Finding and resolving security misusability with misusability cases
- Submitting institution
-
University of Oxford
- Unit of assessment
- 11 - Computer Science and Informatics
- Output identifier
- 1948
- Type
- D - Journal article
- DOI
-
10.1007/s00766-014-0217-8
- Title of journal
- REQUIREMENTS ENGINEERING
- Article number
- 2
- First page
- 209
- Volume
- 21
- Issue
- 2
- ISSN
- 0947-3602
- Open access status
- Out of scope for open access requirements
- Month of publication
- December
- Year of publication
- 2014
- URL
-
-
- Supplementary information
-
-
- Request cross-referral to
- -
- Output has been delayed by COVID-19
- No
- COVID-19 affected output statement
- -
- Forensic science
- No
- Criminology
- No
- Interdisciplinary
- No
- Number of additional authors
-
1
- Research group(s)
-
-
- Citation count
- 2
- Proposed double-weighted
- No
- Reserve for an output with double weighting
- No
- Additional information
- This paper presents a multidisciplinary contribution that spans the areas of software, security, and usability engineering. Standard software development processes usually consider security and usability separately. Here, however, we show how misusability cases can support both design activities, and derive insights from the overlap of security and usability. We coin the concept of misusability: how design decisions may lead to usability problems, subsequently leading to system misuse. Rather than treating misusability as a corollary of bad design, we can explicitly identify the causes of misusability and inform the design of systems to resolve them.
- Author contribution statement
- -
- Non-English
- No
- English abstract
- -