Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Bücher
Zeitschriften
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
SLX-Digitalkonferenz: Zukunftswerkstatt 2024

Mehr Umsatz mit Top-Kontakten

Am 7. Mai erfahren Sie, wie Vertriebsteams Leadgenerierung, Leadnurturing und Leadstrategien effizient steuern können.
Erweiterte Suche
Anmelden
nach oben
Erschienen in:
From Startup to Scaleup: An Interview Study of the Development of User Experience Work in a Data-Intensive Company Kapitel lesen Erstes Kapitel lesen

2019 | OriginalPaper | Buchkapitel

Adding Measures to Task Models for Usability Inspection of the Cloud Access Control Services

verfasst von : Bilal Naqvi, Ahmed Seffah, Christina Braz

Erschienen in: Human-Centered Software Engineering

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

Access control services in the cloud require defining which users, applications, or functions can have access to which data to perform what kinds of operations. There are thus three dimensions: (1) which users can (2) perform which operations (3) on which data. We speak of: (1) principals (i.e., users or roles), (2) privileges, and (3) objects, corresponding to these three dimensions, respectively. The act of accessing gives rights and privileges such as using or releasing data, modifying the access rights or accomplishing certain tasks. Permission to access also requires identity management. Research studies identify the existence of dependency between usability and security, and that there exists a conflict between the two, for which trade-offs are difficult to evaluate and engineer. This paper proposes a novel methodology for assessing the usability of access control services while ensuring that security requirements are met. The proposed methodology assists in integrating the experience of both security and usability experts by using different Human Computer Interaction methods as a way to identify the usability and security problems in access control security services in the cloud, and capture solutions to resolve such problems.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Jetzt informieren
Vorheriges Kapitel MIODMIT: A Generic Architecture for Dynamic Multimodal Interactive Systems
Nächstes Kapitel Enriching Task Models with Usability and User Experience Evaluation Data
Literatur
1.
Azuma, M.: Software products evaluation system: quality models, metrics and processes—International Standards and Japanese practice. Inf. Softw. Technol. 38(3), 145–154 (1996)CrossRef
2.
Beckerle, M., Martucci, L.A.: Formal definitions for usable access control rule sets from goals to metrics. In: Proceedings of the Ninth Symposium on Usable Privacy and Security. ACM (2013)
3.
Braz, C., Seffah, A., Naqvi, B.: Integrating a Usable Security Protocol into User Authentication Services Design Process. CRC Press, Boca Raton (2018)
4.
Card, S.K., Newell, A., Moran, T.P.: The psychology of human-computer interaction (1983)
5.
Cranor, L.F., Garfinkel, S.: Security and Usability: Designing Secure Systems that People Can Use. O’Reilly Media Inc., Farnham (2005)
6.
Forget, A., Chiasson, S., Biddle, R.: Choose your own authentication. In: Proceedings of the 2015 New Security Paradigms Workshop, pp. 1–15. ACM (2015)
7.
8.
9.
Hayashi, E., Das, S., Amini, S., Hong, J., Oakley, I.: CASA: context-aware scalable authentication. In: Proceedings of the Ninth Symposium on Usable Privacy and Security. ACM (2013)
10.
ISO/IEC: ISO/IEC 27000: Information technology – Security techniques – Information security management systems – Overview and vocabulary. International Organization for Standardization (2014)
11.
Jøsang, A., Zomai, M.A., Suriadi, S.: Usability and privacy in identity management architectures. In: Proceedings of the Fifth Australasian Symposium on ACSW Frontiers, vol. 68, pp. 143–152. Australian Computer Society, Inc. (2007)
12.
Kainda, R., Flechais, I., Roscoe, A.: Security and usability: analysis and evaluation. In: International Conference on Availability, Reliability, and Security, ARES 2010, pp. 275–282. IEEE (2010)
13.
14.
Nayak, S.K., Mohapatra, S., Majhi, B.: An improved mutual authentication framework for cloud computing. Int. J. Comput. Appl. 52, 5 (2012)
15.
16.
Peffers, K., Tuunanen, T., Rothenberger, M.A., Chatterjee, S.: A design science research methodology for information systems research. J. Manag. Inf. Syst. 24(3), 45–77 (2007)CrossRef
17.
Salini, P., Kanmani, S.: Survey and analysis on security requirements engineering. Comput. Electr. Eng. 38(6), 1785–1797 (2012)CrossRef
18.
Seffah, A., Donyaee, M., Kline, R.B., Padda, H.K.: Usability measurement and metrics: a consolidated model. Softw. Qual. J. 14(2), 159–178 (2006)CrossRef
19.
Von Solms, B., Von Solms, R.: The 10 deadly sins of information security management. Comput. Secur. 23(5), 371–376 (2004)CrossRef
20.
Zhao, R., Yue, C.: Toward a secure and usable cloud-based password manager for web browsers. Comput. Secur. 46(10), 32–47 (2014)CrossRef
21.
Faily, S., Fléchais, I.: Finding and resolving security mis-usability with mis-usability cases. Requirement Eng. 21(2), 209–223 (2016)CrossRef
Metadaten
Titel
Adding Measures to Task Models for Usability Inspection of the Cloud Access Control Services
verfasst von
Bilal Naqvi
Ahmed Seffah
Christina Braz
Copyright-Jahr
2019
Buch
Human-Centered Software Engineering

Print ISBN: 978-3-030-05908-8

Electronic ISBN: 978-3-030-05909-5

Copyright-Jahr: 2019

DOI
https://doi.org/10.1007/978-3-030-05909-5_8

Premium Partner

    Bildnachweise