liu.seSearch for publications in DiVA
Change search
ReferencesLink to record
Permanent link

Direct link
User-centred security applied to the development of a management information system
School of Humanities and Informatics, University of Skövde, Skövde, Sweden.
2007 (English)In: Information Management & Computer Security, ISSN 0968-5227, Vol. 15, no 5, 372-381 p.Article in journal (Refereed) Published
Abstract [en]

Purpose - This paper aims to use user-centred security development of a prototype graphical interface for a management information system dealing with information security with upper-level management as the intended users. Design/methodology/approach - The intended users were studied in order to understand their needs. An iterative design process was used where the designs were first made on paper, then as a prototype interface and later as a final interface design. All was tested by subjects within the target user group. Findings - The interface was perceived as being successful by the test subjects and the sponsoring organization, Siguru. The major conclusion of the study is that managers use knowledge of information security mainly for financial and strategic matters which focus more on risk issues than security issues. To facilitate the need of managers the study presents three heuristics for the design of management information security system interfaces. Research limitations/implications - This interface was tested on a limited set of users and further tests could be done, especially of users with other cultural/professional backgrounds. Practical implications - This paper presents a useful set of heuristics that can be used in development of management information systems as well as other practical tips for similar projects. Originality/value - This paper gives an example of a successful user-centred security development process. The lessons learned could be beneficial in software development in general and security products in particular.

Place, publisher, year, edition, pages
2007. Vol. 15, no 5, 372-381 p.
Keyword [en]
Data security, Information, Information systems, User interfaces
National Category
Engineering and Technology
URN: urn:nbn:se:liu:diva-48310DOI: 10.1108/09685220710831116OAI: diva2:269206
Available from: 2009-10-11 Created: 2009-10-11 Last updated: 2011-01-11

Open Access in DiVA

No full text

Other links

Publisher's full text
In the same journal
Information Management & Computer Security
Engineering and Technology

Search outside of DiVA

GoogleGoogle Scholar
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Altmetric score

Total: 16 hits
ReferencesLink to record
Permanent link

Direct link