A methodology for designing information security feedback based on User Interface Patterns

A methodology is provided here to assist in the design of secure interactive applications. In particular, this methodology helps design an adequate security information feedback based on User Interface Patterns, the resulting feedback is then evaluated against a set of design/evaluation criteria called Human-Computer Interaction for Security (HCI-S). In case of a security issue the security information feedback is generally presented using the visual and auditory channels required to achieve an effective notifications, and it is explicitly specified in the design of user interfaces for secure web system.

[1]  D. S. McCrickard,et al.  Making a Case for HCI : Exploring Benefits of Visualization for Case Studies , 1998 .

[2]  Clare-Marie Karat,et al.  Usability Challenges in Security and Privacy Policy-Authoring Interfaces , 2007, INTERACT.

[3]  Bill Kapralos,et al.  Towards Multimodal Interfaces for Intrusion Detection , 2007 .

[4]  Simson L. Garfinkel,et al.  Security and Usability , 2005 .

[5]  Jean Vanderdonckt,et al.  A first draft of a Model-driven Method for Designing Graphical User Interfaces of Rich Internet Applications , 2006, 2006 Fourth Latin American Web Congress.

[6]  Jakob Nielsen,et al.  Ten Usability Heuristics , 2006 .

[7]  Lorrie Faith Cranor,et al.  Security and Usability: Designing Secure Systems that People Can Use , 2005 .

[8]  Ka-Ping Yee Secure Interaction Design and the Principle of Least Authority , 2003 .

[9]  Jean-Marc Robert,et al.  Trust in new decision aid systems , 2006, IHM '06.

[10]  L. Cranor Designing a Privacy Preference Specification Interface : A Case Study , 2003 .

[11]  David M'Raïhi,et al.  Designing a Trade-Off Between Usability and Security: A Metrics Based-Model , 2007, INTERACT.

[12]  Jean Vanderdonckt,et al.  A Method to Design Information Security Feedback Using Patterns and HCI-Security Criteria , 2008, CADUI.

[13]  Walter D. Potter,et al.  LIDS: Learning Intrusion Detection System , 2003, FLAIRS.

[14]  Robert Biddle,et al.  Graphical Password Authentication Using Cued Click Points , 2007, ESORICS.

[15]  Rob Miller,et al.  Security user studies: methodologies and best practices , 2007, CHI Extended Abstracts.

[16]  Elfriede Dustin,et al.  Quality Web Systems: Performance, Security, and Usability , 2001 .

[17]  Jean Vanderdonckt,et al.  Model-Based Approaches to Reengineering Web Pages , 2002, TAMODIA.

[18]  Robert Biddle,et al.  A second look at the usability of click-based graphical passwords , 2007, SOUPS '07.

[19]  J. Muoz-Arteaga,et al.  A Classification of Security Feedback Design Patterns for Interactive Web Applications , 2008, 2008 The Third International Conference on Internet Monitoring and Protection.

[20]  Rachna Dhamija Security Usability Studies : Risk , Roles and Ethics Position Paper for CHI 2007 Workshop on Security User Studies , 2007 .

[21]  Jean Vanderdonckt,et al.  A Classification of Security Feedback Design Patterns for Interactive Web Services , 2008 .

[22]  William Yurcik,et al.  Two Visual Computer Network Security Monitoring Tools Incorporating Operator Interface Requirements , 2003 .

[23]  Paul Dourish,et al.  Seeing further: extending visualization as a basis for usable security , 2006, SOUPS '06.

[24]  J. Vanderdonckt,et al.  Reverse engineering of Web pages based on derivations and transformations , 2005, Third Latin American Web Congress (LA-WEB'2005).

[25]  Jan H. P. Eloff,et al.  Security and human computer interfaces , 2003, Comput. Secur..

[26]  Mary Czerwinski,et al.  Introduction: design and evaluation of notification user interfaces , 2003, Int. J. Hum. Comput. Stud..

[27]  D. Scott McCrickard,et al.  Towards Extreme(ly) Usable Software: Exploring Tensions Between Usability and Agile Software Development , 2007, Agile 2007 (AGILE 2007).

[28]  Tom Carey,et al.  ACM SIGCHI Curricula for Human-Computer Interaction , 1992 .