Marco Gutfleisch scite author profile

Marco Gutfleisch

5Publications

6Citation Statements Received

71Citation Statements Given

How they've been cited

How they cite others

127

Affiliations

Ruhr University Bochum

Publications

Order By: Most citations

How Does Usable Security (Not) End Up in Software Products? Results From a Qualitative Interview Study

Gutfleisch

Klemmer

Busch

et al. 2022

View full text Add to dashboard Cite

For software to be secure in practice, users need to be willing and able to appropriately use security features. These features are usually implemented by software professionals during the software development process (SDP), who may be unable to consider the usability of these mechanisms.While research has made progress in supporting developers in creating secure software products, very little attention has been paid to whether and how these security features are made usable. In a semi-structured interview study with 25 software professionals (software developers, designers, architects), we explored how they and other decision-makers encounter and deal with security and usability during the software development process in their companies.Based on 37 hours of interview recordings, we qualitatively analyzed and investigated 23 distinct development contexts in detail. In addition to individual awareness and factors that directly influence the implementation phase, we identify a high impact of contextual factors, such as stakeholder pressure, presence of expertise, and collaboration culture, and the specific implementation of the SDP on usable security in software products. We conclude our work by highlighting important gaps, such as studying and improving contextual factors that contribute to usable security and discussing potential improvements of the status quo.

show abstract

Putting Security on the Table: The Digitalisation of Security Tabletop Games and its Challenging Aftertaste

Gutfleisch

Schops

Sayin

et al. 2022

View full text Add to dashboard Cite

IT-Security Tabletop Games for developers have been available in analog format; with the COVID-19 pandemic, interest in collaborative remote security games has increased. In this paper, we propose a methodology to evaluate the impact of a (remote) security gamebased intervention on developers. The study design consists of the respective intervention, three questionnaires, and a small open interview guide for a focus group. A validated self-efficacy scale is used as a proxy for measuring effects on participants' ability to develop secure software. We tested this design with 9 participants (expert and novice developers and security experts) as part of a small feasibility study to understand the challenges and limitations of remote tabletop games. We describe how we selected and digitized three security tablet-top games, and report our qualitative findings from our evaluation. Setting up and running the virtual tabletop games turned out to be more challenging and complex for both moderator and participants then we expected. Completing the games required patience and persistence, and social interaction was limited. Our findings can be helpful in building and evaluating a better, more comprehensive, technically sound and issue-specific game-based training measure for developers. The methodology can be used by researchers to evaluate existing and new game designs, and identify improvements. CCS CONCEPTS• Social and professional topics → Computing education; • Security and privacy → Software security engineering.

show abstract

Microsoft Office Macro Warnings:A Design Comedy of Errors with Tragic Security Consequences

Gutfleisch

Peiffer

Erk

et al. 2021

View full text Add to dashboard Cite

Caring About IoT-Security – An Interview Study in the Healthcare Sector

Gutfleisch

Schops

Hielscher

et al. 2022

View full text Add to dashboard Cite

Human-Centred Security: Unfug Informationssicherheits-Sensibilisierung

Sasse¹,

Hielscher²,

Gutfleisch³

2022

kma - Klinik Management aktuell

View full text Add to dashboard Cite

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.