ANALYSIS OF THE RELATIONSHIP BETWEEN USABILITY AND INFORMATION SECURITY: A SCOPING REVIEW

Authors

DOI:

https://doi.org/10.47820/recima21.v6i3.6309

Keywords:

Usability, Information Security, User-Centered Design

Abstract

Usability and security are often seen as conflicting requirements in system design, especially for non-specialized users. This study presents a scoping review on the intersection between usability and security in digital systems. Initially, 22.810 articles were identified, of which 19 met the established criteria and were analyzed. These studies investigated usability challenges associated with security vulnerabilities, such as complex authentication, navigation difficulties, overloaded interfaces, and lack of clarity in risk communication. Additionally, documented strategies to mitigate these problems without compromising system protection were evaluated, including user-centered design, security heuristics, adaptive feedback mechanisms, and multimodal interfaces. Results indicate that usability problems frequently contribute to security risks, with most studies focused on identifying these challenges rather than validating solutions. Strategies such as simplified authentication, persuasion techniques (nudging), and security transparency show potential for balancing usability and protection but require greater empirical validation. Future research should focus on quantitative assessments, testing in real environments, and artificial intelligence-based adaptations to optimize security without compromising user experience.

Downloads

Download data is not yet available.

Author Biographies

  • Larissa Júlia Ferreira Magalhães

    Graduanda em Sistemas e Mídias Digitais pela Universidade Federal do Ceará.

  • Mária de Fátima Costa de Souza

    Doutora em Engenharia de Teleinformática pela Universidade Federal do Ceará e professora associada da Universidade Federal do Ceará. 

     

References

AKINLADE, E. O.; ADELEYE, E. O. Designing a Secure Interactive System: Balancing the Conflict Between Security, Usability, and Functionality. [S. l.: s. n.], 2022.

AMBRORE, S. M. Cybersecurity for the Unbanked: Usable Security Heuristics for Mobile Financial Services. 2024. Thesis - Bournemouth University, 2024.

ANDERSON, B. R.; JOHNSON, J. T. Securing Vehicle Charging Infrastructure Against Cybersecurity Threats. In: Conference [...] SAE Hybrid and Electric Vehicle Symposium, 2020. Disponível em: https://doi.org/10.13140/RG.2.2.28243.12329. Acesso em: 07 fev. 2025.

ANDERSON, R. Security Engineering: A Guide to Building Dependable Distributed Systems. 3rd ed. Indianapolis: Wiley, 2020. Disponível em: https://github.com/tpn/pdfs/blob/master/Security%20Engineering%20%20Ross%20Anderson%20(v1).pdf. Acesso em: 12 fev. 2025.

ANTUNES, M.; MAXIMIANO, M.; GOMES, R. A Client-Centered Information Security and Cybersecurity Auditing Framework. Applied Sciences, v. 12, 2022. Disponível em: https://doi.org/10.3390/app12094102. Acesso em: 07 fev. 2025. DOI: https://doi.org/10.3390/app12094102

ARKSEY, H.; O’MALLEY, L. Scoping studies: towards a methodological framework. International Journal of Social Research Methodology, v. 8, n. 1, p. 19-32, 2005. Disponível em: https://doi.org/10.1080/1364557032000119616. Acesso em: 07 fev. 2025. DOI: https://doi.org/10.1080/1364557032000119616

BEACH, S. K. Usable Cybersecurity: Human Factors in Cybersecurity Education Curricula. National Cybersecurity Institute Journal, v. 1, n. 1, 2014.

BONNEAU, J.; PREIBUSCH, S. The Privacy Jungle: On the Market for Data Protection in Social Networks. [S. l.: s. n.], 2010. Disponível em: https://doi.org/10.1007/978-1-4419-6967-58. Acesso em: 12 fev. 2025. DOI: https://doi.org/10.1007/978-1-4419-6967-5_8

CHADWICK, D. W. et al. A cloud-edge based data security architecture for sharing and analysing cyber threat information. Future Generation Computer Systems, v. 102, 2020. DOI: https://doi.org/10.1016/j.future.2019.06.026

CRIOLO-C, S. et al. Usability and Workload Evaluation of a Cybersecurity Educational Game Application: A Case Study. IEEE Access, 2024. DOI: https://doi.org/10.1109/ACCESS.2024.3352589

DERMEVAL, D.; COELHO, J.; BITTENCOURT, I. I. Mapeamento Sistemático e Revisão Sistemática da Literatura em Informática na Educação. In: Metodologia de Pesquisa Científica em Informática na Educação: Abordagem Quantitativa. Porto Alegre: SBC, 2020. p. 26. v. 2.

FLORÊNCIO, D.; HERLEY, C.; VAN OORSCHOT, P. C. Password Portfolios and the Finite-Effort User: Sustainably Managing Large Numbers of Accounts. In: USENIX Conference on Security Symposium, San Diego, 20-22 ago. 2014, p. 575-590.

FRAGA, N. Aumento de ataques cibernéticos reforça a importância do seguro cyber. Revista Apólice, 2023. Disponível em: https://revistaapolice.com.br/2023/07/aumento-de-ataques-ciberneticos-reforca-a-importancia-do-seguro-cyber/. Acesso em: 12 out. 2024.

FURNELL, S. Usable Cybersecurity: a Contradiction in Terms? [S. l.: s. n.]. 2024. DOI: https://doi.org/10.1093/iwc/iwad035

GARTNER. Gartner Forecasts Global Security and Risk Management Spending to Grow 14% in 2024. Gartner Press Releases, 2023. Disponível em: https://www.gartner.com/en/newsroom/press-releases/2023-09-28-gartner-forecastsglobalsecurity-and-risk-management-spending-to-grow-14-percent-in-2024. Acesso em: 10 out. 2024.

GORDIEIEV, O. et al. Concept of Using Eye Tracking Technology to Assess and Ensure Cybersecurity, Functional Safety and Usability. International Journal of Safety and Security Engineering, v. 11, n. 4, 2021. DOI: https://doi.org/10.18280/ijsse.110409

GORDIEIEV, O.; KHARCHENKO, V.; VERESHCHAK, K. Usable Security Versus Secure Usability: an Assessment of Attributes Interaction. [S. l.]: Banking University, National Aerospace University «KhAI», Luxoft, 2024.

HARTE, R. et al. A Human-Centered Design Methodology to Enhance the Usability, Human Factors, and User Experience of Connected Health Systems. JMIR Human Factors, v. 4, n. 1, 2017. DOI: https://doi.org/10.2196/humanfactors.5443

ISO. ISO 9241-110: Ergonomics of Human-System Interaction-Pt. 110: Interaction Principles. [S. l.]: ISO, 2020.

KALOROUMAKIS, P. E.; SMITH, M. J. Toward a Knowledge Graph of Cybersecurity Countermeasures. [S. l.]: MITRE Corporation, 2021.

KASPRZAK, W. et al. Agent-based approach to the design of a multimodal interface for cyber-security event visualisation control. Bulletin of the Polish Academy of Sciences: Technical Sciences, v. 68, n. 5, 2020. DOI: https://doi.org/10.24425/bpasts.2020.134662

KASURINEN, J. Usability Issues of Virtual Reality Learning Simulator in Healthcare and Cybersecurity. Procedia Computer Science, v. 119, 2017. DOI: https://doi.org/10.1016/j.procs.2017.11.193

KITCHENHAM, B.; CHARTERS, S. Guidelines for performing Systematic Literature Reviews in Software Engineering. EBSE Technical Report EBSE-2007-01. School of Computer Science and Mathematics, Keele, UK, 2007.

LEVAC, D.; COLQUHOUN, H.; O’BRIEN, K. K. Scoping studies: advancing the methodology. Implementation Science, v. 5, n. 1, p. 69, 2010. Disponível em: http://doi.org/10.1186/1748-5908-5-69. Acesso em: 07 fev. 2025. DOI: https://doi.org/10.1186/1748-5908-5-69

LI, Y. et al. Effectiveness and Users' Experience of Obfuscation as a Privacy-Enhancing Technology for Sharing Photos. Proceedings of the ACM on Human-Computer Interaction, v. 1 (CSCW), 2017. DOI: https://doi.org/10.1145/3134702

NIST. National Institute of Standards and Technology. Cybersecurity Framework (CSF)., abr. 2018. Disponível em: https://www.nist.gov/cyberframework. Acesso em: 12 fev. 2025.

POLLINI, A. et al. Leveraging human factors in cybersecurity: an integrated methodological approach. Cognition, Technology & Work, 2022.

SAMBIN, G. Usability of Safety Critical Applications in Enterprise Environments. 2023. Master (Degree Course in Computer Engineering) - Politecnico di Torino, 2023.

SASSE, A.; SMITH, M. The Security-Usability Tradeoff Myth. IEEE Security & Privacy, v. 14, p. 11-13, 2016. Disponível em: https://doi.org/10.1109/MSP.2016.102. Acesso em: 07 fev. 2025. DOI: https://doi.org/10.1109/MSP.2016.102

SCHNEIDER, W.; FISCHER-HÜBNER, S. Privacy-Friendly Nudging Strategies for Security and Privacy Decisions. Privacy and Identity Management. The Fairness Challenge (Springer), 2018.

SCHREPP, M.; HINDERKS, A.; THOMASCHEWSKI, J. Applying the User Experience Questionnaire (UEQ) in Different Evaluation Scenarios. Lecture Notes in Computer Science (LNCS), 2014. DOI: https://doi.org/10.1007/978-3-319-07668-3_37

SHAMUGIA, R. R. Development of the Software Application with Graphical User Interface for One Model Cyber Security. International Journal of Communications, Network and System Sciences, v. 12, 2019. Disponível em: https://doi.org/10.4236/ijcns.2019.1212014. Acesso em: 07 fev. 2025. DOI: https://doi.org/10.4236/ijcns.2019.1212014

WHITTEN, A.; TYGAR, J. Why Johnny Can’t Encrypt: A Usability Evaluation of PGP 5.0. Proceedings of the 8th USENIX Security Symposium, v. 8, p. 14, 1999.

Downloads

Published

07/03/2025

Issue

Vol. 6 No. 3 (2025): CLICK HERE TO ACCESS THE ARTICLES

Section

ARTIGOS

Categories

License

Copyright (c) 2025 RECIMA21 - Revista Científica Multidisciplinar - ISSN 2675-6218

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

Os direitos autorais dos artigos/resenhas/TCCs publicados pertecem à revista RECIMA21, e seguem o padrão Creative Commons (CC BY 4.0), permitindo a cópia ou reprodução, desde que cite a fonte e respeite os direitos dos autores  e contenham menção aos mesmos nos créditos. Toda e qualquer obra publicada na revista, seu conteúdo é de responsabilidade dos autores, cabendo a RECIMA21 apenas ser o veículo de divulgação, seguindo os padrões nacionais e internacionais de publicação. 

How to Cite

ANALYSIS OF THE RELATIONSHIP BETWEEN USABILITY AND INFORMATION SECURITY: A SCOPING REVIEW. (2025). RECIMA21 - Revista Científica Multidisciplinar - ISSN 2675-6218, 6(3), e636309. https://doi.org/10.47820/recima21.v6i3.6309