Human-centered authentication guidelines. (9th October 2017)
- Record Type:
- Journal Article
- Title:
- Human-centered authentication guidelines. (9th October 2017)
- Main Title:
- Human-centered authentication guidelines
- Authors:
- Still, Jeremiah D.
Cain, Ashley
Schuster, David - Abstract:
- Abstract : Purpose: Despite the widespread use of authentication schemes and the rapid emergence of novel authentication schemes, a general set of domain-specific guidelines has not yet been developed. This paper aims to present and explain a list of human-centered guidelines for developing usable authentication schemes. Design/methodology/approach: The guidelines stem from research findings within the fields of psychology, human–computer interaction and information/computer science. Findings: Instead of viewing users as the inevitable weak point in the authentication process, this study proposes that authentication interfaces be designed to take advantage of users' natural abilities. This approach requires that one understands how interactions with authentication interfaces can be improved and what human capabilities can be exploited. A list of six guidelines that designers ought to consider when developing a new usable authentication scheme has been presented. Research limitations/implications: This consolidated list of usable authentication guidelines provides system developers with immediate access to common design issues impacting usability. These guidelines ought to assist designers in producing more secure products in fewer costly development cycles. Originality/value: Cybersecurity research and development has mainly focused on technical solutions to increase security. However, the greatest weakness of many systems is the user. It is argued that authenticationAbstract : Purpose: Despite the widespread use of authentication schemes and the rapid emergence of novel authentication schemes, a general set of domain-specific guidelines has not yet been developed. This paper aims to present and explain a list of human-centered guidelines for developing usable authentication schemes. Design/methodology/approach: The guidelines stem from research findings within the fields of psychology, human–computer interaction and information/computer science. Findings: Instead of viewing users as the inevitable weak point in the authentication process, this study proposes that authentication interfaces be designed to take advantage of users' natural abilities. This approach requires that one understands how interactions with authentication interfaces can be improved and what human capabilities can be exploited. A list of six guidelines that designers ought to consider when developing a new usable authentication scheme has been presented. Research limitations/implications: This consolidated list of usable authentication guidelines provides system developers with immediate access to common design issues impacting usability. These guidelines ought to assist designers in producing more secure products in fewer costly development cycles. Originality/value: Cybersecurity research and development has mainly focused on technical solutions to increase security. However, the greatest weakness of many systems is the user. It is argued that authentication schemes with poor usability are inherently insecure, as users will inadvertently weaken the security in their efforts to use the system. The study proposes that designers need to consider the human factors that impact end-user behavior. Development from this perspective will address the greatest weakness in most security systems by increasing end-user compliance. … (more)
- Is Part Of:
- Information and computer security. Volume 25:Number 4(2017)
- Journal:
- Information and computer security
- Issue:
- Volume 25:Number 4(2017)
- Issue Display:
- Volume 25, Issue 4 (2017)
- Year:
- 2017
- Volume:
- 25
- Issue:
- 4
- Issue Sort Value:
- 2017-0025-0004-0000
- Page Start:
- 437
- Page End:
- 453
- Publication Date:
- 2017-10-09
- Subjects:
- Guidelines -- Cybersecurity -- Usable security -- Interface design
Computer security -- Management -- Periodicals
Computer networks -- Security measures -- Periodicals
Data protection -- Management -- Periodicals
658.47 - Journal URLs:
- http://www.emeraldinsight.com/loi/ics ↗
http://www.emeraldinsight.com/ ↗ - DOI:
- 10.1108/ICS-04-2016-0034 ↗
- Languages:
- English
- ISSNs:
- 2056-4961
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 4481.796000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 4804.xml