Usability of Security: A Case Study,

Abstract

Human factors are perhaps the greatest current barrier to effective computer security. Most security mechanisms are simply too difficult and confusing for the average computer user to manage correctly. Designing security software that is usable enough to be effective is a specialized problem, and user Interface design strategies that are appropriate for other types of software will not be sufficient to solve it. In order to gain insight and better define this problem, we studied the usability of POP 5.0, which is a public key encryption program mainly intended for email privacy and authentication. We chose POP 5.0 because it has a good user interface by conventional standards, and we wanted to discover whether that was sufficient to enable non-programmers who know little about security to actually use it effectively. After performing both user testing and a cognitive walkthrough analysis, we conclude that POP 5.0 is not sufficiently usable to provide effective security for most users.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Dec 18, 1998
Accession Number
ADA361032

Entities

People

  • Alma Whitten
  • J. D. Tygar

Organizations

  • Carnegie Mellon University

Tags

Communities of Interest

  • Biomedical

DTIC Thesaurus Topics

  • Asymetric Encryption
  • Authentication
  • Case Studies
  • Cognitive Systems Engineering
  • Computer Programming
  • Computer Science
  • Computers
  • Cryptography
  • Cybersecurity
  • Electronic Mail
  • Graphical User Interface
  • Human-Computer Interaction
  • Online Communications
  • Psychology
  • User Interface
  • User Interface Engineering
  • Word Processors

Fields of Study

  • Computer science

Readers

  • Database Systems and Applications
  • Systems Analysis and Design

Technology Areas

  • Cyber