Abstract
The design of usable yet secure systems raises crucial questions when it comes to balancing properly security and usability. Finding the right tradeoff between these two quality attributes is not an easy endeavor. In this paper, we introduce an original design model based on a novel usability inspection method. This new method, named Security Usability Symmetry (SUS), exploits automata machines theory and introduces the concept of an advanced Multifunction Teller Machine (MTM). We demonstrate, via case study, how to use this model during the design of secure, usable interactive systems.
Chapter PDF
Similar content being viewed by others
References
International Organization for Standardization ISO 9241-11: Ergonomic requirements for office work with visual display terminals (VDTs - Part 11: Guidance on Usability) (1998)
International Organization for Standardization: ISO/IEC 9126-1:2001 Edition 1; Software product Evaluation – Quality Characteristics and Guidelines for the User, Geneva (2001)
Institute of Electrical and Electronics Engineers (IEEE): 1061-1998 IEEE Standard for a Software Quality Metrics Methodology (1998)
Abran, A., Khelifi, A., Suryn, W., Seffah, A.: Usability Meanings and Interpretations in ISO Standards. Software Quality Journal 11(4) (2003)
Jøsang, A., Patton, M.: UI Requirements for Authentication of Communication, White Paper, Distributed Systems Technology Centre, QUT, Brisbane, Australia (2001)
Seffah, A., Donyaee, M., Kline, R., Padda, H.K.: Usability Metrics: A Roadmap for a Consolidated Model. Journal of Software Quality 14(2) (2006)
Commission of the European Communities: Information Technology Security Evaluation Criteria (ITSEC), Standard EIC 300 Version 1.2 (1991)
International Organization for Standardization, ISO 13407: Processes for Interactive Systems, Geneva, Author (1999)
Federal Aviation Administration (FAA): Standard Terminal Automation Replacement System, Human Factors Team Report of the Computer–Human Interface Re-Evaluation (1998)
Cranor, L.F., Garfinkel, S.: Security and Usability: Designing Secure Systems that People Can Use.O’Reilly (2005)
M’Raïhi, D., Naccache, D., Tunstall, M.: Asymmetric Currency Rounding. In: Frankel, Y. (ed.) FC 2000. LNCS, vol. 1962, pp. 192–201. Springer, Heidelberg (2001)
NCR Self-Service Universe conference, Washington, D.C. , U.S.A. (2006)
Handschuh, H.: Contactless Technology Security Issues. Security Technologies Department, Gemplus. Information Security Bulletin 9, 95 (2004)
Schneidewind, N.F.: Methodology for validating software metrics. IEEE Software Engineering 18, 410–422 (1992)
Yamada, S., Hong, J.K., Sugita, S.: Development and Evaluation of Hypermedia for Museum Education: Validation of Metrics. ACM Transactions on Computer-Human Interaction (TOCHI) 2(4), 284–307 (1995)
International Organization for Standardization/International Electro echnical Commission: ISO/IEC 12207, Information Technology, Software Life Cycle Processes Geneva Author (1995)
Fenton, N.E., Pfleeger, L.: Software metrics, 2nd edn. International Thompson Publishing Company (1997)
Bevan, N.: Measuring usability as quality of use. Software Quality Journal 4, 115–130 (1995)
Nielsen, J.: Finding Usability Problems through Heuristic Evaluation. In: the Proceedings of ACM Computer Human Interaction (CHI’92), Monterey, CA (US), May 3–7, 1992 (1992)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 IFIP International Federation for Information Processing
About this paper
Cite this paper
Braz, C., Seffah, A., M’Raihi, D. (2007). Designing a Trade-Off Between Usability and Security: A Metrics Based-Model. In: Baranauskas, C., Palanque, P., Abascal, J., Barbosa, S.D.J. (eds) Human-Computer Interaction – INTERACT 2007. INTERACT 2007. Lecture Notes in Computer Science, vol 4663. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-74800-7_9
Download citation
DOI: https://doi.org/10.1007/978-3-540-74800-7_9
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-74799-4
Online ISBN: 978-3-540-74800-7
eBook Packages: Computer ScienceComputer Science (R0)