Summary: | This research is concerned with the development of a framework for the analysis and design of interfaces found in a security environment. An example of such an interface is a firewall. The purpose of this research is to use the framework as a method to improve the usability of an interface, thus aiding the user to implement the correct security features. The purpose is also to use the framework to assist in the development of trust between a user and a computer system. In this research the framework comprises six criteria which are used to analyse interfaces found in the traditional software environment, Internet banking environment and e-commerce environment. In order to develop the framework an overview of the fields of information security and human computer interfaces (HCI) is given. The overview provides background information and also establishes the existing research which has been done in these fields. Due to its popularity, the Windows Internet Connection Firewall is analysed in this research. Based on the criteria a level of trust fostered between the user and interface is calculated for the firewall. It is then shown how this level of trust can be improved by modifying the interface. A proposed interface for the firewall is presented according to the criteria. Interfaces found in the online Internet environment are discussed. This is important in order to identify the similarities and differences between traditional software interfaces and web interfaces. Due to these differences the criteria are modified to be relevant in the analysis and design of security interfaces found on the Internet. Three South African online banking websites are analysed according to the modified framework. Each interface is broken down into a number of components which are then analysed individually. The results of the analysis are compared between the three banking sites to identify the elements which make up a successful interface in an online banking environment. Lastly, three interfaces of e-commerce websites are analysed. Recommendations are made on how the interfaces can be improved, thus leading to a higher level of trust. === Labuschagne, L., Prof.
|