UCL  IRIS
Institutional Research Information Service
UCL Logo
Please report any queries concerning the funding data grouped in the sections named "Externally Awarded" or "Internally Disbursed" (shown on the profile page) to your Research Finance Administrator. Your can find your Research Finance Administrator at http://www.ucl.ac.uk/finance/research/post_award/post_award_contacts.php by entering your department
Please report any queries concerning the student data shown on the profile page to:

Email: portico-services@ucl.ac.uk

Help Desk: http://www.ucl.ac.uk/ras/portico/helpdesk
Publication Detail
Stakeholder Involvement, Motivation, Responsibility, Communication: How to Design Usable Security in e-Science
  • Publication Type:
    Journal article
  • Publication Sub Type:
    Article
  • Authors:
    Flechais I, Sasse MA
  • Publication date:
    2009
  • Pagination:
    281, 296
  • Journal:
    International Journal of Human-Computer Studies
  • Volume:
    67
  • Issue:
    4
  • Status:
    Submitted
  • Print ISSN:
    1071-5819
  • Keywords:
    security, usability, e-Science
Abstract
e-Science projects face a difficult challenge in providing access to valuable computational resources, data and software to large communities of distributed users. On the one hand, the raison d’être of the projects is to encourage members of their research communities to use the resources provided. On the other hand, the threats to these resources from online attacks require robust and effective security to mitigate the risks faced. This raises two issues: ensuring that (1) the security mechanisms put in place are usable by the different users of the system, and (2) the security of the overall system satisfies the security needs of all its different stakeholders. A failure to address either of these issues can seriously jeopardise the success of e-Science projects. The aim of this paper is to firstly provide a detailed understanding of how these challenges can present themselves in practice in the development of e-Science applications. Secondly, this paper examines the steps that projects can undertake to ensure that security requirements are correctly identified, and security measures are usable by the intended research community. The research presented in this paper is based on four case studies of e-Science projects. Security design traditionally uses expert analysis of risks to the technology and deploys appropriate countermeasures to deal with them. However, these case studies highlight the importance of involving all stakeholders in the process of identifying security needs and designing secure and usable systems. For each case study, transcripts of the security analysis and design sessions were analysed to gain insight into the issues and factors that surround the design of usable security. The analysis concludes with a model explaining the relationships between the most important factors identified. This includes a detailed examination of the roles of responsibility, motivation and communication of stakeholders in the ongoing process of designing usable secure socio-technical systems such as e-Science.
Publication data is maintained in RPS. Visit https://rps.ucl.ac.uk
 More search options
UCL Researchers
Author
Dept of Computer Science
University College London - Gower Street - London - WC1E 6BT Tel:+44 (0)20 7679 2000

© UCL 1999–2011

Search by