Title

Using human computer interaction principles to promote usable security

Document Type

Conference Proceeding

Publisher

Plymouth University

Faculty

Computing, Health and Science

School

School of Computer and Information Science, Centre for Security Research

RAS ID

2733

Comments

Originally published as: Katsabas, D., Furnell, S. M., & Dowland, P. S. (2005). Using human computer interaction principles to promote usable security. In Proceedings of the Fifth International Network Conference (INC 2005), Samos, Greece (pp. 235-242). Original article available here

Abstract

Faced with an increasing range of attacks, the appropriate use of available security features in computer systems and applications is becoming ever more necessary. However, although many applications provide ways in which users can protect themselves against threats, the design and implementation of these features can often be criticized from a Human Computer Interaction (HCI) perspective. This results in usability problems for novices and other non-technical users, which may compromise the level of protection that they can achieve. In this research, some standard principles of HCI have been used to devise guidelines to support the inclusion of security features within applications. Ten guidelines were created in total, and a number of existing applications have been assessed to determine their compliance. The results showed varying levels of adherence to the recommended practice, suggesting that current applications have some significant scope for improvement in their presentation of security functionality. To support this view, revised versions of user interfaces were designed for applications that achieved low scores, and the paper presents an example of the outcome to illustrate the approach. © 2005 University of the Aegean and University of Plymouth.

 
COinS