About cookies on this site Our websites require some cookies to function properly (required). In addition, other cookies may be used with your consent to analyze site usage, improve the user experience and for advertising. For more information, please review your options. By visiting our website, you agree to our processing of information as described in IBM’sprivacy statement. To provide a smooth navigation, your cookie preferences will be shared across the IBM web domains listed here.
Publication
ACSAC 2007
Conference paper
Security usability principles for vulnerability analysis and risk assessment
Abstract
Usability is the weakest link in the security chain of many prominent applications. A set of security usability principles should therefore be considered when designing and engineering IT security solutions. When improving the usability of existing security applications, it is necessary to examine the underlying security technologies used to build them, and consider whether they need to be replaced by totally new security technologies that provide a better basis for good usability. This paper examines a set of security usability principles, proposes how they can be incorporated into the risk management process, and discusses the benefits of applying these principles and process to existing and future security solutions. © 2007 IEEE.