Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

A framework for designing viable security solutions

: Zibuschka, Jan; Roßnagel, Heiko

International Federation for Information Processing -IFIP-:
Workshop on Information Security and Privacy, WISP 2011 : Jointly hosted by AIS SIGSEC and IFIP TC 11.1 ; Dec. 4, 2011, School of Management, Fudan University, Shanghai
Shanghai, 2011
12 S.
Workshop on Information Security & Privacy (WISP) <2011, Shanghai>
Fraunhofer IAO ()

This paper argues that the widely lamented failure of many security solutions in the market is due to an overly technology- and complexity-driven design approach. We argue that it is the responsibility of the system designers to make sure that their designs leads to an increased security when implemented in practice, including both adoption and usability aspects. To motivate and illustrate our approach, we provide an in-depth case study. We build on earlier works and findings from IT security and related disciplines, but integrate them in a larger framework targeting specifically the security domain. We provide a comprehensive description of the approach and derive guidelines, which are then preliminarily evaluated by a case study.