Patterns
- Active Warnings
- Attractive Options
- Complete Delete
- Conveying Threats & Consequences
- Create a Security Lexicon
- Create Keys When Needed
- Delayed Unrecoverable Action
- Detailed Notifications About Security
- Direct Access to UI Components
- Disable by Default
- Disable of Services
- Disclose Significant Deviations
- Distinguish Between Run and Open
- Distinguish Internal Senders
- Distinguish Security Levels
- Email-Based Identification and Authentication
- Explicit Item Delete
- Explicit User Audit
- Failing Safely
- General Notifications About Security
- Immediate Notifications
- Immediate Options
- Indirect Access to UI Components
- Informative Dialogues
- Install Before Execute
- Key Continuity Management
- Levels of Severity
- Leverage Existing Identification
- Localization of Specific Areas
- Migrate and Backup Keys
- Noticeable Contextual Indicators
- Providing Recommendations
- Quick Description of UI Components
- Redundant Notifications
- Reset to Installation
- Restricted Areas Notification
- Security Features Used by the System
- Security Features Used by the User
- Send S/MIME-Signed Email
- Separating Content
- Sequential Access to UI Components
- Suggestive Dialogues
- System’s Security Tasks
- The Absence of Indicators
- Track Received Keys
- Track Recipients
- Warn When Unsafe
Patterns are based on scientific sources.
Usable Security Pattern - Disclose Significant Deviations
Luigi Lo Iacono, Peter Nehren
January 18, 2016
Disclose Significant Deviations
| Name | Disclose Significant Deviations |
| Sources | (Garfinkel, 2005) |
| Synonyms | None |
| Context | Many programs have features that are both non-obvious and that are fundamentally different than the mental model of the person using the object. |
| Problem | Which functionalities of objects must be disclosed? |
| Solution | Inform the user when an object (software or physical) is likely to behave in a manner that is significantly different than expected. Ideally the disclosure should be made by the object’s creator. |
| Examples | For example, the program Precision Time by Gain Publishing is available in two versions: a version that is free, but which shows advertisements from the Gain Network, and a version that costs $30 but which does not display advertisements. Although these differences are made clear on the program’s home page, they are not made clear in the program’s interface once it is installed. EPCglobal has created an EPC Seal for display on products that contain certain kinds of RFID tags.  Source: (Garfinkel, 2005) |
| Implementation | An agreed-upon list of specific functionality that needs to be disclosed. Ideally, the functionality should be functions that make a program or object act in a manner that would be surprising. Standardized disclosures need to be developed. Ideally, such disclosures would include both standardized images and text. |
| Consequences | Users are alerted that there may be hidden functionality included within a program or physical object, helping to bring their mental models into alignment with reality and thereby allowing them to make decisions that are better informed. Researchers can use disclosure to gather information in the event that further regulation needs to be enacted. |
| Dependencies | None |
| Relationships | [Immediate Notifications] |
| Principles | [Consistent Meaningful Vocabulary] |
| Guidelines | None |
| Check lists | None |
| Use cases | None |
| Tags | Disclose Significant Deviations |
| Log history | [01/18/2016]: Added to repository |
References
Garfinkel, S.L., 2005. Design principles and patterns for computer systems that are simultaneously secure and usable (PhD thesis). Massachusetts Institute of Technology.