ALIGNING SECURITY AND USABILITY OBJECTIVES FOR COMPUTER BASED INFORMATION SYSTEMS

Susarapu, Santa Ram

11 May 2012

With extensive use of information systems in day-to-day business operations, many organizations are facing challenges to develop robust computer-based information systems that are secure and widely used by the user community. In order to develop information systems that are secure and useful, understanding what stakeholders consider important and value about the security and usability is critical. Security refers to confidentiality, integrity and availability and usability refers to efficiency, effectiveness and user satisfaction. Using Value Focused Thinking approach, this research first proposes the usability objectives based on the values of system developers and users. Using the security objectives proposed by Dhillon & Torkzadeh (2006) and the usability objectives, this research proposes hierarchies with the overall/over-arching goals of security (confidentiality, integrity, availability) and/or usability (efficiency, effectiveness and satisfaction). This research also analyzes a case of computer hacking and identifies which of the security and usability objectives that have not been met in that case study. The research contributions which include the usability objectives and security and usability hierarchies can be useful for theoretical as well as practical purposes.

Security

Usability

Value

VFT

Keeney

Dhillon

Objectives

Means Objectives

Fundamental Objectives

Value Theory

Business

Management Information Systems