Achieving Usable Security and Privacy Through Human-Centered Design-Reference-Cited by-同舟云学术

Achieving Usable Security and Privacy Through Human-Centered Design

Published:2023 Issue: Volume: Page:83-113
ISSN:
Container-title:Human Factors in Privacy Research
language:
Short-container-title:

Author:

Groen Eduard C.,Feth Denis,Polst Svenja,Tolsdorf Jan,Wiefling Stephan,Iacono Luigi Lo,Schmitt Hartmut

Abstract

AbstractUsers should always play a central role in the development of (software) solutions. The human-centered design (HCD) process in the ISO 9241-210 standard proposes a procedure for systematically involving users. However, due to its abstraction level, the HCD process provides little guidance for how it should be implemented in practice. In this chapter, we propose three concrete practical methods that enable the reader to develop usable security and privacy (USP) solutions using the HCD process. This chapter equips the reader with the procedural knowledge and recommendations to: (1) derive mental models with regard to security and privacy, (2) analyze USP needs and privacy-related requirements, and (3) collect user characteristics on privacy and structure them by user group profiles and into privacy personas. Together, these approaches help to design measures for a user-friendly implementation of security and privacy measures based on a firm understanding of the key stakeholders.

Publisher

Springer International Publishing

Link

https://link.springer.com/content/pdf/10.1007/978-3-031-28643-8_5

Reference105 articles.

1. Abu-Salma, R., Sasse, M. A., Bonneau, J., Danilova, A., Naiakshina, A., & Smith, M. (2017). Obstacles to the adoption of secure communication tools. In Proc. of IEEE Symposium on Security and Privacy (SP) (pp. 137–153). IEEE.

2. Acquisti, A., & Grossklags, J. (2005). Privacy and rationality in individual decision making. IEEE Security & Privacy, 3(1), 26–33.

3. Adams, A., & Sasse, M. A. (1999). Users are not the enemy. Communications of the ACM, 42(12), 40–46.

4. AK Technik of the Independent Data Protection Supervisory Authorities of the Federation and the Länder. (2020). The standard data protection model. Technical report, UAG Standard Data Protection Model of the AK Technik of the Independent Data Protection Supervisory Authorities of the Federation and the Länder.

5. Angulo, J., Fischer-Hübner, S., Pulls, T., & Wästlund, E. (2015). Usable transparency with the data track: A tool for visualizing data disclosures. In Proc. of the 33rd Annual ACM Conference Extended Abstracts on Human Factors in Computing Systems (CHI EA) (pp. 1803–1808). ACM Press.