On Conducting Security Developer Studies with CS Students: Examining a Password-Storage Study with CS Students, Freelancers, and Company Developers

要旨

Ecological validity is a major concern in usable security studies with developers. Many studies are conducted with computer science (CS) students out of convenience, since recruiting professional software developers in sufficient numbers is very challenging. In a password-storage study, Naiakshina et al. (CHI'19) showed that CS students behave similarly to freelance developers recruited online. While this is a promising result for conducting developer studies with students, an open question remains: Do professional developers employed in companies behave similarly as well?To provide more insight into the ecological validity of recruiting students for security developer studies, we replicated the study of Naiakshina et al. with developers from diverse companies in Germany. We found that developers employed in companies performed better than students and freelancers in a direct comparison.However, treatment effects were found to be significant in all groups; the treatment effects on CS students also held for company developers.

キーワード
Security Developer Study
Developer Password Study
Usable Security and Privacy
Student Developer
著者
Alena Naiakshina
University of Bonn, Bonn, Germany
Anastasia Danilova
University of Bonn, Bonn, Germany
Eva Gerlitz
Fraunhofer FKIE, Bonn, Germany
Matthew Smith
University of Bonn & Fraunhofer FKIE, Bonn, Germany
DOI

10.1145/3313831.3376791

論文URL

https://doi.org/10.1145/3313831.3376791

会議: CHI 2020

The ACM CHI Conference on Human Factors in Computing Systems (https://chi2020.acm.org/)

セッション: Developers, security & privacy

Paper session
313B O'AHU
4 件の発表
2020-04-30 23:00:00
2020-05-01 00:15:00
日本語まとめ
読み込み中…