Skip to main content
Disciplines
Automotive Business IT + Informatics Construction + Real Estate Electrical Engineering + Electronics Energy + Sustainability Insurance + Risk Finance + Banking Management + Leadership Marketing + Sales Mechanical Engineering + Materials
Events
DE
EN
Books
Journals
Topic Page
Marketing
Start single access now
Access for companies
EXTENDED SEARCH
Log in
Top
Published in:
Single Trial Authentication with Mental Password Writing Read chapter Read first chapter

2015 | OriginalPaper | Chapter

Usable-Security Evaluation

Authors : Yasser M. Hausawi, William H. Allen

Published in: Human Aspects of Information Security, Privacy, and Trust

Publisher: Springer International Publishing

Log in

Activate our intelligent search to find suitable subject content or patents.

search-config
loading …

Abstract

Developing software products which align security and usability to make a synergistic relationship between security and usability is an engineering process that starts from the first phase of the Software Development Life-Cycle (SDLC), and continues through the rest of the phases: design, construction, and testing. However, a summative evaluation of such a process must be done after the software product is completely developed with careful attention to measuring the alignment between security and usability (i.e.: usable-security), and integrating such alignment properly within the SDLC. Therefore, this paper proposes a usable-security measuring matrix that provides a summative evaluation of the whole process of applying usable-security on software products.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

inform now
previous chapter Do Graphical Cues Effectively Inform Users?
next chapter Reminding Users of their Privacy at the Point of Interaction: The Effect of Privacy Salience on Disclosure Behaviour
Literature
1.
Adams, A., Sasse, M.A.: Users are not the enemy. Commun. ACM 42(12), 40–46 (1999)CrossRef
2.
Alkussayer, A., Allen, W.H.: The ISDF framework: integrating security patterns and best practices. In: Park, J.H., Zhan, J., Lee, C., Wang, G., Kim, T., Yeo, S.-S. (eds.) ISA 2009. CCIS, vol. 36, pp. 17–28. Springer, Heidelberg (2009) CrossRef
3.
Alkussayer, A., Allen, W.H.: A scenario-based framework for the security evaluation of software architecture. In: 3rd IEEE International Conference on ICCSIT, vol. 5, pp. 687–695. IEEE (2010)
4.
Atallah, M.J., McDonough, C.J., Raskin, V., Nirenburg, S.: Natural language processing for information assurance and security: an overview and implementations. In: Proceedings of the 2000 Workshop on New Security Paradigms, pp. 51–65. ACM (2001)
5.
Benson, G., Re, S.R.: System and method for device registration and authentication, 8 June 2012, uS Patent App. 13/492,126
6.
Bevan, N., Macleod, M.: Usability measurement in context. Behav. Inf. Tech. 13(1–2), 132–145 (1994)CrossRef
7.
Cranor, L.F., Garfinkel, S.: Guest editors’ introduction: secure or usable? IEEE Secur. Priv. 2(5), 16–18 (2004)CrossRef
8.
DeWitt, A.J., Kuljis, J.: Is usable security an oxymoron? Interactions 13(3), 41–44 (2006)CrossRef
9.
Ferre, X.: Integration of usability techniques into the software development process. In: International Conference on Software Engineering (Bridging the Gaps Between Software Engineering and Human-Computer Interaction), pp. 28–35 (2003)
10.
Folmer, E., van Gurp, J., Bosch, J.: Scenario-based assessment of software architecture usability. In: ICSE Workshop on SE-HCI, Citeseer, pp. 61–68 (2003)
11.
Garfinkel, S.: Design principles and patterns for computer systems that are simultaneously secure and usable. Ph.D. thesis, Massachusetts Institute of Technology (2005)
12.
Hamilton, S., Chervany, N.L.: Evaluating information system effectiveness-part i: comparing evaluation approaches. MIS Q. 5, 55–69 (1981)CrossRef
13.
Hausawi, Y.M., Allen, W.H.: An assessment framework for usable-security based on decision science. In: Tryfonas, T., Askoxylakis, I. (eds.) HAS 2014. LNCS, vol. 8533, pp. 33–44. Springer, Heidelberg (2014)
14.
Hausawi, Y.M., Allen, W.H., Bahr, G.S.: Choice-based authentication: a usable-security approach. In: Stephanidis, C., Antona, M. (eds.) UAHCI 2014, Part I. LNCS, vol. 8513, pp. 114–124. Springer, Heidelberg (2014)
15.
Hausawi, Y.M., Mayron, L.M.: Towards usable and secure natural language processing systems. In: Stephanidis, C. (ed.) HCII 2013, Part I. CCIS, vol. 373, pp. 109–113. Springer, Heidelberg (2013) CrossRef
16.
Kainda, R., Flechais, I., Roscoe, A.: Security and usability: analysis and evaluation. In: ARES 2010 International Conference on Availability, Reliability, and Security, pp. 275–282. IEEE (2010)
17.
Kim, H.-C., Liu, D., Kim, H.-W.: Inherent usability problems in interactive voice response systems. In: Jacko, J.A. (ed.) Human-Computer Interaction, Part IV, HCII 2011. LNCS, vol. 6764, pp. 476–483. Springer, Heidelberg (2011)
18.
Kirakowski, J., Corbett, M.: Sumi: the software usability measurement inventory. Br. J. Educ. Technol. 24(3), 210–212 (1993)CrossRef
19.
Mayron, L.M., Hausawi, Y., Bahr, G.S.: Secure, usable biometric authentication systems. In: Stephanidis, C., Antona, M. (eds.) UAHCI 2013, Part I. LNCS, vol. 8009, pp. 195–204. Springer, Heidelberg (2013)
20.
21.
Pfleeger, C.P., Pfleeger, S.L.: Security in Computing. Prentice Hall PTR, Upper Saddle river (2006)
22.
Simpson, S.: Fundamental Practices for Secure Software Development: A Guide to the Most Effective Secure Development Practices in Use Today (2011)
23.
Tullis, T., Albert, W.: Measuring the User Experience: Collecting, Analyzing, and Presenting Usability Metrics. Morgan Kaufmann, San Francisco (2013)
24.
Weiß, S., Weissmann, O., Dressler, F.: A comprehensive and comparative metric for information security. In: Proceedings of IFIP International Conference on Telecommunication Systems, Modeling and Analysis (ICTSM 2005), pp. 1–10 (2005)
25.
Whitten, A.: Making security usable. Ph.D. thesis, Princeton University (2004)
26.
Good, M., Spine, T.M., Whiteside, J., George, P.: User-derived impact analysis as a tool for usability engineering. In: ACM SIGCHI Bulletin, vol. 17, pp. 241–246. ACM (1986)
27.
Gutmann, P., Grigg, I.: Security usability. IEEE Secur. Priv. 3(4), 56–58 (2005)CrossRef
Metadata
Title
Usable-Security Evaluation
Authors
Yasser M. Hausawi
William H. Allen
Copyright Year
2015
Book
Human Aspects of Information Security, Privacy, and Trust

Print ISBN: 978-3-319-20375-1

Electronic ISBN: 978-3-319-20376-8

Copyright Year: 2015

DOI
https://doi.org/10.1007/978-3-319-20376-8_30

Premium Partner

    Image Credits