Usability and Security An Appraisal of Usability Issues in Information Security Methods

Get BibTex-formatted data

Author

E. Eugene Schultz, Robert W. Proctor, Mei-Ching Lien, Gavriel Salvendy

Entry type

article

Abstract

In the modern multi-user computer environment, Internet-capable network servers provide connectivity that allows a large portion of the user population to access information at the desktop from sources around the world. Because of the ease with which information can be accessed, computer security breaches may occur unless systems and restricted information stored therein are kept secure. Breaches of security can have serious consequences, including theft of confidential corporate documents, compromise of intellectual property, unauthorized modification of systems and data, denial of service, and others. Considerable research has been conducted on threats to security. Numerous sophisticated security methods have been developed, many of which rely on individuals to implement and use them. However, these methods may not accomplish their intended objectives if they are not used properly. Despite the apparent influence of usability, surprisingly little research has been conducted on the trade-off between usability and the degree of security provided by various information security methods. In the present paper, we review the various information security methods that are used, appraise the usability issues, and develop a taxonomy to organize these issues. The intent is to make a strong case for the need for systematic usability analyses and for the development of usability metrics for information security.

Date

2001 – 1 – 1

Key alpha

Salvendy

Publication Date

2001-01-01

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.

@Article{ Salvendy,
	title = "Usability and Security An Appraisal of Usability Issues in Information Security Methods",
	author = "E. Eugene Schultz, Robert W. Proctor, Mei-Ching Lien, Gavriel Salvendy",
	year = "2001",
	month = "1",
	day = "1",
	abstract = "In the modern multi-user computer environment, Internet-capable network servers provide connectivity that allows a large portion of the user population to access information at the desktop from sources around the world. Because of the ease with which information can be accessed, computer security breaches may occur unless systems and restricted information stored therein are kept secure. Breaches of security can have serious consequences, including theft of confidential corporate documents, compromise of intellectual property, unauthorized modification of systems and data, denial of service, and others. Considerable research has been conducted on threats to security.

Numerous sophisticated security methods have been developed, many of which rely on individuals to implement and use them. However, these methods may not accomplish their intended objectives if they are not used properly. Despite the apparent influence of usability, surprisingly little research has been conducted on the trade-off between usability and the degree of security provided by various information security methods. In the present paper, we review the various information security methods that are used, appraise the usability issues, and develop a taxonomy to organize these issues. The intent is to make a strong case for the need for systematic usability analyses and for the development of usability metrics for information security.",
}