An Anshin Model for the Evaluation of the Sense of Security Yuko Murayama † , Natsuko Hikage † , Carl Hauser ‡ , Basabi Chakraborty † and Norihisa Segawa † † Iwate Prefectural University Takizawa-mura, Iwate, Japan murayama@iwate-pu.ac.jp n.hikage@comm.soft.iwate-pu.ac.jp {basabi,sega}@soft.iwate-pu.ac.jp ‡ Washington State University Pullman, Washington, USA hauser@eecs.wsu.edu Abstract The evaluation of security technology has been concerned with how secure a system is from the theoretical and performance viewpoints. On the other hand, the majority of computer users have not been sure about how secure the systems and services which they use really are. Not so much work has been done on how well a user interface incorporates users' subjective feelings such as the sense of security. We look into this problem and propose an initial model of evaluating security systems in terms of the sense of security. The factors include knowledge, trust and impression. We conducted an experiment with users of a secure memo submission system, the under-the-door system, to demonstrate empirically how those factors influence the sense of security. 1. Introduction This paper presents our initial work on the sense of security. Security technology usually has been evaluated in terms of theoretical and engineering feasibility and mostly from service providers' viewpoints,[2,26, 30,35,36]. What has been missing is evaluation from users' viewpoints. Usability is one of the factors, but not only in engineering terms, but in terms of the users' subjective feeling in use of security tools --- i.e., the sense of security. Indeed, the term, ``security'' includes objective viewpoints of security engineering as well as such subjective factors as sense of security. We use the Japanese word, Anshin, for the latter throughout this paper. Anshin is a Japanese noun which is composed of two words, viz. An and Shin. “An” is to ease, and “Shin” indicates mind. Anshin literally means to ease one's mind. In this research, we have constructed our initial Anshin model incorporating several factors and conducted a preliminary experiment with users to understand how effective those factors are in the model. This paper proposes our initial model and reports the experiment results. The next section describes our motivation. Section 3 presents related work. Section 4 introduces our model. Section 5 describes the experiments and reports the results. Section 6 presents potential uses of the Anshin model. Section 7 concludes and presents directions for future work. 2. Motivation According to a survey of electronic commerce users in 2001, what the users were anxious about included leaks of personal information (69%), stolen personal information (61%), reliable delivery (54%) and the quality of goods and services (49%). The users were more anxious about information security than about actual goods and services they tried and bought. White Paper 2004: Building a Ubiquitous Network Society That Spread Throughout the World, issued by the Japanese Ministry of Public Management, Home Affairs, Posts and Telecommunications, reported that users were most anxious about fraud, scams and leaks of personal information, [21]. According to the paper, 72% of the users felt that network society needed additional countermeasures to deceits such as stealing personal information and money in order that they could have Anshin. Security tools are traditionally evaluated in terms of objective factors such as strength against cryptanalysis. We complement those objective factors with a subjective factor, Anshin, as in Figure 1. In Quadrant I, tools are objectively secure and users feel Anshin. In Quadrant II, tools are not secure but users nevertheless feel Anshin. In quadrant III, tools are Proceedings of the 39th Hawaii International Conference on System Sciences - 2006 1 0-7695-2507-5/06/$20.00 (C) 2006 IEEE