Bringing the user back into control: a new paradigm for usability in highly dynamic systems

Authors:
Sebastian Höhn
Affiliations:
Albert-Ludwigs University Freiburg, Freiburg, Germany
Venue:
TrustBus'06 Proceedings of the Third international conference on Trust, Privacy, and Security in Digital Business
Year:
2006

Citing 11
Cited 1

Models and tools for quantitative assessment of operational security

Information systems security
Human-computer interaction (2nd ed.)

Human-computer interaction (2nd ed.)
User-centered security

NSPW '96 Proceedings of the 1996 workshop on New security paradigms
Scalable, graph-based network vulnerability analysis

Proceedings of the 9th ACM conference on Computer and communications security
Evaluating Security Tools towards Usable Security: A Usability Taxonomy for the Evaluation of Security Tools Based on a Categorization of User Errors

Proceedings of the IFIP 17th World Computer Congress - TC13 Stream on Usability: Gaining a Competitive Edge
Automated Generation and Analysis of Attack Graphs

SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
An approach to usable security based on event monitoring and visualization

Proceedings of the 2002 workshop on New security paradigms
Social navigation as a model for usable security

SOUPS '05 Proceedings of the 2005 symposium on Usable privacy and security
Why Johnny can't encrypt: a usability evaluation of PGP 5.0

SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
On obligations

ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Delegating secure logging in pervasive computing systems

SPC'06 Proceedings of the Third international conference on Security in Pervasive Computing

Rubacon: automated support for model-based compliance engineering

Proceedings of the 30th international conference on Software engineering

Quantified Score

Hi-index	0.00

Visualization

Abstract

The contribution of this paper is twofold. On the one hand, we report on the results of our investigation of different categories of usability issues. On the other hand, we introduce the ideas of context descriptive security models as a means of mastering the usability challenges of highly dynamic systems. Modern computer systems are involved in many situations of our daily lives. This means that newly deployed systems must be carefully designed in order to be correctly used by laypersons. The scenario we introduce shows that it is no longer feasible to argue that users must be educated in order to correctly operate these systems. As soon as such a system is deployed, for example, in a supermarket, the education-barrier will not be accepted: neither by the customer nor by the provider.