Design Principles for Actual Security

Adjunct Proceedings of the 2022 Nordic Human-Computer Interaction Conference Pub Date : 2022-10-08 DOI:10.1145/3547522.3547684

Merel Brandon, H. Schraffenberger, W. Sluis-Thiescheffer, T. Geest, Daniel Ostkamp, Bart Jacobs

引用次数: 2

Abstract

The importance of designing for actual security, i.e., security in practice, is underlined by previous work. However, clear design principles for actual security are missing. This paper reports early work on establishing such design principles based on heuristic evaluations of security-enhancing applications. Seven experts evaluated the actual security of four applications for secure email communication. Based on a qualitative analysis of the experts’ findings, we formulate six design principles for actual security that apply to secure email, secure communication, and other security-enhancing applications.

查看原文本刊更多论文

实际安全性的设计原则

以前的工作强调了为实际安全性(即实践中的安全性)进行设计的重要性。然而，对于实际的安全性，缺乏明确的设计原则。本文报告了基于安全增强应用的启发式评估建立这种设计原则的早期工作。7位专家评估了4种安全电子邮件通信应用程序的实际安全性。基于对专家发现的定性分析，我们制定了适用于安全电子邮件、安全通信和其他安全增强应用程序的实际安全性的六个设计原则。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Adjunct Proceedings of the 2022 Nordic Human-Computer Interaction Conference

自引率

0.00%

发文量