Patterns
- Active Warnings
- Attractive Options
- Complete Delete
- Conveying Threats & Consequences
- Create a Security Lexicon
- Create Keys When Needed
- Delayed Unrecoverable Action
- Detailed Notifications About Security
- Direct Access to UI Components
- Disable by Default
- Disable of Services
- Disclose Significant Deviations
- Distinguish Between Run and Open
- Distinguish Internal Senders
- Distinguish Security Levels
- Email-Based Identification and Authentication
- Explicit Item Delete
- Explicit User Audit
- Failing Safely
- General Notifications About Security
- Immediate Notifications
- Immediate Options
- Indirect Access to UI Components
- Informative Dialogues
- Install Before Execute
- Key Continuity Management
- Levels of Severity
- Leverage Existing Identification
- Localization of Specific Areas
- Migrate and Backup Keys
- Noticeable Contextual Indicators
- Providing Recommendations
- Quick Description of UI Components
- Redundant Notifications
- Reset to Installation
- Restricted Areas Notification
- Security Features Used by the System
- Security Features Used by the User
- Send S/MIME-Signed Email
- Separating Content
- Sequential Access to UI Components
- Suggestive Dialogues
- System’s Security Tasks
- The Absence of Indicators
- Track Received Keys
- Track Recipients
- Warn When Unsafe
Patterns are based on scientific sources.
Usable Security Pattern - System’s Security Tasks
Luigi Lo Iacono, Peter Nehren
December 21, 2015
System’s Security Tasks
| Name | System’s Security Tasks |
| Sources | (Muñoz-Arteaga et al., 2009) |
| Synonyms | None |
| Context | The interface must inform users about the security activities realized by the system to protect confidential information during a specific transaction. These notifications must be shown avoiding complicate sentences, and the use of technical terms. |
| Problem | How to inform users about the security tasks performed by the system during an information transaction? |
| Solution | The users could be notified about the system’s security tasks by means of simple text messages without technical terms. These messages could be reinforced with images, pictures or others visual notifications. |
| Examples | Some system security tasks notifications combining text, images, and real World metaphors. Source: (Muñoz-Arteaga et al., 2009) |
| Implementation | Use simple text messages without technical terms supported by images, pictures or other visual notifications. |
| Consequences | It is possible to increase trust in a system, if the user knows the activities performed to keep secure all the confidential information. |
| Dependencies | None |
| Relationships | [Security Features Used by the System] |
| Principles | [Consistent Meaningful Vocabulary] [Expertise] |
| Guidelines | None |
| Check lists | None |
| Use cases | None |
| Tags | System’s Security Tasks, Security Features Used by the System |
| Log history | [12/21/2015]: Added to repository |
References
Muñoz-Arteaga, J., González, R.M., Martin, M.V., Vanderdonckt, J., Álvarez-Rodriguez, F., Calleros, J.G., 2009. A method to design information security feedback using patterns and hCI-security criteria, in: Computer-Aided Design of User Interfaces VI. Springer London, pp. 283–294. doi:10.1007/978-1-84882-206-1_26