Usablity and security trade-off: a design guideline

Proceedings of the 2014 ACM Southeast Regional Conference Pub Date : 2014-03-28 DOI:10.1145/2638404.2638483

Yasser M. Hausawi, W. Allen

{"title":"Usablity and security trade-off: a design guideline","authors":"Yasser M. Hausawi, W. Allen","doi":"10.1145/2638404.2638483","DOIUrl":null,"url":null,"abstract":"Requirements engineering and design are the first two phases of the Software Development Life-Cycle. Considerable research has addressed the requirements phase and a number of well-regarded tools exist to assist with that process. The design phase can also make use of a wide range of tools, including design principles, activities, best practices, techniques, and patterns, to improve the incorporation of requirements into the software design documents. However, the process of selecting the appropriate design tools to support each requirement is a complex task that requires considerable training and experience. It is also possible that design tools selected for different requirements can conflict with each other, reducing their effectiveness, increasing complexity, impacting usability or potentially causing security vulnerabilities. In this paper, we propose guidelines for selecting appropriate design tools to support the integration of usability and security requirements in the software design phase and to resolve conflicts between those tools. We demonstrate this approach with a case study that illustrates the design tool selection and analysis process.","PeriodicalId":91384,"journal":{"name":"Proceedings of the 2014 ACM Southeast Regional Conference","volume":"27 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2014-03-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2014 ACM Southeast Regional Conference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2638404.2638483","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 5

Abstract

Requirements engineering and design are the first two phases of the Software Development Life-Cycle. Considerable research has addressed the requirements phase and a number of well-regarded tools exist to assist with that process. The design phase can also make use of a wide range of tools, including design principles, activities, best practices, techniques, and patterns, to improve the incorporation of requirements into the software design documents. However, the process of selecting the appropriate design tools to support each requirement is a complex task that requires considerable training and experience. It is also possible that design tools selected for different requirements can conflict with each other, reducing their effectiveness, increasing complexity, impacting usability or potentially causing security vulnerabilities. In this paper, we propose guidelines for selecting appropriate design tools to support the integration of usability and security requirements in the software design phase and to resolve conflicts between those tools. We demonstrate this approach with a case study that illustrates the design tool selection and analysis process.

查看原文本刊更多论文

可用性和安全性的权衡:设计指南

需求工程和设计是软件开发生命周期的前两个阶段。相当多的研究已经处理了需求阶段，并且存在许多备受推崇的工具来协助该过程。设计阶段还可以利用广泛的工具，包括设计原则、活动、最佳实践、技术和模式，以改进将需求整合到软件设计文档中。然而，选择合适的设计工具来支持每个需求的过程是一项复杂的任务，需要大量的培训和经验。为不同需求选择的设计工具也可能相互冲突，从而降低其有效性，增加复杂性，影响可用性或潜在地导致安全漏洞。在本文中，我们提出了选择合适的设计工具的指导方针，以支持软件设计阶段的可用性和安全性需求的集成，并解决这些工具之间的冲突。我们通过一个案例研究来演示这种方法，该案例研究说明了设计工具的选择和分析过程。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the 2014 ACM Southeast Regional Conference

自引率

0.00%

发文量