12.3. Usability Testing of Security DevicesSecurity devices, like other security technologies, are deployed in a physical and social context to allow users to complete their tasks. Thus, it is essential to perform usability studies on the system as a wholein other words, taking into consideration the specific contexts, users, and tasks users must perform.[10] In the testing described in this chapter, we have tried to capture many of the important usability attributes that will be applicable generally. Do keep in mind, however, that while we are striving for general attributes, you should review your own actual environment to identify additional attributes that might affect your usability, or drop one or more of those we have identified.
12.3.1. Setting Up the TestOur attributes definition draws on prior research[11], [12] and the ISO 9126 standard.[13] The ISO 9126 software quality model defines six independent software quality characteristics, each of which is broken down into a set of subcharacteristics. However, usability studies of security devices deal not only with software but also with systems. Therefore, while the ISO standard is an important reference point, we have had to extend and adapt it to accommodate our specific aspects of interest.
The usability attributes we adopted are an extension of the following three ISO 9126 usability subcharacteristics:
Operability is a very broad attribute. Therefore, we have broken it down into the following subattributes:[14], [15]
One controversial topic is how security devices that require a reader should be evaluated using this framework. A company that is promoting these devices might want an evaluation to consider only the device itself, and assume that the readers are ubiquitous. We take an opposing view: given today's computer hardwarethat is, the system's physical contextthese issues will be raised unless the reader is already in place. This situation can create both usability and security issues if the user is forced to carry around extra hardware and software in order to operate the device. Here, we must make some additional comments about the adaptation of the ISO model of software quality to the specific type of systems in our study. The first comment concerns the hierarchical relationship between the attributes. In our approach, each subattribute of operability has the same relevance level of learnability and attractiveness; the subattributes are simply classified under the common name of operability. The second comment is related to the security interaction; somewhat arbitrarily, we have placed it under the head operability. In fact, the ISO standard does not model this type of attribute, because the attribute does not describe a property in a hierarchy, but an interaction between properties (usability and security). Our experimental approach is driven by the usability attributes defined in this section. In other words, each attribute will be evaluated through a set of metrics detailed in the experiments. 12.3.2. Related WorkLittle research has been published on the usability of security devices. One recent study performed by Wu et al. compares the usability of mobile-phone-based authentication interfaces.[16] Herzberg,[17] and Mallat et al.[18] describe financial services that can be enabled through mobile phones, but their focus on usability is minimal. Fulcher discusses the deployment of a cryptographic USB token in an "eHealth" project, but neither analyzes its usability nor discusses usability tradeoffs of other security devices that might be used in the same context.[19] The usability characteristics of other types of authentication mechanisms are discussed in Part II of this book.
A recent study by Scholtz and Consolvo[20] proposes a framework for conducting a usability study of ubiquitous computing applications. The goals of their frameworkthat is, to allow researchers to learn from each other's results and to create effective evaluation techniques and design guidelinescould apply equally to the evaluation of security devices. The approach we propose in this chapter may be considered a first step in defining a more complete framework similar to the one proposed by these researchers.
12.3.3. Usability Testing MethodologyThe following steps summarize the methodology we adopted in our usability testing:
|