The doctoral dissertations of the former Helsinki University of Technology (TKK) and Aalto University Schools of Technology (CHEM, ELEC, ENG, SCI) published in electronic format are available in the electronic publications archive of Aalto University - Aaltodoc.

Bridging the Gap Between Human and Machine Trust: Applying Methods of User-Centred Design and Usability to Computer Security

Kristiina Karvonen

Dissertation for the degree of Doctor of Science in Technology to be presented with due permission of the Department of Computer Science and Engineering for public examination and debate in Auditorium T2 at Helsinki University of Technology (Espoo, Finland) on the 25th of May, 2007, at 12 noon.

Overview in PDF format (ISBN 978-951-22-8786-4)   [809 KB]
Dissertation is also available in print (ISBN 978-951-22-8785-7)


This work presents methods for improving the usability of security. The work focuses on trust as part of computer security. Methods of usability and user-centred design present an essential starting point for the research. The work uses the methods these fields provide to investigate differences between machine and human trust, as well as how the technical expressions of trust could be made more usable by applying these methods. The thesis is based on nine publications, which present various possibilities to research trust with user-centric methods. The publications proceed chronologically and logically from the first user interviews about trust, trusting attitudes and behaviours in general to the actual design and usability testing of user interfaces for security applications, finally presenting the outcomes and conclusions of the research.

The work also presents a review of relevant previous work in the area, concentrating on work done in the fields of usability and user-centred design. The work is of cross-disciplinary nature, falling into the areas of human-computer interaction, computer science and telecommunications. The ultimate goal of the conducted research has been to find out 1) how trust is to be understood in this context; 2) what methods can be used to gain insight into trust thus defined; and, finally, 3) what means can be used to create trust in the end users in online situations, where trust is needed. The work aims at providing insight into how trust can be studied with the methods provided by user-centred design and usability. Further, it investigates how to take understanding of trust formation in humans into account when attempting to design trust-inducing systems and applications.

The work includes an analysis and comparison of the methods used: what kinds of methods to study trust exist in the field of usability and user-centred design. Further, it is evaluated, what kind of results and when can be reached with the different methods available, by applying a variety of these methods. Recommendations for the appropriate application of these methods when studying the various parts of trust is one of the outcomes. The results received with the methods used have also been compared with results received by others by applying alternative methods to the same research questions. On a conceptual level, the work contains an analysis of the concept of trust. It also contains a brief investigation into both technical and humane ways to express trust, with a comparison between the two.

This thesis consists of an overview and of the following 9 publications:

  1. Kristiina Karvonen. 1999. Creating trust. In: Proceedings of the Fourth Nordic Workshop on Secure IT Systems (NordSec 1999). Kista, Sweden. 1-2 November 1999, pages 21-36. © 1999 Department of Computer and Systems Sciences, Stockholm University / Royal Institute of Technology (KTH). By permission.
  2. Kristiina Karvonen. 1999. Enhancing trust online. In: Proceedings of the Second International Workshop on Philosophy of Design and Information Technology (PhDIT'99). Ethics in Information Technology Design. Saint-Ferréol, Toulouse, France. 16-17 December 1999, pages 57-64. © 1999 Europia. By permission.
  3. Pekka Nikander and Kristiina Karvonen. 2001. Users and trust in cyberspace. In: B. Christianson, B. Crispo, J. A. Malcolm, and M. Roe (editors). Revised Papers of the 8th International Workshop on Security Protocols. Cambridge, UK. 3-5 April 2000. Berlin, Heidelberg, Springer-Verlag. Lecture Notes in Computer Science, volume 2133, pages 24-35.
  4. Kristiina Karvonen, Lucas Cardholm, and Stefan Karlsson. 2000. Cultures of trust: a cross-cultural study on the formation of trust in an electronic environment. In: Proceedings of the Fifth Nordic Workshop on Secure IT Systems (NordSec 2000). Reykjavik, Iceland. 12-13 October 2000, pages 89-100.
  5. Kristiina Karvonen and Ursula Holmström. 2000. Expressing trust. In: Jan Gulliksen, Ann Lantz, Lars Oestreicher, and Kerstin Severinson-Eklundh (editors). Proceedings of the First Nordic Conference on Computer-Human Interaction (NordiCHI 2000). Short papers. Royal Institute of Technology, Stockholm, Sweden. 23-25 October 2000. CD proceedings, 2 pages.
  6. Kristiina Karvonen. 2000. Experimenting with metaphors for all: a user interface for a mobile electronic payment device. In: Pier Luigi Emiliani and Constantine Stephanidis (editors). Proceedings of the 6th ERCIM Workshop on User Interfaces for All (UI 4 All). Convitto della Calza, Florence, Italy. 25-26 October 2000, pages 183-188. © 2000 European Research Consortium for Informatics and Mathematics (ERCIM). By permission.
  7. Kristiina Karvonen. 2000. The beauty of simplicity. In: John Thomas and Jean Scholtz (editors). Proceedings of the First ACM Conference on Universal Usability (CUU 2000). Washington DC, USA. 16-17 November 2000, pages 85-90.
  8. Kristiina Karvonen. 2001. Designing trust for a universal audience: a multicultural study on the formation of trust in the Internet in the Nordic countries. In: Proceedings of the First International Conference on Universal Access in Human-Computer Interaction (UAHCI 2001). Invited paper. New Orleans, LA, USA. 5-10 August 2001, pages 1078-1082.
  9. Kristiina Karvonen and Jarmo Parkkinen. 2001. Signs of trust: a semiotic study of trust formation in the web. In: Proceedings of the 9th International Conference on Human-Computer Interaction (HCI International 2001). New Orleans, LA, USA. 5-10 August 2001, pages 1076-1080.

Keywords: trust, trust management, computer networks, usability, user-centred design, computer security

This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.

© 2008 Helsinki University of Technology

Last update 2011-05-26