Welcome to the InfoSci Platform
Reference Hub9
Formative User-Centered Evaluation of Security Modeling: Results from a Case Study

Formative User-Centered Evaluation of Security Modeling: Results from a Case Study

Sandra Trösterer, Elke Beck, Fabiano Dalpiaz, Elda Paja, Paolo Giorgini, Manfred Tscheligi
Copyright: © 2012 |Volume: 3 |Issue: 1 |Pages: 19
ISSN: 1947-3036|EISSN: 1947-3044|EISBN13: 9781466613973|DOI: 10.4018/jsse.2012010101
Cite Article Cite Article

MLA

Trösterer, Sandra, et al. "Formative User-Centered Evaluation of Security Modeling: Results from a Case Study." IJSSE vol.3, no.1 2012: pp.1-19. http://doi.org/10.4018/jsse.2012010101

APA

Trösterer, S., Beck, E., Dalpiaz, F., Paja, E., Giorgini, P., & Tscheligi, M. (2012). Formative User-Centered Evaluation of Security Modeling: Results from a Case Study. International Journal of Secure Software Engineering (IJSSE), 3(1), 1-19. http://doi.org/10.4018/jsse.2012010101

Chicago

Trösterer, Sandra, et al. "Formative User-Centered Evaluation of Security Modeling: Results from a Case Study," International Journal of Secure Software Engineering (IJSSE) 3, no.1: 1-19. http://doi.org/10.4018/jsse.2012010101

Export Reference

Mendeley
Favorite Full-Issue Download

Abstract

Developing a security modeling language is a complex activity. Particularly, it becomes very challenging for Security Requirements Engineering (SRE) languages where social/organizational concepts are used to represent high-level business aspects, while security aspects are typically expressed in a technical jargon at a lower level of abstraction. In order to reduce this socio-technical mismatch and reach a high quality outcome, appropriate evaluation techniques need to be chosen and carried out throughout the development process of the modeling language. In this article, the authors present and discuss the formative user-centered evaluation approach, namely an evaluation technique that starts since the early design stages and actively involves end-users. The authors demonstrate the approach in a real case study presenting the results of the evaluation. From the gained empirical evidence, we may conclude that formative user-centered evaluation is highly recommended to investigate any security modeling language.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.