Comparison of methods for analyzing the correlation of user experience and information security

Abstract

User experience (UX) is a quality requirement of software, but it can also negatively or positively influence the information security. It is not uncommon for users to misuse or even ignore information security mechanisms because the UX of the system is inadequate. Moreover, too complex information security mechanisms might also lead to a system not being used after development. The interaction of UX and information security should be designed in such a way that both individual aspects on the one hand and the overall effect on the other meet the requirements. In order to analyze the interaction of both aspects, suitable methods can be used. The methods can be used to assess the extent to which UX influences information security - vice versa. Subsequently, the software can be adapted so that UX and information security reach a sufficient level. In order to find such analysis methods, a systematic literature review was conduct out by 3 filter criteria. In the end, 189 publications remained, referencing a total of 22 different methods. These 22 methods were evaluated by 6 criteria and compared with each other. As a result, none of the identified methods can fully evaluate the correlation of UX, especially usability, and information security. Therefore, a new method should be developed that can potentially adapt some of the identified methods.

Publication
5th International Conference on Software Engineering and Development. ICSED 2023. Singapore.