Abstract
Security and usability of systems continues to be an important topic for managers and academics alike. In this paper we propose two instruments for assessing security and usability of systems. These instruments were developed in two phases. In Phase 1, using the value-focused thinking approach and interviews with 35 experts, we identified 16 clusters of means and 8 clusters of fundamental objectives. In phase 2 drawing on a sample of 201 users we administered a survey to purify, ensure reliability, and unidimensionality of the two instruments. This resulted in 15 means objectives, organized into four categories (minimize system interruptions and licensing restrictions, maximize information retrieval, maximize system aesthetics, and maximize data quality) and 12 fundamental objectives grouped into four categories (maximize standardization and integration, maximize ease of use, maximize system capability, and enhance system related communication). Collectively the objectives offer a useful basis for assessing the extent to which security and usability has been achieved in systems.
Chapter PDF
Similar content being viewed by others
Keywords
References
Yee, K.P.: Aligning security and usability. IEEE Security & Privacy 2, 48–55 (2004)
DeWitt, A.J., Kuljis, J.: Aligning usability and security: a usability study of Polaris. In: Proceedings of the Second Symposium on Usable Privacy and Security, pp. 1–7. ACM, Pittsburgh (2006)
Frøkjær, E., Hertzum, M., Hertzum, M., Hornbæk, K.: Measuring usability: are effectiveness, efficiency, and satisfaction really correlated? In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 345–352. ACM, The Hague (2000)
Baskerville, R.: Information systems security design methods: implications for information systems development. Computing Surveys 25, 375–414 (1993)
Dhillon, G.: Managing information system security. Macmillan, London (1997)
Keeney, R.L.: Value-focused thinking. Harvard University Press, Cambridge (1992)
Dhillon, G., Torkzadeh, G.: Value-focused assessment of information system security in organizations. Information Systems Journal 16, 293–314 (2006)
Torkzadeh, G., Dhillon, G.: Measuring factors that influence the success of Internet commerce. Information Systems Research 13, 187–204 (2002)
Keeney, R.L.: The value of Internet commerce to the customer. Manage. Sci. 45, 533–542 (1999)
Boudreau, M.C., Gefen, D., Straub, D.W.: Validation in information systems research: A state-of-the-art assessment. MIS Quarterly 25, 1–16 (2001)
Churchill, G.A.: Paradigm for Developing Better Measures of Marketing Constructs. Journal of Marketing Research 16, 64–73 (1979)
Weiss, D.J.: Factor analysis and counseling research. Journal of Counseling Psychology 17, 477–485 (1970)
Sharma, S.: Applied Multivariate Techniques. John Wiley & Sons, Inc., New York (1996)
Nunnally, J.C.: Psychometric Theory. McGraw-Hill, New York (1978)
Venkatesh, V.: Determinants of perceived ease of use: Integrating control, intrinsic motivation, and emotion into the technology acceptance model. Information Systems Research 11, 342–365 (2000)
Earls, M.J., Skyrme, D.J.: Hybrid managers — what do we know about them? Information Systems Journal 2, 169–187 (1992)
Dhillon, G.: Organizational competence for harnessing IT: A case study. Information & Management 45, 297–303 (2008)
Dzida, W.: International usability standards. ACM Computing Surveys 28, 173–175 (1996)
Grabosky, P., Smith, R.: Telecommunication fraud in the digital age: The convergence of technologies. In: Wall, D.S. (ed.) Crime and the Internet. Routledge, London (2001)
Griffith, V., Jakobsson, M.: Messin’ with Texas Deriving Mother’s Maiden Names Using Public Records. In: Ioannidis, J., Keromytis, A.D., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 91–103. Springer, Heidelberg (2005)
Redman, T.C.: The impact of poor data quality on the typical enterprise. Communications of the ACM 41, 79–82 (1998)
Arts, D.G.T., de Keizer, N.F., Scheffer, G.J.: Defining and improving data quality in medical registries: A literature review, case study, and generic framework. Journal of the American Medical Informatics Association 9, 600–611 (2002)
Leon, O.G.: Value-focused thinking versus alternative-focused thinking: Effects on generation of objectives. Organizational Behavior and Human Decision Processes 80, 213–227 (1999)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 IFIP International Federation for Information Processing
About this paper
Cite this paper
Dhillon, G., Oliveira, T., Susarapu, S., Caldeira, M. (2012). When Convenience Trumps Security: Defining Objectives for Security and Usability of Systems. In: Gritzalis, D., Furnell, S., Theoharidou, M. (eds) Information Security and Privacy Research. SEC 2012. IFIP Advances in Information and Communication Technology, vol 376. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-30436-1_29
Download citation
DOI: https://doi.org/10.1007/978-3-642-30436-1_29
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-30435-4
Online ISBN: 978-3-642-30436-1
eBook Packages: Computer ScienceComputer Science (R0)