学术文献库

End users are increasingly using trigger-action platforms like, If-This-Then-That (IFTTT) to create applets to connect smart home devices and services. However, there are inherent risks in using such applets -- even non-malicious ones -- as sensitive information may leak through their use in certain contexts (e.g., where the device is located, who can observe the resultant action). This work aims to understand how well end users can assess this risk. We do so by exploring users' concerns with using IFTTT applets and more importantly if and how those concerns change based on different contextual factors. Through a Mechanical Turk survey of 386 participants on 49 smart-home IFTTT applets, we found that nudging the participants to think about different usage contexts led them to think deeper about the associated risks and raise their concerns. Qualitative analysis reveals that participants had a nuanced understanding of contextual factors and how these factors could lead to leakage of sensitive data and allow unauthorized access to applets and data.