Empowering Ordinary Consumers to Securely Configure their Mobile Devices and Wireless Networks

Despite the best efforts of application designers, security configuration interfaces are hard to use. The conventional wisdom for designing consumer applications does not work for designing security applications. Using 802.11 networks as a case study, we present a set of principles for the design of configuration interfaces. The key insight is that users have a difficult time translating their goals for wireless network security into specific feature configurations. We design and implement a configuration interface that guides users through an 802.11 wireless network configuration. We overcome users’ configuration difficulties by automating the translation from high-level goals to low-level feature configurations. The design empowers non-expert users to securely configure their networks as well as expert users. We also design and conduct a user study which demonstrates that users perform dramatically better using our prototype, as compared with the two most popular commercial access points. In general, our research addresses problems that are common across mobile system configurations.