Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

A structured approach to the design of viable security systems

: Zibuschka, Jan; Roßnagel, Heiko

Pohlmann, N.:
ISSE 2011. Securing electronic business processes : Highlights of the information security solutions Europe 2011 conference, 22.-23.11.2011, Prag
Wiesbaden: Vieweg + Teubner, 2012
ISBN: 978-3-8348-1911-6
ISBN: 3-8348-1911-5
Information Security Solutions Europe Conference (ISSE) <13, 2011, Prag>
Fraunhofer IAO ()

This paper argues that the widely lamented failure of many security solutions in the market is due to an overly technology- and complexity-driven design approach. We argue it is the responsibility of the systems designers to make sure that their designs lead to an increased security when implemented in practice, including both adoption and usability aspects. We build on earlier approaches and findings from IT security and related disciplines, but integrate them in a larger paradigmatic framework targeting specifically the security domain. To achieve a viable security solution, designers have to make sure that their solution provides an effective security improvement and is compliant with market demands. We present several methods that can be applied to assess market compliance already in early stages of design process.