A Hybrid Model of Hesitant Fuzzy Decision-Making Analysis for Estimating Usable-Security of Software

The main idea for practicing research towards security is to maintain usability of the software as well. This can be achieved by making less complex and high secure software. Though considerable efforts have been made in this context by the developers and security experts, the standard of usable-security is not the same as it should be. Therefore, it is important to research more on the most conversant mechanisms for assessing and increasing the usable-security of software. The quantitative evaluation of usability and security is an important part in increasing the level of secure software. This paper, in particular, is intended to estimate the usable-security of software and achieve the objective of developing software with optimum security while retaining its usability. The decision-makers often find it difficult to integrate security and usability. Hence this paper approaches the integration of usability and security with its contributing attributes. Also, in this league, the present research study suggests a novel technique which is the hybrid of Analytic Hierarchy Process (AHP), Hesitant Fuzzy (HF) sets, and Technique for Order of Preference by Similarity to Ideal Solution (TOPSIS) to significantly assess the usability along with security. To test the usefulness of the proposed approach hybrid HF-AHP-TOPSIS technique, the researchers applied it onto software developed for Babasaheb Bhimrao Ambedkar University in India. Furthermore, the procedural sensitivity was also achieved by using the various versions of the method. The findings of the usability along with security assessment insist that this inventive hybrid procedure would be the most conversant mechanism for determining the usable-security of software. Further these findings will be helpful in managing security without affecting the usability for end user.

[1]  Vicenç Torra,et al.  On hesitant fuzzy sets and decision , 2009, 2009 IEEE International Conference on Fuzzy Systems.

[2]  Alka Agrawal,et al.  Software Security Estimation Using the Hybrid Fuzzy ANP-TOPSIS Approach: Design Tactics Perspective , 2020, Symmetry.

[3]  Hannan Xiao,et al.  A study into the usability and security implications of text and image based challenge questions in the context of online examination , 2018, Education and Information Technologies.

[4]  Nathaniel Good,et al.  Usability and privacy: a study of Kazaa P2P file-sharing , 2003, CHI '03.

[5]  Rita Ismailova,et al.  Web site accessibility, usability and security: a survey of government web sites in Kyrgyz Republic , 2015, Universal Access in the Information Society.

[6]  Panayiotis Zaphiris,et al.  A Heuristic Evaluation for Deaf Web User Experience (HE4DWUX) , 2018, Int. J. Hum. Comput. Interact..

[7]  Doowon Kim,et al.  An Inconvenient Trust: User Attitudes toward Security and Usability Tradeoffs for Key-Directory Encryption Systems , 2016, SOUPS.

[8]  Mahmoud Taleb Beidokhti,et al.  Advances in Intelligent Systems and Computing , 2016 .

[9]  Chia-Chi Sun,et al.  A performance evaluation model by integrating fuzzy AHP and fuzzy TOPSIS methods , 2010, Expert Syst. Appl..

[10]  Yi Peng,et al.  A Group Decision Making Model for Integrating Heterogeneous Information , 2018, IEEE Transactions on Systems, Man, and Cybernetics: Systems.

[11]  Rajeev Kumar,et al.  An Integrated Approach of Fuzzy Logic, AHP and TOPSIS for Estimating Usable-Security of Web Applications , 2020, IEEE Access.

[12]  P. Yu A Class of Solutions for Group Decision Problems , 1973 .

[13]  Shamal Faily,et al.  Usability and Security by Design: A Case Study in Research and Development , 2015 .

[14]  Kavita Sahu,et al.  Revisiting Software Reliability , 2018, Data Management, Analytics and Innovation.

[15]  Kirti Peniwati,et al.  GROUP DECISION MAKING: DRAWING OUT AND RECONCILING DIFFERENCES , 2017 .

[16]  Dhirendra Pandey,et al.  USABLE-SECURITY ASSESSMENT THROUGH A DECISION MAKING PROCEDURE , 2019 .

[17]  Renuka Nagpal,et al.  Usability evaluation of website using combined weighted method: fuzzy AHP and entropy approach , 2016, Int. J. Syst. Assur. Eng. Manag..

[18]  Xiaohong Chen,et al.  Hesitant Fuzzy Soft Set and Its Applications in Multicriteria Decision Making , 2014, J. Appl. Math..

[19]  Butler W. Lampson,et al.  Usable Security: How to Get It , 2009 .

[20]  Vipul Jain,et al.  Quantifying risks in a supply chain through integration of fuzzy AHP and fuzzy TOPSIS , 2013 .

[21]  Yang Chen,et al.  Pairwise comparison matrix in multiple criteria decision making , 2016 .

[22]  Yi Peng,et al.  Evaluation of clustering algorithms for financial risk analysis using MCDM methods , 2014, Inf. Sci..

[23]  Zhen Zhang,et al.  Consensus reaching for MAGDM with multi-granular hesitant fuzzy linguistic term sets: a minimum adjustment-based approach , 2019, Annals of Operations Research.

[24]  Matthias Ehrgott,et al.  Multiple criteria decision analysis: state of the art surveys , 2005 .

[25]  Theodor J. Stewart,et al.  Multiple Criteria Decision Analysis , 2001 .

[26]  Saurabh Dutta,et al.  SecureUse: Balancing Security and Usability Within System Design , 2016, HCI.

[27]  Agata Sawicka,et al.  A Framework for Human Factors in Information Security , 2002 .

[28]  Nawaf Rasheed Alharbe Improving Usable-Security of Web based Healthcare Management System through Fuzzy AHP , 2019 .

[29]  Yi Peng,et al.  Evaluation of Classification Algorithms Using MCDM and Rank Correlation , 2012, Int. J. Inf. Technol. Decis. Mak..

[30]  Vyacheslav S. Kharchenko,et al.  Usable Security Versus Secure Usability: an Assessment of Attributes Interaction , 2017, ICTERI.

[31]  Bernard Roy,et al.  Classement et choix en présence de points de vue multiples , 1968 .

[32]  Daniela Napoli,et al.  Developing Accessible and Usable Security (ACCUS) Heuristics , 2018, CHI Extended Abstracts.

[33]  Francisco Herrera,et al.  Hesitant Fuzzy Sets: State of the Art and Future Directions , 2014, Int. J. Intell. Syst..

[34]  Colin Potts,et al.  Design of Everyday Things , 1988 .

[35]  J. Rezaei Best-worst multi-criteria decision-making method , 2015 .

[36]  Yi Peng,et al.  Soft consensus cost models for group decision making and economic interpretations , 2019, Eur. J. Oper. Res..

[37]  Ouissem Ben Fredj SPHERES: an efficient server-side web application protection system , 2019, Int. J. Inf. Comput. Secur..

[38]  Ulrike Lechner,et al.  Future Security: Processes or Properties? - Research Directions in Cybersecurity , 2018, Models, Mindsets, Meta.

[39]  Zhen Zhang,et al.  Managing Multigranular Unbalanced Hesitant Fuzzy Linguistic Information in Multiattribute Large-Scale Group Decision Making: A Linguistic Distribution-Based Approach , 2020, IEEE Transactions on Fuzzy Systems.

[40]  Ching-Yu Yang,et al.  A Fuzzy Multicriteria Decision-Making (MCDM) Model for Sustainable Supplier Evaluation and Selection Based on Triple Bottom Line Approaches in the Garment Industry , 2019, Processes.