Exploring the meaning of usable security – a literature review
2021 (English)In: Information and Computer Security, E-ISSN 2056-4961, Vol. 29, no 4, p. 647-663Article, review/survey (Refereed) Published
Abstract [en]
Purpose
For decades, literature has reported on the perceived conflict between usability and security. This mutual trade-off needs to be considered and addressed whenever security products are developed. Achieving well-balanced levels of both is a precondition for sufficient security as users tend to reject unusable solutions. To assess it correctly, usability should be evaluated in the context of security. This paper aims to identify and describe universally applicable and solution-independent factors that affect the perceived usability of security mechanisms.
Design/methodology/approach
The selected methodology was a systematic literature review during which multiple database resources were queried. Application of predefined selection criteria led to the creation of a bibliography before backward snowballing was applied to minimize the risk of missing material of importance. All 70 included publications were then analyzed through thematic analysis.
Findings
The study resulted in the identification of 14 themes and 30 associated subthemes representing aspects with reported influence on perceived usability in the context of security. While some of them were only mentioned sparsely, the most prominent and thus presumably most significant ones were: simplicity, information and support, task completion time, error rates and error management.
Originality/value
The identified novel themes can increase knowledge about factors that influence usability. This can be useful for different groups: end users may be empowered to choose appropriate solutions more consciously, developers may be able to avoid common usability pitfalls when designing new products and system administrators may benefit from a better understanding of how to configure solutions and how to educate users efficiently.
Place, publisher, year, edition, pages
Emerald Group Publishing Limited, 2021. Vol. 29, no 4, p. 647-663
Keywords [en]
security, usability, usable security
National Category
Information Systems
Research subject
INF303 Information Security; Information Systems
Identifiers
URN: urn:nbn:se:his:diva-19596DOI: 10.1108/ICS-10-2020-0167ISI: 000637841600001Scopus ID: 2-s2.0-85103906799OAI: oai:DiVA.org:his-19596DiVA, id: diva2:1542211
Note
CC BY-NC 4.0 [accepted version]
Publication date: 5 April 2021
2021-04-072021-04-072021-11-18Bibliographically approved