log in to unmask]> (Note: There is a 10MB size limit on email attachments; for larger submissions, please provide a link to downloadable content.)

Marc Busch & Christina Hochleitner
AIT Austrian Institute of Technology GmbH, [log in to unmask]<mailto:[log in to unmask]> & [log in to unmask]<mailto:[log in to unmask]>
CURE - Center for Usability Research & Engineering

Manfred Tscheligi
ICT&S Center, University of Salzburg, [log in to unmask]<mailto:[log in to unmask]>
AIT Austrian Institute of Technology GmbH, [log in to unmask]<mailto:[log in to unmask]>

Sameer Patil
Helsinki Institute for Information Technology HIIT / Aalto University
[log in to unmask]<mailto:[log in to unmask]>

Jean Camp
School of Informatics and Computing, Indiana University
[log in to unmask]<mailto:[log in to unmask]>

Innovation Systems Department
Business Unit Technology Experience

AIT Austrian Institute of Technology GmbH
Business Park Marximum
Modecenterstrasse 17/Object 2 | 1110 Vienna | Austria
T +43 50550-4535 | M +43 664 88964935 | F +43 50550-4599
[log in to unmask]<mailto:[log in to unmask]> |

FN: 115980 i HG Wien  |  UID: ATU14703506<>

    For news of CHI books, courses & software, join CHI-RESOURCES
     mailto: [log in to unmask]

    To unsubscribe from CHI-ANNOUNCEMENTS send an email to
     mailto:[log in to unmask]

    For further details of CHI lists see