Finding Solutions for Bringing Usability to Security Products Thesis author: Antti Leskelä...
-
Upload
gertrude-matthews -
Category
Documents
-
view
223 -
download
0
Transcript of Finding Solutions for Bringing Usability to Security Products Thesis author: Antti Leskelä...
![Page 1: Finding Solutions for Bringing Usability to Security Products Thesis author: Antti Leskelä Supervisor: Professor Jörg Ott.](https://reader035.fdocuments.net/reader035/viewer/2022062314/56649ea45503460f94ba8ff8/html5/thumbnails/1.jpg)
Finding Solutions for Bringing Usability to Security Products
Thesis author: Antti Leskelä
Supervisor: Professor Jörg Ott
![Page 2: Finding Solutions for Bringing Usability to Security Products Thesis author: Antti Leskelä Supervisor: Professor Jörg Ott.](https://reader035.fdocuments.net/reader035/viewer/2022062314/56649ea45503460f94ba8ff8/html5/thumbnails/2.jpg)
Presentation outline
Background Thesis objectives Thesis roadmap Quick overview to usability Usable security User study Conclusions
![Page 3: Finding Solutions for Bringing Usability to Security Products Thesis author: Antti Leskelä Supervisor: Professor Jörg Ott.](https://reader035.fdocuments.net/reader035/viewer/2022062314/56649ea45503460f94ba8ff8/html5/thumbnails/3.jpg)
Background
Bad usability is everyday life for people Usability is a major factor of competition nowadays The importance of usable security grows as
network-related and computerised work becomes (/has become) more common
Security business has been one of the last sectors fighting against usability demands
The wrong assumption: ”The more usability, the less security”
![Page 4: Finding Solutions for Bringing Usability to Security Products Thesis author: Antti Leskelä Supervisor: Professor Jörg Ott.](https://reader035.fdocuments.net/reader035/viewer/2022062314/56649ea45503460f94ba8ff8/html5/thumbnails/4.jpg)
Thesis objectives
To study problems with usability in information security emphasising in human aspects and human-centered design
To identify the different aspects of usable security and to create design principles based on the identification
To find out how usability is perceived in general and how the users experience the user-friendliness of security products
Expertise in security
Expertise in usability
Overlap area for usable security
![Page 5: Finding Solutions for Bringing Usability to Security Products Thesis author: Antti Leskelä Supervisor: Professor Jörg Ott.](https://reader035.fdocuments.net/reader035/viewer/2022062314/56649ea45503460f94ba8ff8/html5/thumbnails/5.jpg)
Thesis roadmap
CHAPTER 2 Security
CHAPTER 2 Security
CHAPTER 4 Usable security
CHAPTER 4 Usable security
CHAPTER 5 Method
CHAPTER 5 Method
CHAPTER 3 Usability
CHAPTER 3 Usability
CHAPTER 6 Results
CHAPTER 6 Results
User study
![Page 6: Finding Solutions for Bringing Usability to Security Products Thesis author: Antti Leskelä Supervisor: Professor Jörg Ott.](https://reader035.fdocuments.net/reader035/viewer/2022062314/56649ea45503460f94ba8ff8/html5/thumbnails/6.jpg)
Overview to usability
Usability refers to human-computer interface problems and user-friendliness.
Usability can be seen as the ability of a system to be used easily and efficiently
Takes into account emotions and affect Layered model of usability (next slide) combines
together different definitions of usability
Essential part of usability is paying attention to the user
![Page 7: Finding Solutions for Bringing Usability to Security Products Thesis author: Antti Leskelä Supervisor: Professor Jörg Ott.](https://reader035.fdocuments.net/reader035/viewer/2022062314/56649ea45503460f94ba8ff8/html5/thumbnails/7.jpg)
Layered model of usability
![Page 8: Finding Solutions for Bringing Usability to Security Products Thesis author: Antti Leskelä Supervisor: Professor Jörg Ott.](https://reader035.fdocuments.net/reader035/viewer/2022062314/56649ea45503460f94ba8ff8/html5/thumbnails/8.jpg)
Usable security 1/2
Usable security is a union of usability and security Usable security gives a two-dimensional possibility
of designing user-friendlier security products
Challenges in joining the user’s system image into the system to be designed
Communication with the user and the designer happens only via the system image
Need for user centered-design and design principles!!
![Page 9: Finding Solutions for Bringing Usability to Security Products Thesis author: Antti Leskelä Supervisor: Professor Jörg Ott.](https://reader035.fdocuments.net/reader035/viewer/2022062314/56649ea45503460f94ba8ff8/html5/thumbnails/9.jpg)
Usable security 2/2
Zero impact Zero-click Visibility of actions Reversibility Completion User audit Override-ability No external burden
Design principles for usable security*:
* Based on Simson L. Garfinkel & Ka-Ping Yee
![Page 10: Finding Solutions for Bringing Usability to Security Products Thesis author: Antti Leskelä Supervisor: Professor Jörg Ott.](https://reader035.fdocuments.net/reader035/viewer/2022062314/56649ea45503460f94ba8ff8/html5/thumbnails/10.jpg)
SUMI
Software Usability Measurement Inventory Can be used to surveys and controlled
studies Surveys measure the perceived usability
of software systems already in use Controlled studies measure performance
and identity, and analyse problems Used in the thesis to measure the
perceived usability of security software
User study
![Page 11: Finding Solutions for Bringing Usability to Security Products Thesis author: Antti Leskelä Supervisor: Professor Jörg Ott.](https://reader035.fdocuments.net/reader035/viewer/2022062314/56649ea45503460f94ba8ff8/html5/thumbnails/11.jpg)
User study – Questionnaire
+
Web-based questionnaire for users of security software.
![Page 12: Finding Solutions for Bringing Usability to Security Products Thesis author: Antti Leskelä Supervisor: Professor Jörg Ott.](https://reader035.fdocuments.net/reader035/viewer/2022062314/56649ea45503460f94ba8ff8/html5/thumbnails/12.jpg)
User study – Results 1/2
![Page 13: Finding Solutions for Bringing Usability to Security Products Thesis author: Antti Leskelä Supervisor: Professor Jörg Ott.](https://reader035.fdocuments.net/reader035/viewer/2022062314/56649ea45503460f94ba8ff8/html5/thumbnails/13.jpg)
User study – Results 2/2
Participation was good However, results valid only for intermediate & expert users
• Number of novice users only 3,1 %
Quantitative analysis: SUMI results gave fairly good level of perceived usability to
security software Problem area: efficiency
• Can be seen as a lack of transparency of the system
Qualitative analysis: Most of the responses were negative relating to the problems
the participants had faced with their security software• Configuring, instructions, laziness & lack of interest etc.
General worry about the state of overall security awareness
![Page 14: Finding Solutions for Bringing Usability to Security Products Thesis author: Antti Leskelä Supervisor: Professor Jörg Ott.](https://reader035.fdocuments.net/reader035/viewer/2022062314/56649ea45503460f94ba8ff8/html5/thumbnails/14.jpg)
Conclusions
Design principles for usable security give a good starting point for secure interaction design
Results of the user study indicate that users have problems with security software However it can be seen that security
software are more usable than before There is still a lot to do in order to provide
more usable security products
We demand better
usability!!!
![Page 15: Finding Solutions for Bringing Usability to Security Products Thesis author: Antti Leskelä Supervisor: Professor Jörg Ott.](https://reader035.fdocuments.net/reader035/viewer/2022062314/56649ea45503460f94ba8ff8/html5/thumbnails/15.jpg)
THANKS!