Name
Title | ||
|---|---|---|
User Interface Harmonization for IT Security Management: User-Centered Design in the PoSecCo Project. |
Abstract | ||
|---|---|---|
Quoting the National Institute of Standards and Technology (NIST), "the configuration of an information system and its components has a direct impact on the security posture of the system. [..] How those configurations are established and maintained requires a disciplined approach for providing adequate security" [1]. However, fitting the functional user needs is only one product success factor. In order to influence the acceptance of a software system by its target group of users, some factors such as the complexity of the system and its ease of use are also critical. The design approach followed by a user-centered engineering process focuses on the solution as a whole rather than on single components of the system, and on the user interface robustness rather than on system robustness. In this paper, we describe how usability and quality in use concepts, as defined by the standard ISO/IEC PDTR 9126-2/3/4 (Software Quality Metrics) [2], have been introduced in the design phases of the PoSecCo prototype. This paper summarizes the results of the analysis conducted in the PoSecCo project (www.posecco.eu), to group the six different organizational user roles of the project's integrated prototype (auditors and service provider's employees) into three main interface user group profiles: designers group, analytical group and consumers group. These three user group profiles define similar characteristics and requirements for what concern the usage of a graphical interface: visual attractiveness, general interaction with the functionalities offered and with the data managed by the system, reducing the effort and simplifying the subsequent design and implementation phases. The requirements associated to the user group profiles, as well as the task descriptions and information architecture, have been taken into account during the selection of the suitable technologies to implement the PoSecCo user interface, and in the development phases, in order to provide a harmonized and usable user interface for IT auditors and professionals of the security policy and configuration management areas. |
Year | DOI | Venue |
|---|---|---|
2013 | 10.1109/ARES.2013.111 | ARES |
Keywords | Field | DocType |
user interface harmonization,main interface user group,designers group,usable user interface,posecco project,analytical group,consumers group,target group,functional user need,user-centered design,user group profile,it security management,different organizational user role,posecco user interface,auditing,software quality,project management,configuration management,software metrics,user interfaces | User experience design,Computer science,Computer security,Graphical user interface,User modeling,Graphical user interface testing,User story,User interface,User interface design,User-centered design | Conference |
Citations | PageRank | References |
0 | 0.34 | 2 |
Authors | ||
1 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| Beatriz Gallego-Nicasio Crespo | 1 | 5 | 2.21 |