UCL Discovery
UCL home » Library Services » Electronic resources » UCL Discovery

Integrating security and usability into the requirements and design process

Flechais, I; Mascolo, C; Sasse, MA; (2007) Integrating security and usability into the requirements and design process. International Journal of Electronic Security and Digital Forensics , 1 (1) 12 - 26. 10.1504/IJESDF.2007.013589. Green open access

[thumbnail of 20264.pdf]
Preview
PDF
20264.pdf
Available under License : See the attached licence file.

Download (164kB)

Abstract

According to Ross Anderson, 'Many systems fail because their designers protect the wrong things or protect the right things in the wrong way'. Surveys also show that security incidents in industry are rising, which highlights the difficulty of designing good security. Some recent approaches have targeted security from the technological perspective, others from the human–computer interaction angle, offering better User Interfaces (UIs) for improved usability of security mechanisms. However, usability issues also extend beyond the user interface and should be considered during system requirements and design. In this paper, we describe Appropriate and Effective Guidance for Information Security (AEGIS), a methodology for the development of secure and usable systems. AEGIS defines a development process and a UML meta-model of the definition and the reasoning over the system's assets. AEGIS has been applied to case studies in the area of Grid computing and we report on one of these.

Type: Article
Title: Integrating security and usability into the requirements and design process
Open access status: An open access version is available from UCL Discovery
DOI: 10.1504/IJESDF.2007.013589
Publisher version: http://dx.doi.org/10.1504/IJESDF.2007.013589
Language: English
UCL classification: UCL
UCL > Provost and Vice Provost Offices
UCL > Provost and Vice Provost Offices > UCL BEAMS
UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science
UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Computer Science
URI: https://discovery.ucl.ac.uk/id/eprint/20264
Downloads since deposit
0Downloads
Download activity - last month
Download activity - last 12 months
Downloads by country - last 12 months

Archive Staff Only

View Item View Item