Finding and Resolving Security Misusability with Misusability Cases.

Faily, S. and Fléchais, I, 2014. Finding and Resolving Security Misusability with Misusability Cases. Requirements Engineering.

Full text available as:

[img]
Preview
PDF (OPEN ACCESS ARTICLE)
fafl141.pdf - Published Version
Available under License Creative Commons Attribution.

1MB

DOI: 10.1007/s00766-014-0217-8

Abstract

Although widely used for both security and usability concerns, scenarios used in security design may not necessarily inform the design of usability, and vice- versa. One way of using scenarios to bridge security and usability involves explicitly describing how design deci- sions can lead to users inadvertently exploiting vulnera- bilities to carry out their production tasks. This paper describes how misusability cases, scenarios that describe how design decisions may lead to usability problems sub- sequently leading to system misuse, address this problem. We describe the related work upon which misusability cases are based before presenting the approach, and illus- trating its application using a case study example. Finally, we describe some findings from this approach that further inform the design of usable and secure systems.

Item Type:Article
ISSN:0947-3602
Uncontrolled Keywords:Goals; Personas; Scenarios; Use cases; Security
Subjects:UNSPECIFIED
Group:Faculty of Science and Technology
ID Code:21646
Deposited By: Unnamed user with email symplectic@symplectic
Deposited On:19 Jan 2015 12:26
Last Modified:19 Jan 2015 12:26

Downloads

Downloads per month over past year

More statistics for this item...
Repository Staff Only -