Abstract
We introduce usability based modeling as new approach to enable an advanced IT-security in electronic engineering. Operating systems based on multi-level-security (MLS) are modeled. These systems contain IT-security as an inherent feature however they also consists of many restrictions for users. Modeling increases the usability of these systems by preserving their high degree of security. This enables operating systems in future that are both, useful and secure. The new approach is in contrast to standard approaches in IT-security that have the aim to increase security in state of the art operation systems that are useful for general purposes but of low security. In a case study, three use cases are selected as starting point for usability based modeling on MLS. Usability gaps are identified and the current landscape of technological research and development is scanned to identify possibly solution approaches. After an evaluation, some approaches are presented that are able to bridge the identified usability gaps.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bidgoli, H. (ed.): Security – Threats, Vulnerabilities, Prevention, Detection, and Management, vol. 3. John Wiley and Sons, Bakersfield (2006)
Pfleeger, P., Pfleeger, S.L.: Security in computing. Prentice Hall, Old Tappan (2003)
Bell, D.E., LaPadula, L.J.: Secure Computer Systems: Mathematical Foundations. Mitre Corp., Bedford (1973)
Bell, D.E., LaPadula, L.J.: Secure Computer System: Unified Exposition and Multics Interpretation. Mitre Corp., Bedford (1976)
Biba, K.J.: Integrity Considerations for Secure Computer Systems. Mitre Corp., Bedford (1977)
Feiertag, R.J., Levitt, K.N., Robinson, L.: Providing multilevel security of a system design. In: Sixth Symposium on Operating System Principles, pp. 57–65. ACM, New York (1977)
Landwehr, C.E.: Formal models for computer security. Comput. Surv. 13(3), 247–278 (1981)
Lindgreen, R., Herschberg, I.S.: On the validity of the Bell-LaPadula model. Comput. Secur. 13(4), 317–333 (1994)
McLean, J.: A comment on the Basic Security Theorem of Bell and LaPadula. Inf. Process. Lett. 20(2), 67–70 (1985)
Obiedkov, S., Kourie, D.G., Erloff, J.H.P.: Buildung access control models with attribute exploration. Comput. Secur. 28(1-2), 2–7 (2009)
Saltzer, J.H., Schroeder, M.D.: The protection of information in computer systems. Proc. IEEE 63(9), 1278–1308 (1975)
Li, E.Y., Du, T.C., Wong, J.W.: Access control in collaborative commerce. Decis. Support Syst. 43(2), 675–685 (2007)
Holeman, S., Manimaron, G., Davis, J., Chakrabarti, A.: Differentally secure multicasting and its implementation methods. Computer Security 21(8), 736–749 (2002)
Thorleuchter, D., Van den Poel, D.: High Granular Multi-Level-Security Model for Improved Usability. In: 2nd International Conference on System Science, Engineering Design and Manufacturing Informatization, pp. 191–194. IEEE Press, New York (2011)
Gericke, W., Thorleuchter, D., Weck, G., Reilaender, F., Loss, D.: Vertrauliche Verarbeitung staatlich eingestufter Information - die Informationstechnologie im Geheimschutz. Informatik Spektrum 32(2), 102–109 (2009)
Thorleuchter, D., Van den Poel, D., Prinzie, A.: Analyzing existing customers’ websites to improve the customer acquisition process as well as the profitability prediction in B-to-B marketing. Expert Syst. Appl. 39(3), 2597–2605 (2012)
Thorleuchter, D., Herberz, S., Van den Poel, D.: Mining Social Behavior Ideas of Przewalski Horses. In: Wu, Y. (ed.) Advances in Computer, Communication, Control and Automation. LNEE, vol. 121, pp. 649–656. Springer, Heidelberg (2011)
Thorleuchter, D., Van den Poel, D.: Companies Website Optimising concerning Consumer’s searching for new Products. In: International Conference on Uncertainty Reasoning and Knowledge Engineering, pp. 40–43. IEEE Press, New York (2011)
Thorleuchter, D., Van den Poel, D.: Semantic Technology Classification. In: International Conference on Uncertainty Reasoning and Knowledge Engineering, pp. 36–39. IEEE Press, New York (2011)
Thorleuchter, D., Van den Poel, D., Prinzie, A.: Extracting Consumers Needs for New Products. In: 3rd International Conference on Knowledge Discovery and Data Mining, pp. 440–443. IEEE Computer Society, Los Alamitos (2010)
Thorleuchter, D., Van den Poel, D., Prinzie, A.: Mining Innovative Ideas to Support new Product Research and Development. In: Locarek-Junge, H., Weihs, C. (eds.) Classification as a Tool for Research, pp. 587–594. Springer, Berlin (2010)
Thorleuchter, D., Van den Poel, D.: Extraction of Ideas from Microsystems Technology. In: Jin, D., Lin, S. (eds.) Advances in CSIE, Vol. 1. AISC, vol. 168, pp. 563–568. Springer, Heidelberg (2012)
Thorleuchter, D., Weck, G., Van den Poel, D.: Granular Deleting in Multi Level Security Models - An Electronic Engineering Approach. In: Jin, D., Lin, S. (eds.) Advances in Mechanical and Electronic Engineering. LNEE, vol. 177, pp. 609–614. Springer, Heidelberg (2012)
Thorleuchter, D., Van den Poel, D.: Rapid Scenario Generation with Generic Systems. In: Management Sciences and Information Technology. Lecture Notes in Information Technology. IERI, Delaware (in press, 2012)
Thorleuchter, D., Van den Poel, D.: Using Webcrawling of Publicly-Available Websites to Assess E-Commerce Relationships. In: Service Research and Innovation Institute (SRII 2012). IEEE Computer Society, Washington (in press, 2012)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Thorleuchter, D., Weck, G., Van den Poel, D. (2012). Usability Based Modeling for Advanced IT-Security – An Electronic Engineering Approach. In: Jin, D., Lin, S. (eds) Advances in Mechanical and Electronic Engineering. Lecture Notes in Electrical Engineering, vol 177. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-31516-9_99
Download citation
DOI: https://doi.org/10.1007/978-3-642-31516-9_99
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-31515-2
Online ISBN: 978-3-642-31516-9
eBook Packages: EngineeringEngineering (R0)