Accession Number:

ADA361032

Title:

Usability of Security: A Case Study,

Descriptive Note:

Corporate Author:

CARNEGIE-MELLON UNIV PITTSBURGH PA DEPT OF COMPUTER SCIENCE

Personal Author(s):

Report Date:

1998-12-18

Pagination or Media Count:

41.0

Abstract:

Human factors are perhaps the greatest current barrier to effective computer security. Most security mechanisms are simply too difficult and confusing for the average computer user to manage correctly. Designing security software that is usable enough to be effective is a specialized problem, and user Interface design strategies that are appropriate for other types of software will not be sufficient to solve it. In order to gain insight and better define this problem, we studied the usability of POP 5.0, which is a public key encryption program mainly intended for email privacy and authentication. We chose POP 5.0 because it has a good user interface by conventional standards, and we wanted to discover whether that was sufficient to enable non-programmers who know little about security to actually use it effectively. After performing both user testing and a cognitive walkthrough analysis, we conclude that POP 5.0 is not sufficiently usable to provide effective security for most users.

Subject Categories:

  • Computer Programming and Software

Distribution Statement:

APPROVED FOR PUBLIC RELEASE