Heuristics for Evaluating IT Security Management Tools

Pooya Jaferian ; Kirstie Hawkey ; Andreas Sotirakopoulos ; Konstantin Beznosov

24 February 2011

Abstract: The usability of IT security management (ITSM) tools is hard to evaluate by regular methods, making heuristic evaluation attractive. However, ITSM occurs within a complex and collaborative context that involves diverse stakeholders; this makes standard usability heuristics difficult to apply. We propose a set of ITSM usability heuristics that are based on activity theory and supported by prior research. We performed a study to compare the use of the ITSM heuristics to Nielsen's heuristics for the evaluation of a commercial identity management system. Our preliminary results show that our new ITSM heuristics performed well in finding usability problems. However, we need to perform the study with more participants and perform more detailed analysis to precisely show the differences in applying the ITSM heuristics as compared to Nielsen’s heuristics.

Keyword(s): Usable Security ; User Studies ; Heuristic Evaluation ; IdM

Published in: Pooya Jaferian, Kirstie Hawkey, Andreas Sotirakopoulos, and Konstantin Beznosov, Heuristics for Evaluating IT Security Management Tools, In Proceedings of the 29th international conference extended abstracts on Human factors in computing systems (CHI '11), Vancouver, Canada, 2011. :

The record appears in these collections:
Refereed Conference Papers
Usable Security

 Record created 2011-02-24, last modified 2013-05-22

Transfer from CDS 0.99.7:
Download fulltext

Rate this document:

Rate this document:
(Not yet reviewed)