Karola MarkyRuhr University Bochum | RUB
Karola Marky
Doctor of Natural Sciences
About
83
Publications
8,405
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
919
Citations
Introduction
Publications
Publications (83)
Shoulder surfing is a byproduct of smartphone use that enables bystanders to access personal information (such as text and photos) by making screen observations without consent. To mitigate this, several protection mechanisms have been proposed to protect user privacy. However, the mechanisms that users prefer remain unexplored. This paper explores...
Shoulder surfing has been studied extensively, however, it remains unexplored whether and how it impacts users. Understanding this is important as it determines whether shoulder surfing poses a significant concern and, if so, how best to address it. By surveying smartphone users in the UK, we explore how shoulder surfing impacts a) the privacy perc...
Smart home applications aim to increase convenience, yet often require authentication to protect sensitive data. This is non-trivial: effortful authentication contradicts intended convenience, the multitude of devices raises scalability issues, many devices lack suitable interfaces, and the presence of other inhabitants requires intentional and acc...
This paper contributes an in-depth investigation (N=24) of privacy perceptions in the context of medical data donation apps. Medical data donation refers to the act of voluntarily sharing medical data with research institutions, which plays a crucial role in advancing healthcare research and personalized medicine. To design effective medical data d...
As technology advances, homes become more digitalized and evolve into smart homes. Bystanders, e.g. guests in smart homes, are often unaware of the smart home devices and the associated privacy risks that make them especially vulnerable. However, so far there is limited research on how the guests can be made aware of smart home devices in the house...
Physical interactions with socially assistive robots (SARs) positively affect user wellbeing. However, haptic experiences when touching a SAR are typically limited to perceiving the robot's movements or shell texture, while other modalities that could enhance the touch experience with the robot, such as vibrotactile stimulation, are under-explored....
Physical interactions with socially assistive robots (SARs) positively affect user wellbeing. However, haptic experiences when touching a SAR are typically limited to perceiving the robot's movements or shell texture, while other modalities that could enhance the touch experience with the robot, such as vibrotactile stimulation, are under-explored....
Medical data donation involves voluntarily sharing medical data with research institutions, which is crucial for advancing healthcare research. However, the sensitive nature of medical data poses privacy and security challenges. The primary concern is the risk of de-anonymization, where users can be linked to their donated data through background k...
Online elections come with security challenges since digital votes do not produce physical audit trails that are easily verifiable. We present and investigate a hybrid online voting system that combines the benefits of voting from home via the internet with those of physical ballots, such as risk-limiting audits and verifiability. After voting onli...
Scale questionnaires are psychometric tools that capture perspectives and experiences. Consequently, these tools need to be reliable and valid. In this paper, we investigate the impact of response widgets - the UI elements that allow users to answer scale items - on the overall scale reliability and construct validity of three varied length scale q...
Current anonymous communication systems either provide strong anonymity with significant delay or low latency with unreliable anonymity. This division leads to smaller user bases and reduced anonymity as users choose systems based on their specific requirements. To address this issue, we propose an approach based on mix networks that employs two mi...
Medical data donation involves voluntarily sharing medical data with research institutions, which is crucial for advancing health-care research. However, the sensitive nature of medical data poses privacy and security challenges. The primary concern is the risk of de-anonymization, where users can be linked to their donated data through background...
This book covers topics needed to be considered in research around usable privacy. The book starts from a psychological perspective and introduces readers to basic behavioral theories and models that can explain end-user privacy behavior (including the “privacy paradox”) on a theoretical level. Subsequently, an introduction to different study metho...
Thermal attacks are an emerging threat that enables the reconstruction of user input after interaction with a device by analysing heat traces. There are several ways to protect users from thermal attacks that require different degrees of user involvement. In this paper, we first present a structured literature review to identify 15 protection strat...
The interactive augmentation of musical instruments to foster self-expressiveness and learning has a rich history. Over the past decades, the incorporation of interactive technologies into musical instruments emerged into a new research field requiring strong collaboration between different disciplines. The workshop "Intelligent Music Interfaces" c...
This chapter contributes a short overview on the core concept that the research presented in this book investigates: privacy . First, it provides privacy theories and basics based on the scientific literature. Then, it motivates and discusses why privacy is an essential concept that deserves attention from the research community.
Fundamental to Augmented Reality (AR) headsets is their capacity to visually and aurally sense the world around them, necessary to drive the positional tracking that makes rendering 3D spatial content possible. This requisite sensing also opens the door for more advanced AR-driven activities, such as augmented perception, volumetric capture and bio...
Existing software-based smart home privacy mechanisms are frequently indirect and cumbersome to use. We developed PriKey, a tangible privacy mechanism for smart homes that offers intuitive, device-independent, sensor-based, and user-centric privacy control. To render our concept comprehensible, we implemented a demonstration consisting of Wizard-of...
The increasing proliferation of smart objects in everyday life has changed how we interact with computers. Instead of concentrating computational capabilities and interaction into one device, everyday objects have naturally integrated parts of interactive features. Although this has led to many practical applications, the possibilities for explicit...
The increasing number of smart devices installed in our homes poses privacy risks for inhabitants and visitors. However, individuals face difficulties counteracting privacy intrusions due to missing controls, incorrect mental models, and limitations in their level of expertise. We present PriKey, a concept for device-independent and easy-to-use tan...
IoT devices are becoming more common and prevalent in private households. Since guests can be present in IoT-equipped households, IoT devices can pose considerable privacy risks to them. In this paper, we present an in-depth evaluation of privacy protection for guests considering the perspectives of hosts and guests. First, we interviewed 21 IoT de...
Shoulder surfing is a prevailing threat when accessing smartphone information at different locations. Prior work has proposed numerous mechanisms to combat the threat, however, when and what mechanism to use while maintaining appreciable user experience and usability remains a challenge. Further, the subjective interpretation of sensitive content a...
The use of wearable sensor technology opens up exciting avenues for both art and HCI research, providing new ways to explore the invisible link between audience and performer. To be effective, such work requires close collaboration between performers and researchers. In this paper, we report on the co-design process and research insights from our w...
There are several ways to inform individuals about secure and privacy-preserving behavior in private social environments. Experts who are versed in security and privacy (S&P), who
might be social peers, such as family members or friends, can provide advice or give recommendations. In this paper, we specifically investigate how S&P adepts inform pee...
Handheld mobile devices store a plethora of sensitive data, such as private emails, personal messages, photos, and location data. Authentication is essential to protect access to sensitive data. However, the majority of mobile devices are currently secured by singlemodal authentication schemes which are vulnerable to shoulder surfing, smudge attack...
Contact Tracing Apps (CTAs) have been developed and deployed in various parts of the world to track the spread of COVID-19. However, low social acceptance and the lack of adoption can impact CTA effectiveness. Prior work primarily focused on the privacy and security of CTAs, compared different models, and studied their app design. However, it remai...
Supporting users with secure password creation is a well-explored yet unresolved research topic. A promising intervention is the password meter, i.e. providing feedback on the user's password strength as and when it is created. However, findings related to the password meter's effectiveness are varied. An extensive literature review revealed that,...
Two-factor authentication (2FA) is a recommended or imposed authentication mechanism for valuable online assets. However, 2FA mechanisms usually exhibit user experience issues that create user friction and even lead to poor acceptance, hampering the wider spread of 2FA. In this paper, we investigate user perceptions of 2FA through in-depth intervie...
Internet voting can afford more inclusive and inexpensive elections. The flip side is that the integrity of the election can be compromised by adversarial attacks and malfunctioning voting infrastructure. Individual verifiability aims to protect against such risks by letting voters verify that their votes are correctly registered in the electronic...
Verifiable voting schemes allow voters to verify their individual votes and the election outcome. The voting protocol Selene offers verification of plaintext votes while preserving privacy. Misconceptions of verification mechanisms might result in voters mistrust of the system or abstaining from using it. In this paper, we interviewed 24 participan...
Learning a musical instrument requires a lot of practice, which ideally, should be done every day. During practice sessions, students are on their own in the overwhelming majority of the time, but access to experts that support students "just-in-time" is limited. Therefore, students commonly do not receive any feedback during their practice session...
Mastering a musical instrument requires time-consuming practice even if students are guided by an expert. In the overwhelming majority of the time, the students practice by themselves and traditional teaching materials, such as videos or textbooks, lack interaction and guidance possibilities. Adequate feedback, however, is highly important to preve...
In spite of the great potential of on-body vibrotactile displays for a variety of applications, research lacks an understanding of the spacing between vibrotactile actuators. Through two experiments, we systematically investigate vibrotactile perception on the wrist, forearm, upper arm, back, torso, thigh, and leg, each in transverse and longitudin...
Accurate sketching in virtual 3D environments is challenging due to aspects like limited depth perception or the absence of physical support. To address this issue, we propose VRSketchPen – a pen that uses two haptic modalities to support virtual sketching without constraining user actions: (1) pneumatic force feedback to simulate the contact press...
Voters play an important role in end-to-end verifiable e-voting schemes because the schemes encourage them to carry out several security-critical tasks by themselves. If the voters cannot complete the tasks by themselves or experience bad usability while executing them, vote manipulations by either a faulty software or deliberate attacks cannot be...
Privacy Assistants (PAs) are a promising method to support users in making and communicating privacy-related decisions. In this work in progress paper, we present a study design to investigate users perspective on PAs in the context of mobile apps in an explo- rative user-centric workshop. The participants are asked to provide 1) which information...
Smart Home technologies have the potential to increase the quality of life, home security and facilitate elderly care. Therefore, they require access to a plethora of data about the users’ homes and private lives. Resulting security and privacy concerns form a relevant barrier to adopting this promising technology. Aiming to support end users’ info...
Over the last decades, E-learning has gained a lot of popularity and enabled students to learn in front of their computers using Internet-based learning systems rather than physically attending lectures. Those E-learning systems are different from traditional learning and do not fully immerse the student in the learning environment. Thus, we propos...
With the proliferation of room-scale Virtual Reality (VR), more and more users install a VR system in their homes. When users are in VR, they are usually completely immersed in their application. However, sometimes passersby invade these tracking spaces and walk up to users that are currently immersed in VR to try and interact with them. As this ei...
Internet voting has promising benefits, such as cost reduction, but it also introduces drawbacks: the computer, that is used for voting, learns the voter's choice. Code voting aims to protect the voter's choice by the introduction of voting codes that are listed on paper. To cast a vote, the voters need to provide the voting code belonging to their...
With head-mounted displays (HMDs), users can access and interact with a broad range of applications and data. Although some of this information is privacy-sensitive or even confidential, no intuitive, unobtrusive and secure authentication technique is available yet for HMDs. We present LookUnlock, an authentication technique for HMDs that uses pass...
Passwords and PINs are used to protect all kinds of services against adversaries in our everyday lives. To serve their purpose, passwords require a certain degree of complexity which is often enforced through password policies. This results in complicated passwords, which might not only be hard for users to create, but also hard to remember. Furthe...
E-voting has been embraced by a number of countries, delivering benefits in terms of efficiency and accessibility. End-to-end verifiable e-voting schemes facilitate verification of the integrity of individual votes during the election process. In particular, methods for cast-as-intended verification enable voters to confirm that their cast votes ha...
Das Kapitel gibt eine Einführung in das Thema „Human Factors in Security“ mit Fokus auf den Endanwender. Dabei wird zunächst das Problem allgemein eingeführt und an den konkreten Beispielen „E-Mail-Verschlüsselung“, „HTTPS-Verbindungen im Internet“ sowie „Passwörter“ beschrieben und diskutiert. Anschließend werden allgemeine Lösungsansätze basieren...
Evolution in technology causes privacy issues, which are currently under intense discussion. Here, much attention is given to smart cameras, the Internet of Things and the Internet in general , while sonic AR systems are overlooked. Many users, for example, blindfold their laptop cameras with physical layers, but it seems as if no attention is draw...
In general, most elections follow the principle of equality, or as it came to be known, the principle of “one person – one vote”. However, this principle might pose difficulties for voters, who are not well informed regarding the particular matter that is voted on. In order to address this issue, a new form of voting has been proposed, namely proxy...
A lot of decisions are made during boardroom meetings. Af- ter a discussion, the head of the board often asks for a quick poll. But what if you cannot join the meeting? So called boardroom voting schemes have been proposed to conduct the poll over the Internet and thereby enabling also those who are not present but available online to partici- pant...
Proxy voting is a form of voting, where the voters can either vote on an issue directly, or delegate their voting right to a proxy. This proxy might for instance be a trusted expert on the particular issue.
In this work, we extend the widely studied end-to-end verifiable Helios Internet voting system towards the proxy voting approach. Therefore, w...
In general, most elections follow the principle of equality, or as it came to be known, the principle of ``one man -- one vote''. However, this principle might pose difficulties for voters, who are not well informed regarding the particular matter that is voted on. In order to address this issue, a new form of voting has been proposed, namely proxy...
Android devices are widely used on a daily basis. As those devices can open doors for attackers and companies to privacy sensitive data, developers have to be aware of potential risks. We introduce the project of Privacy Friendly Apps, explain its design principles and describe some of its resulted apps. The long-term goal of this project is twofol...