Abstract
PurposeThis paper aims to present concrete and verified guidelines for enhancing the usability and security of software that delegates security decisions to lay users and captures these user decisions as a security policy.Design/methodology/approachThis work is an exploratory study. The authors hypothesised that existing tools for runtime set‐up of security policies are not sufficient. As this proved true, as shown in earlier work, they apply usability engineering with user studies to advance the state‐of‐the‐art.FindingsLittle effort has been spent on how security policies can be set up by the lay users for whom they are intended. This work identifies what users want and need for a successful runtime set‐up of security policies.Practical implicationsConcrete and verified guidelines are provided for designers who are faced with the task of delegating security decisions to lay users.Originality/valueThe devised guidelines focus specifically on the set‐up of runtime security policies and therefore on the design of alert windows.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
