ANÁLISE DA RELAÇÃO ENTRE USABILIDADE E SEGURANÇA DA INFORMAÇÃO: UMA REVISÃO DE ESCOPO

Larissa Júlia Ferreira Magalhães; Mária de Fátima Costa de Souza

doi:10.47820/recima21.v6i3.6309

Autores/as

Larissa Júlia Ferreira Magalhães https://orcid.org/0009-0007-8462-3019
Mária de Fátima Costa de Souza https://orcid.org/0000-0001-5932-0453

DOI:

https://doi.org/10.47820/recima21.v6i3.6309

Palabras clave:

Usabilidad, Seguridad de la Información, Diseño Centrado en el Usuario

Resumen

La usabilidad y la seguridad suelen considerarse requisitos conflictivos en el diseño de sistemas, especialmente para usuarios no especializados. Este estudio presenta una revisión de alcance sobre la intersección entre usabilidad y seguridad en los sistemas digitales. Inicialmente, se identificaron 22.810 artículos, de los cuales 19 cumplieron con los criterios establecidos y fueron analizados. Estos estudios investigaron los desafíos de usabilidad asociados con vulnerabilidades de seguridad, como autenticación compleja, dificultades de navegación, interfaces sobrecargadas y falta de claridad en la comunicación de riesgos. Además, se evaluaron estrategias documentadas para mitigar estos problemas sin comprometer la protección de los sistemas, incluyendo el diseño centrado en el usuario, heurísticas de seguridad, mecanismos de retroalimentación adaptativa e interfaces multimodales. Los resultados indican que los problemas de usabilidad contribuyen frecuentemente a riesgos de seguridad, y la mayoría de los estudios se centran en la identificación de estos desafíos en lugar de la validación de soluciones. Estrategias como autenticación simplificada, técnicas de persuasión (nudging) y transparencia en seguridad muestran potencial para equilibrar usabilidad y protección, pero requieren mayor validación empírica. Las investigaciones futuras deben enfocarse en evaluaciones cuantitativas, pruebas en entornos reales y adaptaciones basadas en inteligencia artificial para optimizar la seguridad sin comprometer la experiencia del usuario.

Descargas

Los datos de descarga aún no están disponibles.

Biografía del autor/a

Larissa Júlia Ferreira Magalhães

Graduanda em Sistemas e Mídias Digitais pela Universidade Federal do Ceará.
Mária de Fátima Costa de Souza

Doutora em Engenharia de Teleinformática pela Universidade Federal do Ceará e professora associada da Universidade Federal do Ceará.

Referencias

AKINLADE, E. O.; ADELEYE, E. O. Designing a Secure Interactive System: Balancing the Conflict Between Security, Usability, and Functionality. [S. l.: s. n.], 2022.

AMBRORE, S. M. Cybersecurity for the Unbanked: Usable Security Heuristics for Mobile Financial Services. 2024. Thesis - Bournemouth University, 2024.

ANDERSON, B. R.; JOHNSON, J. T. Securing Vehicle Charging Infrastructure Against Cybersecurity Threats. In: Conference [...] SAE Hybrid and Electric Vehicle Symposium, 2020. Disponível em: https://doi.org/10.13140/RG.2.2.28243.12329. Acesso em: 07 fev. 2025.

ANDERSON, R. Security Engineering: A Guide to Building Dependable Distributed Systems. 3rd ed. Indianapolis: Wiley, 2020. Disponível em: https://github.com/tpn/pdfs/blob/master/Security%20Engineering%20%20Ross%20Anderson%20(v1).pdf. Acesso em: 12 fev. 2025.

ANTUNES, M.; MAXIMIANO, M.; GOMES, R. A Client-Centered Information Security and Cybersecurity Auditing Framework. Applied Sciences, v. 12, 2022. Disponível em: https://doi.org/10.3390/app12094102. Acesso em: 07 fev. 2025. DOI: https://doi.org/10.3390/app12094102

ARKSEY, H.; O’MALLEY, L. Scoping studies: towards a methodological framework. International Journal of Social Research Methodology, v. 8, n. 1, p. 19-32, 2005. Disponível em: https://doi.org/10.1080/1364557032000119616. Acesso em: 07 fev. 2025. DOI: https://doi.org/10.1080/1364557032000119616

BEACH, S. K. Usable Cybersecurity: Human Factors in Cybersecurity Education Curricula. National Cybersecurity Institute Journal, v. 1, n. 1, 2014.

BONNEAU, J.; PREIBUSCH, S. The Privacy Jungle: On the Market for Data Protection in Social Networks. [S. l.: s. n.], 2010. Disponível em: https://doi.org/10.1007/978-1-4419-6967-58. Acesso em: 12 fev. 2025. DOI: https://doi.org/10.1007/978-1-4419-6967-5_8

CHADWICK, D. W. et al. A cloud-edge based data security architecture for sharing and analysing cyber threat information. Future Generation Computer Systems, v. 102, 2020. DOI: https://doi.org/10.1016/j.future.2019.06.026

CRIOLO-C, S. et al. Usability and Workload Evaluation of a Cybersecurity Educational Game Application: A Case Study. IEEE Access, 2024. DOI: https://doi.org/10.1109/ACCESS.2024.3352589

DERMEVAL, D.; COELHO, J.; BITTENCOURT, I. I. Mapeamento Sistemático e Revisão Sistemática da Literatura em Informática na Educação. In: Metodologia de Pesquisa Científica em Informática na Educação: Abordagem Quantitativa. Porto Alegre: SBC, 2020. p. 26. v. 2.

FLORÊNCIO, D.; HERLEY, C.; VAN OORSCHOT, P. C. Password Portfolios and the Finite-Effort User: Sustainably Managing Large Numbers of Accounts. In: USENIX Conference on Security Symposium, San Diego, 20-22 ago. 2014, p. 575-590.

FRAGA, N. Aumento de ataques cibernéticos reforça a importância do seguro cyber. Revista Apólice, 2023. Disponível em: https://revistaapolice.com.br/2023/07/aumento-de-ataques-ciberneticos-reforca-a-importancia-do-seguro-cyber/. Acesso em: 12 out. 2024.

FURNELL, S. Usable Cybersecurity: a Contradiction in Terms? [S. l.: s. n.]. 2024. DOI: https://doi.org/10.1093/iwc/iwad035

GARTNER. Gartner Forecasts Global Security and Risk Management Spending to Grow 14% in 2024. Gartner Press Releases, 2023. Disponível em: https://www.gartner.com/en/newsroom/press-releases/2023-09-28-gartner-forecastsglobalsecurity-and-risk-management-spending-to-grow-14-percent-in-2024. Acesso em: 10 out. 2024.

GORDIEIEV, O. et al. Concept of Using Eye Tracking Technology to Assess and Ensure Cybersecurity, Functional Safety and Usability. International Journal of Safety and Security Engineering, v. 11, n. 4, 2021. DOI: https://doi.org/10.18280/ijsse.110409

GORDIEIEV, O.; KHARCHENKO, V.; VERESHCHAK, K. Usable Security Versus Secure Usability: an Assessment of Attributes Interaction. [S. l.]: Banking University, National Aerospace University «KhAI», Luxoft, 2024.

HARTE, R. et al. A Human-Centered Design Methodology to Enhance the Usability, Human Factors, and User Experience of Connected Health Systems. JMIR Human Factors, v. 4, n. 1, 2017. DOI: https://doi.org/10.2196/humanfactors.5443

ISO. ISO 9241-110: Ergonomics of Human-System Interaction-Pt. 110: Interaction Principles. [S. l.]: ISO, 2020.

KALOROUMAKIS, P. E.; SMITH, M. J. Toward a Knowledge Graph of Cybersecurity Countermeasures. [S. l.]: MITRE Corporation, 2021.

KASPRZAK, W. et al. Agent-based approach to the design of a multimodal interface for cyber-security event visualisation control. Bulletin of the Polish Academy of Sciences: Technical Sciences, v. 68, n. 5, 2020. DOI: https://doi.org/10.24425/bpasts.2020.134662

KASURINEN, J. Usability Issues of Virtual Reality Learning Simulator in Healthcare and Cybersecurity. Procedia Computer Science, v. 119, 2017. DOI: https://doi.org/10.1016/j.procs.2017.11.193

KITCHENHAM, B.; CHARTERS, S. Guidelines for performing Systematic Literature Reviews in Software Engineering. EBSE Technical Report EBSE-2007-01. School of Computer Science and Mathematics, Keele, UK, 2007.

LEVAC, D.; COLQUHOUN, H.; O’BRIEN, K. K. Scoping studies: advancing the methodology. Implementation Science, v. 5, n. 1, p. 69, 2010. Disponível em: http://doi.org/10.1186/1748-5908-5-69. Acesso em: 07 fev. 2025. DOI: https://doi.org/10.1186/1748-5908-5-69

LI, Y. et al. Effectiveness and Users' Experience of Obfuscation as a Privacy-Enhancing Technology for Sharing Photos. Proceedings of the ACM on Human-Computer Interaction, v. 1 (CSCW), 2017. DOI: https://doi.org/10.1145/3134702

NIST. National Institute of Standards and Technology. Cybersecurity Framework (CSF)., abr. 2018. Disponível em: https://www.nist.gov/cyberframework. Acesso em: 12 fev. 2025.

POLLINI, A. et al. Leveraging human factors in cybersecurity: an integrated methodological approach. Cognition, Technology & Work, 2022.

SAMBIN, G. Usability of Safety Critical Applications in Enterprise Environments. 2023. Master (Degree Course in Computer Engineering) - Politecnico di Torino, 2023.

SASSE, A.; SMITH, M. The Security-Usability Tradeoff Myth. IEEE Security & Privacy, v. 14, p. 11-13, 2016. Disponível em: https://doi.org/10.1109/MSP.2016.102. Acesso em: 07 fev. 2025. DOI: https://doi.org/10.1109/MSP.2016.102

SCHNEIDER, W.; FISCHER-HÜBNER, S. Privacy-Friendly Nudging Strategies for Security and Privacy Decisions. Privacy and Identity Management. The Fairness Challenge (Springer), 2018.

SCHREPP, M.; HINDERKS, A.; THOMASCHEWSKI, J. Applying the User Experience Questionnaire (UEQ) in Different Evaluation Scenarios. Lecture Notes in Computer Science (LNCS), 2014. DOI: https://doi.org/10.1007/978-3-319-07668-3_37

SHAMUGIA, R. R. Development of the Software Application with Graphical User Interface for One Model Cyber Security. International Journal of Communications, Network and System Sciences, v. 12, 2019. Disponível em: https://doi.org/10.4236/ijcns.2019.1212014. Acesso em: 07 fev. 2025. DOI: https://doi.org/10.4236/ijcns.2019.1212014

WHITTEN, A.; TYGAR, J. Why Johnny Can’t Encrypt: A Usability Evaluation of PGP 5.0. Proceedings of the 8th USENIX Security Symposium, v. 8, p. 14, 1999.

ANÁLISIS DE LA RELACIÓN ENTRE USABILIDAD Y SEGURIDAD DE LA INFORMACIÓN: UNA REVISIÓN DE ALCANCE

Autores/as

DOI:

Palabras clave:

Resumen

Descargas

Biografía del autor/a

Referencias

Descargas

Publicado

Número

Sección

Categorías

Licencia

Cómo citar

Visitantes

Idioma

Información

Enviar un artículo

Palabras clave