| 1. |
- Magnusson, Monika, 1965-, et al.
(författare)
-
Digitalisering av krisövning : Erfarenheter från CriseIT-projekten
- 2021
-
Rapport (övrigt vetenskapligt/konstnärligt)abstract
- Genomförandet av övningar är en nyckel till stärkt förmåga att agera effektivt i kris. CriseIT-projekten har haft som mål att bidra till detta genom att skapa möjligheter för kommuner och andra aktörer med krisövningsbehov att öva enklare och oftare.Det finns en önskan om, och en medvetenhet om behoven av, att öva mer än vad som görs i nuläget i många organisationer. Digitala verktyg är ett sätt att göra det möjligt att öva oftare, med lägre resursåtgång och kortare tid för planering och genomförande. Corona-pandemin har ytterligare gjort det tydligt vilka möjligheter digitaliseringen innebär för att effektivisera processer som tidigare varit inramade av tids-och rumsbegränsningar –t.ex. övning.Denna rapport syftar till att på ett lättillgängligt sätt redogöra för och diskutera utmaningar och möjligheter med den digitala övningsprocessen, så som den kommit till uttryck i CriseIT-projekten, genom att beskriva metodiska arbetssätt för design, genomförande och utvärdering av digitala krisövningar samt några perspektiv på implementering av digital övningsmetodik i organisationer. Målgrupp för rapporten är den som arbetar med krisberedskap i offentlig eller privat verksamhet, och som önskar lära sig mer om möjligheten att digitalisera sin övningsprocess. Arbetsrapporten är del av resultatredovisning för CriseIT2.
|
|
| 2. |
- Alaqra, Ala, et al.
(författare)
-
Stakeholders’ Perspectives on Malleable Signatures in a Cloud-based eHealth Scenario
- 2016
-
Ingår i: Proceedings of the International Symposium on Human Aspects of Information Security & Assurance. - 9781841024134 ; , s. 220-230
-
Konferensbidrag (refereegranskat)abstract
- In this paper, we discuss end user requirements that we elicited for the use of malleable signatures in a Cloud-based eHealth scenario. The concept of a malleable signature, which is a privacy enhancing cryptographic scheme that enables the redaction of personal information from signed documents while preserving the validity of the signature, might be counter- intuitive to end users as its functionality does not correspond to the one of a traditional signature scheme. A qualitative study via a series of semi-structured interviews and focus groups has been conducted to understand stakeholders’ opinions and concerns in regards to the possible applications of malleable signatures in the eHealth area, where a medical record is first digitally signed by a doctor and later redacted by the patient in the cloud. Results from this study yielded user requirements such as the need for suitable metaphors and guidelines, usable templates, and clear redaction policies.
|
|
| 3. |
- Angulo, Julio, 1980-
(författare)
-
Designing for Usable Privacy and Transparency in Digital Transactions
- 2015
-
Doktorsavhandling (övrigt vetenskapligt/konstnärligt)abstract
- People engage with multiple online services and carry out a range of different digital transactions with these services. Registering an account, sharing content in social networks, or requesting products or services online are a few examples of such digital transactions. With every transaction, people take decisions and make disclosures of personal data. Despite the possible benefits of collecting data about a person or a group of people, massive collection and aggregation of personal data carries a series of privacy and security implications which can ultimately result in a threat to people's dignity, their finances, and many other aspects of their lives. For this reason, privacy and transparency enhancing technologies are being developed to help people protect their privacy and personal data online. However, some of these technologies are usually hard to understand, difficult to use, and get in the way of people's momentary goals.The objective of this thesis is to explore, and iteratively improve, the usability and user experience provided by novel privacy and transparency technologies. To this end, it compiles a series of case studies that address identified issues of usable privacy and transparency at four stages of a digital transaction, namely the information, agreement, fulfilment and after-sales stages. These studies contribute with a better understanding of the human-factors and design requirements that are necessary for creating user-friendly tools that can help people to protect their privacy and to control their personal information on the Internet.
|
|
| 4. |
- Angulo, Julio, 1980-
(författare)
-
Usable privacy for digital transactions : Exploring the usability aspects of three privacy enhancing mechanisms
- 2012
-
Licentiatavhandling (övrigt vetenskapligt/konstnärligt)abstract
- The amount of personal identifiable information that people distribute over different online services has grown rapidly and considerably over the last decades. This has led to increased probabilities for identity theft, profiling and linkability attacks, which can in turn not only result in a threat to people’s personal dignity, finances, and many other aspects of their lives, but also to societies in general. Methods and tools for securing people’s online activities and protecting their privacy on the Internet, so called Privacy Enhancing Technologies (PETs), are being designed and developed. However, these technologies are often seen by ordinary users as complicated and disruptive of their primary tasks. In this licentiate thesis, I investigate the usability aspects of three main privacy and security enhancing mechanisms. These mechanisms have the goal of helping and encouraging users to protect their privacy on the Internet as they engage in some of the steps necessary to complete a digital transaction. The three mechanisms, which have been investigated within the scope of different research projects, comprise of (1) graphical visualizations of service providers’ privacy policies and user-friendly management and matching of users’ privacy preferences “on the fly”, (2) methods for helping users create appropriate mental models of the data minimization property of anonymous credentials, and (3) employing touch-screen biometrics as a method to authenticate users into mobile devices and verify their identities during a digital transaction. Results from these investigations suggest that these mechanisms can make digital transactions privacy-friendly and secure while at the same time delivering convenience and usability for ordinary users.
|
|
| 5. |
- Bellström, Peter, 1971-, et al.
(författare)
-
Canvas som plattform för digitala krisövningar : Några första resultat från en demonstrationsövning
- 2020
-
Ingår i: Kursdesign i Canvas. - Karlstad : Karlstads universitet. - 9789178671540 - 9789178671588 ; , s. 11-42
-
Bokkapitel (övrigt vetenskapligt/konstnärligt)abstract
- Övning ger färdighet och det gäller inte bara i traditionell undervisning utan också vid krisledning. Krisledning kännetecknas av att medlemmarna i en krisledningsgrupp ska ansvara för sina respektive verksamhetsområden och genom snabb interaktion och samordning över verksamhetsgränserna mildra effekterna av krisen för organisationen eller samhället som helhet. Det innebär att rollmedvetenhet och kommunikationsförmåga måste tränas för den enskilde så väl som för gruppen som helhet. På gruppnivå är också samverkan och koordinering internt och externt viktigt att öva. Tidigare studier visar att organisationer är intresserade av möjligheten att öva mer via digitala verktyg (Wik et al., 2017). Inom ramen för det till och med 2021 pågående Interregprojektet CriseIT 2 utvecklar vi ett koncept för övningsstöd baserat på lärplattformar. Kapitlet beskriver genom en fallstudie hur en seminarieövning kan genomföras med stöd av lärplattformen Canvas. Data till studien har samlats in genom observationer, enkäter, storgruppsdiskussion och deltagarnas indata till Canvas. Erfarenheter från fallstudien sammanfattas i möjligheter, problem och förbättringsbehov kopplade till Canvas och övningsdesignen, och rekommendationer ges både för krisövning och för undervisning baserad på problematisering och dilemmaövningar i klassrummet.
|
|
| 6. |
|
|
| 7. |
- Christenson, Nina, 1975-, et al.
(författare)
-
Riskville – A game for learning about disaster risks and urban planning
- 2018
-
Ingår i: International Journal of Mass Emergencies and Disasters. - Colorado Springs, CO : International Research Committee on Sociology of Disasters; International Sociological Association. - 0280-7270. ; 36:3, s. 238-246
-
Tidskriftsartikel (refereegranskat)abstract
- Education plays a key role in disaster risk reduction (DRR) and in creating resilient societies worldwide by disseminating information about risks and in improving people’s risk awareness. This, in turn, helps them to prepare, cope with and recover from possible disaster events, hence making the societies more resilient. This paper shortly presents the theoretical background and the rules of the game Riskville where the participants get to experience in a hands-on manner the connections and conflicts between urban planning, different interests and climate related risks. We conclude that Riskville promotes discussions on different perspectives on disaster risk and resilience and approaches in including them into urban planning.
|
|
| 8. |
- Framner, Erik, et al.
(författare)
-
Making secret sharing based cloud storage usable
- 2019
-
Ingår i: Information and Computer Security. - : Emerald Group Publishing Limited. - 2056-4961. ; 27:5, s. 647-667
-
Tidskriftsartikel (refereegranskat)abstract
- The purpose of this paper is to develop a usable configuration management for Archistar, whichutilizes secret sharing for redundantly storing data over multiple independent storage clouds in a secure andprivacy-friendly manner. Selecting the optimal secret sharing parameters, cloud storage servers and othersettings for securely storing the secret data shares, while meeting all of end user’s requirements and otherrestrictions, is a complex task. In particular, complex trade-offs between different protection goals and legalprivacy requirements need to be made.
|
|
| 9. |
- Karlsson, Anders, 1974-
(författare)
-
Vilket religionskunskapsämne? : Ämneskonstruktioner i religionskunskap på gymnasiet med samtalsförhandlingar i centrum.
- 2015
-
Licentiatavhandling (övrigt vetenskapligt/konstnärligt)abstract
- This thesis aims to describe one educational sequence in religious education. The study shows articulations and negotiations in the religious education classroom, as well as on digital discussion forums. Two questions are the core of the explorative case study. What is communicated between teachers and students in a Re-classroom in Sweden? How does the content of the communication contribute to constructing the Re-subject in two different discussion forums: digital and analogue? The case study follows an upper secondary school class, with 18 years old students, during one teaching sequence.The theoretical foundation is based in a social-cultural perspective. Data is produced by ethnographic methods and consist of classroom observations and interviews with teachers and students. For the interpretation of speech Even’s relief theory is used concerning what is said and Michel Bakhtin’s thoughts on speech genre concerning how it is expressed and negotiated in the teaching sequence.The analysis of the different forums show that in all of them, teachers and students tend to focus on what religious persons do, their appearance, and how they are limited by their faith. The religious persons are compared to a way of living according to a secular norm that the students find more relevant and up-to-date. When speaking of religious persons the students tend to express it in a derisive and disparaging way. Negotiations on content and framework factors interrupt the actual teaching in the classroom environment whilst digital forums are self-regulating and discussions quickly return to the topic after irrelevant digressions.In the discussion part of the thesis the various discussion forums are evaluated didactically. The impact of gender and framework factors on the student-teacher discussions is also raised. An additional question that is problematized is the tension between the curriculum of the subject and the teacher’s desire to get students interested in religion as a subject, described as ‘the teacher’s dilemma’. It is discussed whether this dilemma controls the teacher’s choice of subject.
|
|
| 10. |
- Länger, Thomas, et al.
(författare)
-
HCI patterns for cryptographically equipped cloud services
- 2018
-
Ingår i: Human-Computer Interaction. Theories, Methods, and Human Issues. - Cham : Springer. - 9783319912370 - 9783319912387 ; , s. 567-586
-
Konferensbidrag (refereegranskat)abstract
- Recent cryptographic research has devised several new algorithms and protocols with a potential of mitigating several of the most ardent security and privacy threats, existing in currently available public cloud services. Nevertheless, such cryptographic schemes often exhibit counterintuitive functionality to end users, or they work differently to other already established traditional schemes with which users are already familiar. A practical solution to address these problems involves a human centered design approach, deriving Human Computer Interaction (HCI) requirements from consultations and extensive testing with experts, prospective end users, and other stakeholders. The European Horizon 2020 project PRISMACLOUD “Privacy and Security Maintaining Services for the Cloud” uses such an approach and provides HCI patterns as part of its proper cloud service development methodology CryptSDLC to communicate HCI requirements to cloud service designers and user interface implementers. In this article, we present several new cryptographic cloud services, e.g. for redacting digitally signed data, and for redundant storage and sharing of confidential data in a public cloud scenario, together with three example HCI patterns for specific interactions of end users with these services. We show how these patterns were elaborated and validated in practice to prove the suitability for their intended purpose. To summarize, we give an account on our practical experience during the actual prototype development and implementation and show how they constitute an essential element of the CryptSDLC development methodology.
|
|
