Shamal Faily
Usability and security by design: a case study in research and development.
Faily, Shamal; Lyle, John; Fl�chais, Ivan; Simpson, Andrew
Authors
John Lyle
Ivan Fl�chais
Andrew Simpson
Abstract
There is ongoing interest in utilising user experiences associated with security and privacy to better inform system design and development. However, there are few studies demonstrating how, together, security and usability design techniques can help in the design of secure systems; such studies provide practical examples and lessons learned that practitioners and researchers can use to inform best practice, and underpin future research. This paper describes a three-year study where security and usability techniques were used in a research and development project to develop webinos — a secure, cross-platform software environment for web applications. Because they value innovation over both security and usability, research and development projects are a particularly difficult context of study. We describe the difficulties faced in applying these security and usability techniques, the approaches taken to overcome them, and lessons that can be learned by others trying to build usability and security into software systems.
Citation
FAILY, S., LYLE, J., FLÉCHAIS, I. and SIMPSON, A. 2015. Usability and security by design: a case study in research and development. In Proceedings of the 2015 Workshop on useable security (USEC 2015), co-located with the 2015 Network and distributed system security symposium (NDSS 2015), 8 February 2015, San Diego, USA. Reston: Internet Society [online]. Available from: https://doi.org/10.14722/usec.2015.23012
| Presentation Conference Type | Conference Paper (published) |
|---|---|
| Conference Name | 2015 Workshop on useable security (USEC 2015), co-located with the 2015 Network and distributed system security symposium (NDSS 2015) |
| Start Date | Feb 8, 2015 |
| Acceptance Date | Dec 23, 2014 |
| Online Publication Date | Dec 31, 2015 |
| Publication Date | Dec 31, 2015 |
| Deposit Date | Dec 16, 2021 |
| Publicly Available Date | Dec 16, 2021 |
| Publisher | Internet Society |
| Peer Reviewed | Peer Reviewed |
| ISBN | 1891562401 |
| DOI | https://doi.org/10.14722/usec.2015.23012 |
| Keywords | User-centred design; User experience; User personas; Systems security; Multi-device applications; Cross-platform applications; Software engineering |
| Public URL | https://rgu-repository.worktribe.com/output/1446670 |
| Additional Information | The file accompanying this record includes both the full-text conference paper and the slides used during its presentation. |
Files
FAILY 2015 Usability and security by design (COMBINED)
(4.9 Mb)
PDF
You might also like
Privacy goals for the data lifecycle.
(2022)
Journal Article
Assessing system of systems information security risk with OASoSIS.
(2022)
Journal Article
Visualising personas as goal models to find security tensions.
(2021)
Journal Article
Evaluating privacy: determining user privacy expectations on the web.
(2021)
Journal Article
DPIA in context: applying DPIA to assess privacy risks of cyber physical systems.
(2020)
Journal Article
Downloadable Citations
About OpenAIR@RGU
Administrator e-mail: publications@rgu.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2025
Advanced Search