2020
DOI: 10.1007/978-3-030-46540-7_12
|View full text |Cite
|
Sign up to set email alerts
|

Towards Identification of Patterns Aligning Security and Usability

Abstract: Academic research and existing implementations of various systems and services identify instances of conflict between security and usability. Engineering the right trade-offs between security and usability is often not an easy task. Engineering of such trade-offs is mainly reliant on developers' skills, who are either experts in security or usability. This research aims to assist the developers in engineering the right trade-offs by proposing the use of patterns. Patterns provide benefits like means of common … Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1

Citation Types

0
3
0

Year Published

2022
2022
2024
2024

Publication Types

Select...
2
1

Relationship

1
2

Authors

Journals

citations
Cited by 3 publications
(3 citation statements)
references
References 13 publications
0
3
0
Order By: Relevance
“…According to Verizon's data breach investigations report (DBIR), 82% of the analyzed data breaches in organizations involved the human element (Naqvi et al, 2023). Thus, the lack of a high-level program for cybersecurity education and awareness (Bada & Nurse, 2019) leaves organizations susceptible to cyberattacks.…”
Section: Cybersecurity In Small and Medium Enterprises/public Sectormentioning
confidence: 99%
See 1 more Smart Citation
“…According to Verizon's data breach investigations report (DBIR), 82% of the analyzed data breaches in organizations involved the human element (Naqvi et al, 2023). Thus, the lack of a high-level program for cybersecurity education and awareness (Bada & Nurse, 2019) leaves organizations susceptible to cyberattacks.…”
Section: Cybersecurity In Small and Medium Enterprises/public Sectormentioning
confidence: 99%
“…A recent survey (Naqvi et al, 2023) investigated 248 papers on phishing mitigation, revealing three main approaches: (1) Anti-phishing systems employing software and tool-based strategies, (2) Models and frameworks guiding activities to mitigate phishing, including machine learning-based models, and (3) Human-centric mitigation strategies encompassing guidelines for anti-phishing training and evaluation quizzes. Surprisingly, only 37 papers (less than 15%) focused on awareness and human factors.…”
Section: Ransomwarementioning
confidence: 99%
“…Human factors and cyber-security have evolved as two different domains [7]. Expertise in both these domains (human factors and security) is hard to find in one person [8,9], therefore, developers don't often consider the fact that the security systems and services without consideration of human factors despite being secure against known vulnerabilities could still be susceptible to users' mistakes leading to a breach. Therefore, there is a need for providing training on usability and usable security both at the educational institutions and work [10].…”
Section: Training and Supporting Developers At Workmentioning
confidence: 99%