Models and tools for quantitative assessment of operational security
Information systems security
Human-computer interaction (2nd ed.)
Human-computer interaction (2nd ed.)
NSPW '96 Proceedings of the 1996 workshop on New security paradigms
Scalable, graph-based network vulnerability analysis
Proceedings of the 9th ACM conference on Computer and communications security
Proceedings of the IFIP 17th World Computer Congress - TC13 Stream on Usability: Gaining a Competitive Edge
Automated Generation and Analysis of Attack Graphs
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
An approach to usable security based on event monitoring and visualization
Proceedings of the 2002 workshop on New security paradigms
Social navigation as a model for usable security
SOUPS '05 Proceedings of the 2005 symposium on Usable privacy and security
Why Johnny can't encrypt: a usability evaluation of PGP 5.0
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Delegating secure logging in pervasive computing systems
SPC'06 Proceedings of the Third international conference on Security in Pervasive Computing
Rubacon: automated support for model-based compliance engineering
Proceedings of the 30th international conference on Software engineering
Hi-index | 0.00 |
The contribution of this paper is twofold. On the one hand, we report on the results of our investigation of different categories of usability issues. On the other hand, we introduce the ideas of context descriptive security models as a means of mastering the usability challenges of highly dynamic systems. Modern computer systems are involved in many situations of our daily lives. This means that newly deployed systems must be carefully designed in order to be correctly used by laypersons. The scenario we introduce shows that it is no longer feasible to argue that users must be educated in order to correctly operate these systems. As soon as such a system is deployed, for example, in a supermarket, the education-barrier will not be accepted: neither by the customer nor by the provider.