{"title":"在系统和服务中调整可用性和安全性的方法","authors":"Bilal Naqvi, A. Seffah","doi":"10.1109/ICISE.2018.00019","DOIUrl":null,"url":null,"abstract":"Conflict between usability and security is a widely recognized research problem in industry and academia. Failure to design systems, which are simultaneously usable and secure, may cause incidents where human errors lead to security breaches. Academic research identifies that usability versus security conflict can be best handled at the requirement and design stage of system development. However, there exist no practical solutions to incorporate usability and security during requirements and design stage of system development specifically in case of information systems. This paper is an attempt in this regard i.e. to incorporate the human factors (usability) while designing security features of the system. The main contribution of this paper is a novel methodology to handle usability versus security conflict during the early stages of system development, and documenting them in form of design patterns for reuse. We also present an instance of usable security design pattern.","PeriodicalId":207897,"journal":{"name":"2018 3rd International Conference on Information Systems Engineering (ICISE)","volume":"75 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-05-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"15","resultStr":"{\"title\":\"A Methodology for Aligning Usability and Security in Systems and Services\",\"authors\":\"Bilal Naqvi, A. Seffah\",\"doi\":\"10.1109/ICISE.2018.00019\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Conflict between usability and security is a widely recognized research problem in industry and academia. Failure to design systems, which are simultaneously usable and secure, may cause incidents where human errors lead to security breaches. Academic research identifies that usability versus security conflict can be best handled at the requirement and design stage of system development. However, there exist no practical solutions to incorporate usability and security during requirements and design stage of system development specifically in case of information systems. This paper is an attempt in this regard i.e. to incorporate the human factors (usability) while designing security features of the system. The main contribution of this paper is a novel methodology to handle usability versus security conflict during the early stages of system development, and documenting them in form of design patterns for reuse. We also present an instance of usable security design pattern.\",\"PeriodicalId\":207897,\"journal\":{\"name\":\"2018 3rd International Conference on Information Systems Engineering (ICISE)\",\"volume\":\"75 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-05-04\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"15\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2018 3rd International Conference on Information Systems Engineering (ICISE)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICISE.2018.00019\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 3rd International Conference on Information Systems Engineering (ICISE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICISE.2018.00019","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A Methodology for Aligning Usability and Security in Systems and Services
Conflict between usability and security is a widely recognized research problem in industry and academia. Failure to design systems, which are simultaneously usable and secure, may cause incidents where human errors lead to security breaches. Academic research identifies that usability versus security conflict can be best handled at the requirement and design stage of system development. However, there exist no practical solutions to incorporate usability and security during requirements and design stage of system development specifically in case of information systems. This paper is an attempt in this regard i.e. to incorporate the human factors (usability) while designing security features of the system. The main contribution of this paper is a novel methodology to handle usability versus security conflict during the early stages of system development, and documenting them in form of design patterns for reuse. We also present an instance of usable security design pattern.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
