Stakeholder involvement, motivation, responsibility, communication: How to design usable security in e-Science

Fléchais, Ivan; Sasse, M. Angela

doi:10.1016/j.ijhcs.2007.10.002

Cited by 25 publications

(24 citation statements)

References 26 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…It is necessary to broaden the study of security issues to include not only the technical, but also the human and organizational dimensions [11]. A better understanding of real world conditions and constraints during the adoption of security practices would help developers and designers make secure systems more usable [3].…”

mentioning

confidence: 99%

Human, organizational, and technological factors of IT security

Hawkey

Botta

Werlinger

et al. 2008

CHI '08 Extended Abstracts on Human Factors in Computing Systems

View full text Add to dashboard Cite

This paper describes the HOT Admin research project, which is investigating the human, organizational, and technological factors of IT security from the perspective of security practitioners. We use qualitative methods to examine their experiences along several themes including: unique characteristics of this population, the challenges they face within the organization, their activities, their collaborative interactions with other stakeholders, the sub-optimal situations they face as a result of distributed security management, and the impact of the security management model in place. We present preliminary results for each theme, as well as the implications of these results on the field of usable security and other research areas within HCI.

show abstract

mentioning

confidence: 99%

Human, organizational, and technological factors of IT security

Hawkey

Botta

Werlinger

et al. 2008

CHI '08 Extended Abstracts on Human Factors in Computing Systems

View full text Add to dashboard Cite

show abstract

“…This entails making the assigned stakeholders liable for addressing the obstacle. Flechais and Sasse [31] argue that this motivates the assigned stakeholders. This is because failure to act responsibly damages both the project's assets and its reputation; this reputation loss may lead to loss of trust in the whole system.…”

Section: Scope and Responsibilitymentioning

confidence: 99%

Finding and resolving security misusability with misusability cases

Faily

Fléchais

2014

Requirements Eng

View full text Add to dashboard Cite

Although widely used for both security and usability concerns, scenarios used in security design may not necessarily inform the design of usability, and viceversa. One way of using scenarios to bridge security and usability involves explicitly describing how design decisions can lead to users inadvertently exploiting vulnerabilities to carry out their production tasks. This paper describes how misusability cases, scenarios that describe how design decisions may lead to usability problems subsequently leading to system misuse, address this problem. We describe the related work upon which misusability cases are based before presenting the approach, and illustrating its application using a case study example. Finally, we describe some findings from this approach that further inform the design of usable and secure systems.

show abstract

“…Some participatory design researchers have extended the stakeholder base to include others whose participation is similar to that of the users. Flechais and Sasse [14] for instance in their study of design of usable security in e-Science included multiple stakeholders in their four case studies. Besides the end users and developers, they added owners of the systems, security experts and a data provider.…”

Section: Related Workmentioning

confidence: 99%

The different roles of ‘Design Process Champions’ for digital libraries in African higher education

Ngimwa

Adams

2013

Int J Digit Libr

View full text Add to dashboard Cite

The concept of design stakeholders is central to effective design of digital libraries. We report on research findings that identified the presence of a key subset of stakeholders which we term 'design process champions'. Our findings have identified that these champions can change interaction patterns and the eventual output of the other stakeholders (project participants) in the design process of digital library projects. This empirical research is based upon 38 interviews with key stakeholders and a review of documentary evidence in ten innovative digital library design projects (e.g. mobile clinical libraries) located in three African universities in Kenya, Uganda and South Africa. Through a grounded theory approach two different types of the 'design process champions' emerged from the data with varying levels of effectiveness in the design process: (i) domain champions and (ii) multidisciplinary champions. The domain champions assume a 'siloed' approach of engagement while the multidisciplinary champions take on a participatory engagement throughout the design process. A discussion of the implications of information specialists functioning as domain champions is highlighted. We conclude by suggesting that the multidisciplinary champions' approach is particularly useful in supporting sustainability of digital library design projects.

show abstract

Stakeholder involvement, motivation, responsibility, communication: How to design usable security in e-Science

Cited by 25 publications

References 26 publications

Human, organizational, and technological factors of IT security

Human, organizational, and technological factors of IT security

Finding and resolving security misusability with misusability cases

The different roles of ‘Design Process Champions’ for digital libraries in African higher education

Contact Info

Product

Resources

About