Abstract
The presentation and usability of security features can represent a significant impediment to effective protection for end-user systems. In order to investigate the nature and level of problems that can be encountered during attempts to use security within standard end-user applications, this paper presents results from a series of hands-on user trials from web browsing, wordprocessing, and email activities. The results are based upon structured tests involving 15 participants (representing a mix of general and advanced users), revealing that in many cases users appear to have difficulties understanding and performing baseline security tasks within the applications concerned.
Please use the following format when citing this chapter: Furnell, S., Katsabas, D., Dowiand, P., and Reid, F.. 2007, in IFIP international Federation for Information Proeessing, Volume 232, New Approaches for Security, Privacy and Trust in Complex Environments, eds. Venter, li, Eloff, M., Labuschagne, L., Eloff, J., von Solms, R., (Boston: Springer), pp. 205–216.
Chapter PDF
Similar content being viewed by others
References
Whitten, A. and Tygar, J. D. 1999. “Why Johnny can’t Encrypt: A usability Evaluation of PGP 5.0”, Proceedings of the 8th USENIX Security Symposium, Washington, D.C., USA, August 23-26, pp 169–184.
DeWitt, A.J. and Kuljis, J. 2006. “Aligning usability and security: a usability study of Polaris”, Proceedings of the Second Symposium on Usable Privacy and Security (SOUPS’ 06), Pittsburgh, Pennsylvania, USA, July 12-14, pp1–7.
Cranor, L.F. and Garfinkel, S. 2005. Security and Usability: Designing Secure Systems That People Can Use. O’Reilly. ISBN 0596008279.
CRA. 2003. Grand Research Challenges in Information Systems, Computing Research Association, Washington DC, September 2003. http://www.cra.org/reports/gc.systems.pdf.
Furnell, S.M., Jusoh, A. and Katsabas, D. 2006. “The challenges of understanding and using security: A survey of end-users”, Computers & Security, vol. 25, no. 1, pp27–35.
Nielson, J. 1994. “Estimating the number of subjects needed for a thinking aloud test”, International Journal of Human-Computer Studies, vol. 41, no. 3, pp385–397.
Lewis, C. and Rieman, J. 1993/1994. Chapter 5 in Task-Centred User Inferface Design-A Practical Introduction. See http://www.hcibib.org/tcuid
Furnell, S.M. 2005. “Why users cannot use security”, Computers & Security, vol. 24, no. 4, pp274–279.
Koch, T. 2004. “Outlook Express and Windows XP Service Pack 2: Several Problems or Superior Protection?”, 21 October 2004, http://www.microsoft.com/windows/ie/community/columns/oeandsp2.mspx.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2007 International Federation for Information Processing
About this paper
Cite this paper
Furnell, S.M., Katsabas, D., Dowland, P.S., Reid, F. (2007). A Practical Usability Evaluation of Security Features in End-User Applications. In: Venter, H., Eloff, M., Labuschagne, L., Eloff, J., von Solms, R. (eds) New Approaches for Security, Privacy and Trust in Complex Environments. SEC 2007. IFIP International Federation for Information Processing, vol 232. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-72367-9_18
Download citation
DOI: https://doi.org/10.1007/978-0-387-72367-9_18
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-72366-2
Online ISBN: 978-0-387-72367-9
eBook Packages: Computer ScienceComputer Science (R0)