Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

User-centric security. Optimization of the security-usability trade-off

: Feth, Denis


Association for Computing Machinery -ACM-; Association for Computing Machinery -ACM-, Special Interest Group on Software Engineering -SIGSOFT-:
ESEC/FSE 2015, 10th Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering. Proceedings : Bergamo, Italy, August 30 – September 4, 2015
New York: ACM, 2015
ISBN: 978-1-4503-3675-8
Joint Meeting of the European Software Engineering Conference (ESEC) <10, 2015, Bergamo>
Symposium on the Foundations of Software Engineering (FSE) <2015, Bergamo>
Conference Paper
Fraunhofer IESE ()
security; usability; measurement

Security and usability are highly important and interdependent quality attributes of modern IT systems. However, it is often hard to fully meet both in practice. Security measures are complex by nature and often complicate work flows. Vice versa, insecure systems are typically not usable in practice. To tackle this, we aim at finding the best balance between usability and security in software engineering and administration. Our methodology is based on active involvement of large user groups and analyzes user feedback in order to optimize security mechanisms with respect to their user experience, with a focus on security awareness. It is applied during requirements elicitation and prototyping, and to dynamically adapt unsuited security policies at runtime.