Faily, S., Lyle, J., Fléchais, I. and Simpson, A., 2015. Usability and Security by Design: A Case Study in Research and Development. In: NDSS Workshop on Usable Security, 8 January 2015, Heriot Watt University, Edinburgh.
Full text available as:
|
PDF
flfs15.pdf - Published Version 1MB | |
Copyright to original material in this document is with the original owner(s). Access to this content through BURO is granted on condition that you use it only for research, scholarly or other non-commercial purposes. If you wish to use it for any other purposes, you must contact BU via BURO@bournemouth.ac.uk. Any third party copyright material in this document remains the property of its respective owner(s). BU grants no licence for further use of that third party material. |
Abstract
There is ongoing interest in utilising user expe- riences associated with security and privacy to better inform system design and development. However, there are few studies demonstrating how, together, security and usability design tech- niques can help in the design of secure systems; such studies provide practical examples and lessons learned that practitioners and researchers can use to inform best practice, and underpin future research. This paper describes a three-year study where security and usability techniques were used in a research and development project to develop webinos — a secure, cross- platform software environment for web applications. Because they value innovation over both security and usability, research and development projects are a particularly difficult context of study. We describe the difficulties faced in applying these security and usability techniques, the approaches taken to overcome them, and lessons that can be learned by others trying to build usability and security into software systems.
Item Type: | Conference or Workshop Item (Paper) |
---|---|
Additional Information: | Permission to freely reproduce all or part of this paper for noncommercial purposes is granted provided that copies bear this notice and the full citation on the first page. Reproduction for commercial purposes is strictly prohibited without the prior written consent of the Internet Society, the first-named author (for reproduction of an entire paper only), and the author’s employer if the paper was prepared within the scope of employment. USEC ’15, 8 February 2015, San Diego, CA, USA |
Uncontrolled Keywords: | Security; Usability; Context of Use; Personas |
Group: | Faculty of Science & Technology |
ID Code: | 22053 |
Deposited By: | Symplectic RT2 |
Deposited On: | 09 Jun 2015 08:41 |
Last Modified: | 14 Mar 2022 13:51 |
Downloads
Downloads per month over past year
Repository Staff Only - |