Bibliographic Details
| Title: |
Finding and resolving security misusability with misusability cases. |
| Authors: |
Faily, Shamal1 sfaily@bournemouth.ac.uk, Fléchais, Ivan2 |
| Source: |
Requirements Engineering. Jun2016, Vol. 21 Issue 2, p209-223. 15p. |
| Subjects: |
Use cases (Systems engineering), Systems engineering, Systems theory, Dynamic programming, Systems design, Electronic data processing |
| Abstract: |
Although widely used for both security and usability concerns, scenarios used in security design may not necessarily inform the design of usability, and vice-versa. One way of using scenarios to bridge security and usability involves explicitly describing how design decisions can lead to users inadvertently exploiting vulnerabilities to carry out their production tasks. This paper describes how misusability cases, scenarios that describe how design decisions may lead to usability problems subsequently leading to system misuse, address this problem. We describe the related work upon which misusability cases are based before presenting the approach, and illustrating its application using a case study example. Finally, we describe some findings from this approach that further inform the design of usable and secure systems. [ABSTRACT FROM AUTHOR] |
|
Copyright of Requirements Engineering is the property of Springer Nature and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.) |
| Database: |
Engineering Source |