A Multi-method Approach for User-centered Design of Identity Management Systems

Pooya Jaferian ; David Botta ; Kirstie Hawkey ; Konstantin Beznosov

05 July 2009

Abstract: Identity management (IdM) comprises the processes and infrastructure for the creation, maintenance, and use of digital identities. This includes designating who has access to resources, who grants that access, and how accountability and compliance is maintained. IdM has become an important aspect of IT security infrastructure in organizations, and some consider it to be the most important solution for enabling compliance. To facilitate identity management, usable technological solutions are important. In this ongoing research, we plan to study the practice of identity management from a socio-technical point of view, and study how technology can improve IdM. Our final goal is to develop recommendations for user-centered design of IdM systems. We've devised a multi-method approach to address this problem. To begin with, we performed a case study of IdM adoption and use in an insurance organization. The case study provides us with a high level understanding about the problem domain and directions for the rest of our research. We plan to continue our research in two phases: (1) evaluate the usability of an IdM system using heuristic evaluation, and (2) perform a field study to further our understanding about IdM practices and technologies, validate the results of our heuristic evaluation, and develop recommendations for user-centered design of IdM systems.

Keyword(s): Usable Security ; IdM ; Heuristic Evaluation ; issnet

Published in: Pooya Jaferian, David Botta, Kirstie Hawkey, Konstantin Beznosov, A multi-method approach for user-centered design of identity management systems. Poster at SOUPS 2009, Mountain View, CA, 2009. :

The record appears in these collections:
Usable Security

 Record created 2009-08-09, last modified 2013-05-22

Transfer from CDS 0.99.7:
Download fulltext

Rate this document:

Rate this document:
(Not yet reviewed)