Finding and resolving security misusability with misusability cases

This source preferred by Shamal Faily

Authors: Faily, S. and Fléchais, I.

http://eprints.bournemouth.ac.uk/21646/

Journal: Requirements Engineering

Volume: 21

Issue: 2

Pages: 209-223

Publisher: Springer

DOI: 10.1007/s00766-014-0217-8

This data was imported from DBLP:

Authors: Faily, S. and Flechais, I.

http://eprints.bournemouth.ac.uk/21646/

Journal: Requir. Eng.

Volume: 21

Pages: 209-223

DOI: 10.1007/s00766-014-0217-8

This data was imported from Scopus:

Authors: Faily, S. and Fléchais, I.

http://eprints.bournemouth.ac.uk/21646/

Journal: Requirements Engineering

Volume: 21

Issue: 2

Pages: 209-223

eISSN: 1432-010X

ISSN: 0947-3602

DOI: 10.1007/s00766-014-0217-8

© 2014, The Author(s). Although widely used for both security and usability concerns, scenarios used in security design may not necessarily inform the design of usability, and vice-versa. One way of using scenarios to bridge security and usability involves explicitly describing how design decisions can lead to users inadvertently exploiting vulnerabilities to carry out their production tasks. This paper describes how misusability cases, scenarios that describe how design decisions may lead to usability problems subsequently leading to system misuse, address this problem. We describe the related work upon which misusability cases are based before presenting the approach, and illustrating its application using a case study example. Finally, we describe some findings from this approach that further inform the design of usable and secure systems.

This data was imported from Web of Science (Lite):

Authors: Faily, S. and Flechais, I.

http://eprints.bournemouth.ac.uk/21646/

Journal: REQUIREMENTS ENGINEERING

Volume: 21

Issue: 2

Pages: 209-223

eISSN: 1432-010X

ISSN: 0947-3602

DOI: 10.1007/s00766-014-0217-8

The data on this page was last updated at 04:42 on September 22, 2017.