Exploring the meaning of usable security – a literature review

PurposeFor decades, literature has reported on the perceived conflict between usability and security. This mutual trade-off needs to be considered and addressed whenever security products are developed. Achieving well-balanced levels of both is a precondition for sufficient security as users tend to...

Full description

Saved in:
Bibliographic Details
Published inInformation and computer security Vol. 29; no. 4; pp. 647 - 663
Main Authors Lennartsson, Markus, Kävrestad, Joakim, Nohlberg, Marcus
Format Journal Article
LanguageEnglish
Published Bingley Emerald Group Publishing Limited 26.10.2021
Subjects
Completion time
Context
End users
INF303 Information Security
INF303 Informationssäkerhet
Information Systems
Informationssystem (IS)
Literature reviews
Security
Systematic review
Usability
usable security
Online AccessGet full text
ISSN2056-4961
2056-497X
DOI10.1108/ICS-10-2020-0167

Cover

More Information
Summary:PurposeFor decades, literature has reported on the perceived conflict between usability and security. This mutual trade-off needs to be considered and addressed whenever security products are developed. Achieving well-balanced levels of both is a precondition for sufficient security as users tend to reject unusable solutions. To assess it correctly, usability should be evaluated in the context of security. This paper aims to identify and describe universally applicable and solution-independent factors that affect the perceived usability of security mechanisms.Design/methodology/approachThe selected methodology was a systematic literature review during which multiple database resources were queried. Application of predefined selection criteria led to the creation of a bibliography before backward snowballing was applied to minimize the risk of missing material of importance. All 70 included publications were then analyzed through thematic analysis.FindingsThe study resulted in the identification of 14 themes and 30 associated subthemes representing aspects with reported influence on perceived usability in the context of security. While some of them were only mentioned sparsely, the most prominent and thus presumably most significant ones were: simplicity, information and support, task completion time, error rates and error management.Originality/valueThe identified novel themes can increase knowledge about factors that influence usability. This can be useful for different groups: end users may be empowered to choose appropriate solutions more consciously, developers may be able to avoid common usability pitfalls when designing new products and system administrators may benefit from a better understanding of how to configure solutions and how to educate users efficiently.
Bibliography:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ISSN:2056-4961
2056-497X
DOI:10.1108/ICS-10-2020-0167