Designing Usable and Secure Software with IRIS and CAIRIS


The CAIRIS documentation explains how to use CAIRIS, but it doesn’t explain how usable and secure software should be designed. Designing Usable and Secure Software with IRIS and CAIRIS explains how CAIRIS can be used as part of the IRIS framework to design usable and secure software.

The book was written with three audiences in mind.

It was written to help practitioners, be these UX designers, security architects, or software developers, ‘build in’ security and usability. The recent update to the ACM Code of Ethics states that True security requires usability – security features are of no practical use if users cannot or will not use them. This book explains how usable and secure software can be designed with the IRIS framework, and provides real case studies where security and usability is incorporated into software designs at an early stage. This is something most people agree should be done, but few people give advice on how to do it. This book helps fill this gap.

The book also helps educators and students by providing a resource for a course on Security by Design. As explained in the preface, this book was written to support such a course at Bournemouth University, and pointers are included on how different parts of this book can support this or similar courses.

Finally, this book will help new or experienced academic researchers from any and all related fields. Just as there is no one security and usability practitioner, the topics covered in this book can be advanced only with contributions from security, usability, and software engineering researchers - preferably with researchers from these different areas working in collaboration.