Finding and Resolving Security Misusability with Misusability Cases.

Faily, S. and Fléchais, I., 2014. Finding and Resolving Security Misusability with Misusability Cases. Requirements Engineering.

Full text available as:

fafl141.pdf - Published Version
Available under License Creative Commons Attribution.


DOI: 10.1007/s00766-014-0217-8


Although widely used for both security and usability concerns, scenarios used in security design may not necessarily inform the design of usability, and vice- versa. One way of using scenarios to bridge security and usability involves explicitly describing how design deci- sions can lead to users inadvertently exploiting vulnera- bilities to carry out their production tasks. This paper describes how misusability cases, scenarios that describe how design decisions may lead to usability problems sub- sequently leading to system misuse, address this problem. We describe the related work upon which misusability cases are based before presenting the approach, and illus- trating its application using a case study example. Finally, we describe some findings from this approach that further inform the design of usable and secure systems.

Item Type:Article
Uncontrolled Keywords:Goals; Personas; Scenarios; Use cases; Security
Group:Faculty of Science & Technology
ID Code:21646
Deposited By: Unnamed user with email symplectic@symplectic
Deposited On:19 Jan 2015 12:26
Last Modified:26 Jul 2017 13:11


Downloads per month over past year

More statistics for this item...
Repository Staff Only -