Skip to main content
SpringerLink
Log in

A Framework for Evaluating the Usability and the Utility of PKI-enabled Applications

  • Conference paper
Public Key Infrastructure (EuroPKI 2004)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 3093))

Included in the following conference series:

Abstract

Besides the pure technical features, the usability of a PKI-enabled application plays a crucial role since the best security application will fail in practice if its usability is insufficient.

We present a generic framework to evaluate the usability and utility of PKI-enabled applications with respect to their security features. Our approach is modeled on the Common Criteria methodology and consists of 15 evaluation categories that cover all the relevant topics, namely deployment, ergonomics, and technical features.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Adams, A., Sasse, M.A.: Users are Not the Enemy: Why Users Compromise Security Mechanisms and How to Take Remedial Measures. Communications of the ACM 42(12), 41–46 (1999)

    Article  Google Scholar 

  2. Buchmann, J., Baier, H., Straub, T.: Absicherung von Anwendungen mit der Unterstützung von Public-Key-Infrastrukturen – Benutzbarkeitsstudie im Auftrag der Microsoft Deutschland GmbH (2003) (in German)

    Google Scholar 

  3. Davis, D.: Compliance Defects in Public-Key Cryptography. In: 6th USENIX Security Symposium, San Jose, USA (1996)

    Google Scholar 

  4. Gerd tom Markotten, D., Kaiser, J.: Usable Security – challenges and model for e-commerce systems. Wirtschaftsinformatik (6), 531–538 (2000)

    Google Scholar 

  5. Holmström, U.: User-centered design of security software. In: 17th International Symposium on Human Factors in Telecommunications, Copenhagen, Denmark (1999)

    Google Scholar 

  6. ISO 15408: Common Criteria for Information Technology Security Evaluation (CC) Version 2.0 (1998)

    Google Scholar 

  7. ISO 9241: Ergonomic requirements for office work with visual display terminals

    Google Scholar 

  8. Kaiser, J., Reichenbach, M.: Evaluating security tools towards usable security. In: IFIP 17th World Computer Congress, Montreal, Canada (2002)

    Google Scholar 

  9. Nielsen, J.: Usability Engineering. AP Professional, Cambridge (1993)

    MATH  Google Scholar 

  10. Sasse, M.A.: Computer Security: Anatomy of a Usability Disaster, and a Plan for Recovery. In: CHI 2003, Workshop on Human-Computer Interaction and Security Systems, Fort Lauderdale, USA (2003)

    Google Scholar 

  11. Schneier, B.: Secrets and Lies. Wiley, Chichester (2000)

    Google Scholar 

  12. Voßbein, J., Voßbein, R.: KES/KPMG-Sicherheitsstudie: Lagebericht zur ITSicherheit. kes 3 and 4 (2002), available online http://www.kes.info (in German)

  13. Whitten, A., Tygar, J.D.: Why Johnny Can’t Encrpyt: A Usability Evaluation of PGP 5.0. In: 8th USENIX Security Symposium, Washington DC, USA (1999)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Computer Science Departement, Darmstadt University of Technology, D-64283, Darmstadt, Germany

    Tobias Straub

  2. Darmstadt Centre of IT Security (DZI), Darmstadt University of Technology, D-64283, Darmstadt, Germany

    Harald Baier

Authors
  1. Tobias Straub
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Harald Baier
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Dept. of Technology Education and Digital Systems, University of Piraeus, 150 Androutsou St., GR-18532, Pireaus, Greece

    Sokratis K. Katsikas

  2. Department of Information and Communication Systems Engineering, University of the Aegean, Karlovassi, Samos, Greece

    Stefanos Gritzalis

  3. Department of Information and Communication Technologies, University of A Coruña, Spain

    Javier López

Rights and permissions

Reprints and permissions

Copyright information

© 2004 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Straub, T., Baier, H. (2004). A Framework for Evaluating the Usability and the Utility of PKI-enabled Applications. In: Katsikas, S.K., Gritzalis, S., López, J. (eds) Public Key Infrastructure. EuroPKI 2004. Lecture Notes in Computer Science, vol 3093. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-25980-0_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-25980-0_9

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-22216-3

  • Online ISBN: 978-3-540-25980-0

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation