A conceptual framework for evaluating usable security in authentication mechanisms - usability perspectives

Mihajlov, Martin; Jerman-Blažič, Borka; Josimovski, Saso

doi:10.1109/icnss.2011.6060025

Cited by 15 publications

(10 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Lightening the security of a system to require just one-way access could be a little bit risky but in order not to reduce the usability of the interface; it could be required [14]. Another research being carried out by Mihajlov, et al [15], used a quantification approach and quality criteria to come up with a conceptual framework which evaluated both security and usability characteristics of systems. The quality criteria for security and usability were quantified separately by determining the linear dependence between the different quality criteria.…”

Section: Related Workmentioning

confidence: 99%

“…[11] When considering usability, it essentially encompasses user interface as well as operations and performance of a system. So to examine security characteristics from user perspective, the following will likely be considered [15,19]:…”

Section: Rq2mentioning

confidence: 99%

“…Considering the convenience for an authentication system, it measures the time consumed in performing an authentication, or replacement and enrollment [15]. Authentication time refers to the time that elapses as the user is trying to enter their personal information in order to gain access into a system.…”

Section: ) Conveniencementioning

confidence: 99%

“…This can also be known as meaningful retrieval which is the amount of effort that is put in by the user to retrieve and understand an authentication password [15]. One of the principles of designing a user interface is that the user should be able to recognize rather than having to recall the property of a particular function.…”

Section: ) Understandablementioning

confidence: 99%

See 3 more Smart Citations

Usability and Security in User Interface Design: A Systematic Literature Review

Nwokedi¹,

Onyimbo²,

Rad³

2016

IJITCS

View full text Add to dashboard Cite

Abstract-Systems carry sensitive data where users are involved. There is need for security concern for the modern software applications. We can term them as 'untrusted clients'. Internet usage has rapidly grown over the years and, more users are opening their information system to their clientele, it is essential to understand users' data that need protecting and to control system access as well and the rights of users of the system. Because of today's increasingly nomadic lifestyle, where they allow users to connect to information systems from anywhere with all the devices in the market, the users need to carry part of the information system out of the secure infrastructure. Insecurity in user interfaces is caused by user ignoring functionalities in the system where some are not only a threat but can harm the system e.g. leaving network services active even though the user does not need them, or when a user is having little or no information of the available security measures. This research paper aims critically address through a review of existing literature, the importance of balance or trade-off between usability and the security of the system. Systematic review method involved a physical exploration of some conference proceedings and journals to conduct the literature review. Research questions relating to usability and security were asked and the criteria for usability and security evaluations were identified. This systematic literature review is valuable in closing the gap between usability and security in software development process, where usability and security engineering needs to be considered for a better quality end-user software.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Rq2mentioning

confidence: 99%

Section: ) Conveniencementioning

confidence: 99%

Section: ) Understandablementioning

confidence: 99%

See 2 more Smart Citations

Usability and Security in User Interface Design: A Systematic Literature Review

Nwokedi¹,

Onyimbo²,

Rad³

2016

IJITCS

View full text Add to dashboard Cite

show abstract

“…They also detected that the cost of usability is more with a higher understanding of security. Reducing the security of a system by limiting access control increases risk [26][27]. M ihajlov et al [28] developed a theoretical framework using quantification and quality measurements.…”

Section: Related Workmentioning

confidence: 99%

Usability meets security: a database case study

Wang

Rawal

2017

JACST

View full text Add to dashboard Cite

Abstract In this paper, we review security and usability scenarios. We propose security enhancements without losing usability and apply a new approach to popular application systems. Specifically, we analyze database security for access control, auditing, authentication, encryption, integrity control, backups, separation of environment, and secure configuration. Finally, we present our recommendations for system security and usability that work together.

show abstract

Game theoretical analysis of usable security and privacy

Justine¹,

Prasad²,

Thomas³

2018

Security and Privacy

View full text Add to dashboard Cite

Security, privacy, and usability are among the most important concerns in system and application design. Enhanced security, privacy, and usability features in a product definitely lead to remarkable total customer experience. It is commonly seen that developers in their attempt to create usable software, fail to meet the security needs of users, resulting in software security flaws. Security flaws in software may in turn cause inadvertent errors leading to further usability issues. Thus this situation creates a vicious cycle. Hence the need for better usable security and privacy comes into picture. This novel research paper discusses an example system in a hand‐held device ecosystem with focus on banking security, to illustrate the interplay of usability, security, and privacy. Game theory is used to model the situation and analyze the possibility of finding equilibrium for these competing goals. Both coalitional and non‐cooperative game models for analyzing usable security and privacy are proposed and analyzed. This game theoretical analysis of usable security proves that it is possible to optimize usability, security, and privacy and helps to break the popular misconception that it is not possible for these three features to be simultaneously available to the end users.

show abstract

A conceptual framework for evaluating usable security in authentication mechanisms - usability perspectives

Cited by 15 publications

References 7 publications

Usability and Security in User Interface Design: A Systematic Literature Review

Usability and Security in User Interface Design: A Systematic Literature Review

Usability meets security: a database case study

Game theoretical analysis of usable security and privacy

Contact Info

Product

Resources

About