View article

Academic research and existing implementations of various systems and services identify instances of conflict between security and usability. Engineering the right trade-offs between security and usability is often not an easy task. Engineering of such trade-offs is mainly reliant on developers’ skills, who are either experts in security or usability. This research aims to assist the developers in engineering the right trade-offs by proposing the use of patterns. Patterns provide benefits like means of common vocabulary, shared documentation, reuse, among others. The use of patterns can assist security and usability developers by influencing their decision-making abilities when dealing with conflicts in other but similar context of use. For the identification of such patterns, the paper presents a three-stage methodology. To instantiate the methodology, a case study was conducted whose results are also presented in the paper.