Deciding between information security and usability

Developing value based objectives

Gurpreet Dhillon, Tiago Oliveira, Santa Susarapu, Mario Caldeira

Research output: Contribution to journalArticle

15 Citations (Scopus)

Abstract

Deciding between security and usability of systems remains an important topic among managers and academics. One of the fundamental problems is to balance the conflicting requirements of security and usability. We argue that definition of objectives for security and usability allows for deciding about the right balance between security and usability. To this effect we propose two instruments for assessing security and usability of systems, and develop them in three phases. In Phase 1 we identified 16 clusters of means and 8 clusters of fundamental objectives using the value-focused thinking approach and interviews with 35 experts. Based on phase 1, in the second phase we collected a sample of 201 users to purify, and ensure reliability and unidimensionality of the two instruments. In the third phase, based on a sample of 418 users we confirmed and validated the two instruments found in Phase 2. This resulted in 14 means objectives organized into four categories (minimize system interruptions and licensing restrictions, maximize information retrieval, maximize system aesthetics, and maximize data quality), and 10 fundamental objectives grouped into four categories (maximize standardization and integration, maximize ease of use, enhance system related communication, and maximize system capability). The objectives offer a useful basis for assessing the extent to which security and usability has been achieved in systems. The objectives also provide a decision basis for balancing security and usability.

Original languageEnglish
Pages (from-to)656-666
Number of pages11
JournalComputers in Human Behavior
Volume61
DOIs
Publication statusPublished - 1 Aug 2016

Fingerprint

Licensure
Security of data
Esthetics
Information Systems
Communication
Interviews
Information retrieval systems
Standardization
Managers
Data Accuracy
Thinking
Usability
Fundamental

Keywords

  • Instrument development
  • Qualitative methods
  • Quantitative methods
  • Security values
  • Usability values
  • Value focused-thinking

Cite this

Dhillon, Gurpreet ; Oliveira, Tiago ; Susarapu, Santa ; Caldeira, Mario. / Deciding between information security and usability : Developing value based objectives. In: Computers in Human Behavior. 2016 ; Vol. 61. pp. 656-666.
@article{cb2a797f033f4f8fa5d5cf0107a44e50,
title = "Deciding between information security and usability: Developing value based objectives",
abstract = "Deciding between security and usability of systems remains an important topic among managers and academics. One of the fundamental problems is to balance the conflicting requirements of security and usability. We argue that definition of objectives for security and usability allows for deciding about the right balance between security and usability. To this effect we propose two instruments for assessing security and usability of systems, and develop them in three phases. In Phase 1 we identified 16 clusters of means and 8 clusters of fundamental objectives using the value-focused thinking approach and interviews with 35 experts. Based on phase 1, in the second phase we collected a sample of 201 users to purify, and ensure reliability and unidimensionality of the two instruments. In the third phase, based on a sample of 418 users we confirmed and validated the two instruments found in Phase 2. This resulted in 14 means objectives organized into four categories (minimize system interruptions and licensing restrictions, maximize information retrieval, maximize system aesthetics, and maximize data quality), and 10 fundamental objectives grouped into four categories (maximize standardization and integration, maximize ease of use, enhance system related communication, and maximize system capability). The objectives offer a useful basis for assessing the extent to which security and usability has been achieved in systems. The objectives also provide a decision basis for balancing security and usability.",
keywords = "Instrument development, Qualitative methods, Quantitative methods, Security values, Usability values, Value focused-thinking",
author = "Gurpreet Dhillon and Tiago Oliveira and Santa Susarapu and Mario Caldeira",
year = "2016",
month = "8",
day = "1",
doi = "10.1016/j.chb.2016.03.068",
language = "English",
volume = "61",
pages = "656--666",
journal = "Computers in Human Behavior",
issn = "0747-5632",
publisher = "Elsevier Science B.V., Amsterdam.",

}

Deciding between information security and usability : Developing value based objectives. / Dhillon, Gurpreet; Oliveira, Tiago; Susarapu, Santa; Caldeira, Mario.

In: Computers in Human Behavior, Vol. 61, 01.08.2016, p. 656-666.

Research output: Contribution to journalArticle

TY - JOUR

T1 - Deciding between information security and usability

T2 - Developing value based objectives

AU - Dhillon, Gurpreet

AU - Oliveira, Tiago

AU - Susarapu, Santa

AU - Caldeira, Mario

PY - 2016/8/1

Y1 - 2016/8/1

N2 - Deciding between security and usability of systems remains an important topic among managers and academics. One of the fundamental problems is to balance the conflicting requirements of security and usability. We argue that definition of objectives for security and usability allows for deciding about the right balance between security and usability. To this effect we propose two instruments for assessing security and usability of systems, and develop them in three phases. In Phase 1 we identified 16 clusters of means and 8 clusters of fundamental objectives using the value-focused thinking approach and interviews with 35 experts. Based on phase 1, in the second phase we collected a sample of 201 users to purify, and ensure reliability and unidimensionality of the two instruments. In the third phase, based on a sample of 418 users we confirmed and validated the two instruments found in Phase 2. This resulted in 14 means objectives organized into four categories (minimize system interruptions and licensing restrictions, maximize information retrieval, maximize system aesthetics, and maximize data quality), and 10 fundamental objectives grouped into four categories (maximize standardization and integration, maximize ease of use, enhance system related communication, and maximize system capability). The objectives offer a useful basis for assessing the extent to which security and usability has been achieved in systems. The objectives also provide a decision basis for balancing security and usability.

AB - Deciding between security and usability of systems remains an important topic among managers and academics. One of the fundamental problems is to balance the conflicting requirements of security and usability. We argue that definition of objectives for security and usability allows for deciding about the right balance between security and usability. To this effect we propose two instruments for assessing security and usability of systems, and develop them in three phases. In Phase 1 we identified 16 clusters of means and 8 clusters of fundamental objectives using the value-focused thinking approach and interviews with 35 experts. Based on phase 1, in the second phase we collected a sample of 201 users to purify, and ensure reliability and unidimensionality of the two instruments. In the third phase, based on a sample of 418 users we confirmed and validated the two instruments found in Phase 2. This resulted in 14 means objectives organized into four categories (minimize system interruptions and licensing restrictions, maximize information retrieval, maximize system aesthetics, and maximize data quality), and 10 fundamental objectives grouped into four categories (maximize standardization and integration, maximize ease of use, enhance system related communication, and maximize system capability). The objectives offer a useful basis for assessing the extent to which security and usability has been achieved in systems. The objectives also provide a decision basis for balancing security and usability.

KW - Instrument development

KW - Qualitative methods

KW - Quantitative methods

KW - Security values

KW - Usability values

KW - Value focused-thinking

UR - http://www.scopus.com/inward/record.url?scp=84961933307&partnerID=8YFLogxK

U2 - 10.1016/j.chb.2016.03.068

DO - 10.1016/j.chb.2016.03.068

M3 - Article

VL - 61

SP - 656

EP - 666

JO - Computers in Human Behavior

JF - Computers in Human Behavior

SN - 0747-5632

ER -