This paper discusses the role of humans as “smart components” in a system, emphasizing that their autonomy must be respected and incentives should be provided to induce desired behavior. The authors argue that a misalignment of incentives can often lead to system vulnerabilities that can be exploited by attackers. The paper introduces incentive-centered design as a tool to understand and address these problems, providing design principles to mitigate them. The authors provide several examples of security problems that could benefit from incentive-centered design and elaborate on a general screening model that offers strong design principles for a class of security problems.
The Impact of Workload on Phishing Susceptibility: An Experiment
Phishing is when social engineering is used to deceive a person into sharing sensitive information or downloading...