Eliciting usable security requirements with misusability cases

This source preferred by Shamal Faily

Authors: Faily, S. and Flechais, I.

Journal: Proceedings of the 19th IEEE International Requirements Engineering Conference

Pages: 339-340

Publisher: IEEE Computer Society

This data was imported from DBLP:

Authors: Faily, S. and Flechais, I.

http://ieeexplore.ieee.org/xpl/mostRecentIssue.jsp?punumber=6036256

Journal: RE

Pages: 339-340

Publisher: IEEE Computer Society

ISBN: 978-1-4577-0921-0

DOI: 10.1109/RE.2011.6051665

This data was imported from Scopus:

Authors: Faily, S. and Fléchais, I.

Journal: Proceedings of the 2011 IEEE 19th International Requirements Engineering Conference, RE 2011

Pages: 339-340

ISBN: 9781457709234

DOI: 10.1109/RE.2011.6051665

Although widely used for both security and usability concerns, scenarios used in security design may not necessarily inform the design of usability, and vice-versa. One way of using scenarios to bridge security and usability involves explicitly describing how design decisions can lead to users inadvertently exploiting vulnerabilities to carry out their production tasks. We present Mis-usability Cases: scenarios which describe how design decisions may lead to usability problems subsequently leading to system misuse. We describe the steps carried out to develop and apply misusability cases to elicit requirements and report preliminary results applying this technique in a recent case study. © 2011 IEEE.

The data on this page was last updated at 04:42 on September 22, 2017.