Advanced search
Publication Cover
Behaviour & Information Technology Volume 36, 2017 - Issue 5
Submit an article Journal homepage
1,186
Views
15
CrossRef citations to date
0
Altmetric
Original Articles

Trading off usability and security in user interface design through mental models

Mona A. MohamedDepartment of eBusiness and Technology Management, Towson University, Towson, MD, USACorrespondence[email protected]
,
Joyram ChakrabortyDepartment of Computer and Information Sciences, Towson University, Towson, MD, USA
&
Josh DehlingerDepartment of Computer and Information Sciences, Towson University, Towson, MD, USA
Pages 493-516 | Received 26 Oct 2015, Accepted 16 Nov 2016, Published online: 07 Dec 2016

References

  • Abawajy, J. 2014. “User Preference of Cyber Security Awareness Delivery Methods.” Behaviour & Information Technology 33 (3): 237–248.
  • Abubaker, H., K. Salah, H. AI-Muhairi, and A. Bentiba. 2015. “Cloud-based Arabic reCAPTCHA Service: Design and Architecture.” 2015 IEEE/ACS 12th International Conference of Computer Systems and Applications (AICCSA), Marrackech, 1–6.
  • Adebanjo, D., and D. Kehoe. 1998. “An Evaluation of Quality Culture Problems in UK Companies.” International Journal of Quality Science 3 (3): 275–286. doi: 10.1108/13598539810370486
  • Ahn, L., B. Maurer, C. McMillen, D. Abraham, and M. Blum. 2008. “reCAPTCHA: Human-based Character Recognition via Web Security Measures.” Science 321 (5895): 1465–1468. doi: 10.1126/science.1160379
  • Ahrama, T., W. Karwowskia, and B. Amaba. 2011. “Collaborative Systems Engineering and Social-Networking Approach to Design and Modelling of Smarter Products.” Behaviour & Information Technology 30 (1): 13–26. doi: 10.1080/0144929X.2010.490957
  • Ajjana, H., R. Hartshorne, Y. Caoc, and M. Rodriguez. 2014. “Continuance Use Intention of Enterprise Instant Messaging: A Knowledge Management Perspective.” Behaviour & Information Technology 33 (7): 678–692. doi: 10.1080/0144929X.2014.886722
  • Al-Alawi, A. I., N. Y. Al-Marzooqi, and Y. F. Mohammed. 2007. “Organizational Culture and Knowledge Sharing: Critical Success Factors.” Journal of Knowledge Management 11 (2): 22–42. doi: 10.1108/13673270710738898
  • Aldridge, A., M. White, and K. Forcht. 1997. “Security Considerations of Doing Business via the Internet: Cautions to be Considered.” Internet Research: Electronic Networking Applications and Policy 7 (1): 9–15. doi: 10.1108/10662249710159809
  • Aljahdali, H., and R. Poet. 2014. “Challenge Set Designs and User Guidelines for Usable and Secured Recognition-based Graphical Passwords.” IEEE 13th International Conference on Trust, Security and Privacy in Computing and Communications, Beijing, 973–982.
  • Ashley, K., K. Brandon, and T. Cates. 2014. “Drivers of Student Retention: System Availability, Privacy, Value and Loyalty in Online Higher Education.” Academy of Educational Leadership Journal 18 (6): 1–15.
  • Baker, P. 1998. “Mental Model and Lifelong Learning.” Innovations in Education & Training International 35 (4): 310–318. doi: 10.1080/1355800980350406
  • Baker, W., and L. Wallace. 2007. “Information Security under Control? Investigating Quality in Information Security Management.” IEEE Security and Privacy Magazine 5 (1): 36–44. doi: 10.1109/MSP.2007.11
  • Banday, M., and N. Shah. 2009. “A Study of CAPTCHAs for Securing Web Services.” International Journal of Secure Digital Information Age 1 (2): 66–74.
  • Bassellier, G., B. Reich, and I. Benbasat. 2001. “Information Technology Competence of Business Managers: A Definition and Research Model.” Journal of Management Information Systems 17 (4): 159–182.
  • Ben-Asher, N., J. Meyer, S. Möller, and R. Englert. 2009. “An Experimental System for Studying the Tradeoff Between Usability and Security.” International Conference on Availability, Reliability and Security, Fukuoka, 882–887.
  • Bevan, N. 2001. “International Standards for HCI and Usability.” International Journal of Human Computer Studies 55 (4): 533–552. doi: 10.1006/ijhc.2001.0483
  • Bo, W., Y. Zhang, X. Hong, H. Sun, and X. Huang. 2014. “Usable Security Mechanisms in Smart Building.” 17th International Conference on Computational Science and Engineering, Chengdu, 748–753.
  • Bravo-Lillo, C., L. F. Cranor, J. S. Downs, and S. Komanduri. 2011. “Bridging the Gap in Computer Security Warnings: A Mental Model Approach.” Security & Privacy 9 (2): 18–26. doi: 10.1109/MSP.2010.198
  • Braz, C., A. Seffah, and D. M’Raihi. 2007. “Designing a Trade-off Between Usability and Security: A Metrics Based-Model.” Human-Computer Interaction – INTERACT 2007: Lecture Notes in Computer Science 4663, 114–126.
  • Brazier, F. M. T., L. V. Moshkina, and N. J. E. Wijngaards. 2001. “Knowledge Level Model of an Individual Designer as an Agent in Collaborative Distributed Design.” Journal of Artificial Intelligence in Engineering 15 (2): 137–152. doi: 10.1016/S0954-1810(01)00012-7
  • Brothers, L., J. Hollan, J. Nielsen, S. Stornetta, S. Abney, G. Furnas, & M. Littman. 1992. Supporting Informal Communication Via ephemeral Interest Groups. Paper presented at the Conference Computer-Supported Cooperative Work, Toronto, Canada.
  • Bulgurcu, B., H. Cavusoglu, and I. Benbasat. 2010. “Information Security Policy Compliance: an Empirical Study of Rationality-based Beliefs and Information Security Awareness.” MIS Quarterly 34 (3): 523–548.
  • Bushma, A. V. 2010. “Information Security for Optoelectronic Ergatic System.” Semiconductor Physics, Quantum Electronics & Optoelectronics 13 (2): 170–172.
  • Çakir, A. E. 2002. “Virtual Communities – A Virtual Session on Virtual Conferences.” Behaviour & Information Technology 21 (5): 365–371. doi: 10.1080/0144929021000048439
  • Camp, J. 2009. “Mental Models of Privacy and Security.” IEEE Technology and Society Magazine 28 (3): 37–46. doi: 10.1109/MTS.2009.934142
  • Carroll, J. 2006. “Dimensions of Participation in Simon’s Design.” Design Issues 22 (2): 3–18. doi: 10.1162/desi.2006.22.2.3
  • Carroll, J., and P. Mcelellan. 1971. “The Data Security Environment of Canadian Resource-Sharing Systems.” Canadian Journal of Operational Research and Information Processsing 9 (1): 58–68. doi: 10.1080/03155986.1971.11731460
  • Carroll, J. M., and M. B. Rosson. 2003. “A Trajectory for Community Networks.” The Information Society 19: 381–393. doi: 10.1080/714044685
  • Chan, M. T., and L. F. Kwok. 2001. “Integrating Security Design into the Software Development Process for E-Commerce Systems.” Information Management & Computer Security 9 (3): 112–122. doi: 10.1108/09685220110394758
  • Chang, S. E., and C.-S. Lin. 2007. “Exploring Organizational Culture for Information Security Management.” Industrial Management & Data Systems 107 (3): 438–458. doi: 10.1108/02635570710734316
  • Chao, C.-J., G. Salvendy, and N. Lightner. 1999. “Development of a Methodology for Optimizing Elicited Knowledge.” Behaviour & Information Technology 18 (6): 413–430. doi: 10.1080/014492999118841
  • Charles, K. A. 2004. “Decoy Systems: A New Player in Network Security and Computer Incident Response.” International Journal of Digital Evidence 2 (3): 1–9.
  • Chen, T. M. 2009. “Information Security and Risk Management.” In Encyclopedia of Multimedia Technology and Networking, edited by M. Pagani. Hershey, PA: Idea Group.
  • Chowdhury, S., R. Poet, and L. Mackenzie. 2014. “A Study of Mnemonic Image Passwords.” Twelfth Annual Conference on Privacy, Security and Trust (PST), Toronto, ON, 207–214.
  • Costas, L. 2000. “Smart Card Technology for Deploying a Secure Information Management Framework.” Information Management & Computer Security 8 (4): 173–183. doi: 10.1108/09685220010344925
  • Coursaris, C., and D. Kim. 2011. “A Meta-Analytical Review of Empirical Mobile Usability Studies.” Journal of Usability Studies 6 (3): 117–171.
  • Cranor, L. F. 2008. “A Framework for Reasoning about the Human in the Loop.” 1st Conference on Usability, Psychology, and Security, San Francisco, CA, 1–15.
  • Crespo, B. G.-N. 2013. “User Interface Harmonization for IT Security Management.” Eighth International Conference on Availability, Reliability and Security (ARES), Regensburg, 829–835.
  • Damodaran, L., and W. Olphert. 2000. “Barriers and Facilitators to the Use of Knowledge Management Systems.” Behaviour & Information Technology 19 (6): 405–413. doi: 10.1080/014492900750052660
  • Damondaran, L. 1998. “Development of a User-Centred IT Strategy: A Case Study.” Behaviour & Information Technology 17 (3): 127–134. doi: 10.1080/014492998119472
  • Davenport, T., and L. Prusak. 2000. Working Knowledge: How Organizations Manage What They Know. Boston, MA: Harvard Business School Press.
  • David, M. M. 2000. “Knowledge Objects and Mental Models.” International Workshop on Advanced Learning Technologies Proceedings, Palmerston North, 244–246.
  • Davidson, E. E., B. McCredie, and W. Vikelis. 1994. IBM Dictionary of Computing. Edited by G. McDaniel. 10th ed. New York, NY: McGraw-Hill.
  • DeWitt, A. J., and J. Kuljis. 2006. “Aligning Usability and Security: A Usability Study of Polaris.” Soups ‘06 Proceedings of the Second Symposium on Usable Privacy and Security, Pittsburgh, PA, 1–7.
  • Dinev, T., and Q. Hu. 2007. “The Centrality of Awareness in the Formation of User Behavioral Intention toward Protective Information Technologies.” Journal of The Association for Information Systems 8 (7): 386–408.
  • Doddrell, G. R. 1995. “Security Environment Reviews.” Information Management & Computer Security 3 (4): 3–14. doi: 10.1108/09685229510097250
  • Doll, W. J., X. Deng, T. S. Raghunathan, G. Torkzadeh, and W. Xia. 2004. “The Meaning and Measurement of User Satisfaction: A Multigroup Invariance Analysis of the End-User Computing Satisfaction Instrument.” Journal of Management Information System 21 (1): 227–262.
  • El-Tayeh, A., N. Gil, and J. Freeman. 2008. “A Methodology to Evaluate the Usability of Digital Socialization in “Virtual” Engineering Design.” Research in Engineering Design 19: 29–45. doi: 10.1007/s00163-007-0037-7
  • Faily, S. 2011. “A Framework for Usable and Secure System Design.” PhD diss., University of Oxford, Oxford, England.
  • Fikre, Z., and A. Mostefaoui. 2012. “Caching for Data Availability in Mobile P2P Streaming Systems.” 2012 International Conference on Selected Topics in Mobile & Wireless Networking, 48–53.
  • Filipowski, T., P. Kazienko, P. Bródka, and T. Kajdanowicz. 2012. “Web-based Knowledge Exchange Through Social Links in the Workplace.” Behaviour & Information Technology 31 (8): 779–790. doi: 10.1080/0144929X.2011.642895
  • Fisher, R., and S. Z. Chu. 2009. “Initial Online Trust Formation: The Role of Company Location and web Assurance.” Managerial Auditing Journal 24 (6): 542–563. doi: 10.1108/02686900910966521
  • Fitzgerald, K. J. 1995. “Security and Data Integrity for LANs and WANs.” Information Management & Computer Security 3 (4): 27–33. doi: 10.1108/09685229510097287
  • Flechais, I., C. Mascolo, and M. A. Sasse. 2007. “Integrating Security and Usability into the Requirements and Design Process.” International Journal of Electronic Security and Digital Forensics 1 (1): 12–26. doi: 10.1504/IJESDF.2007.013589
  • Forget, A., S. Chiasson, P. C. V. Oorschot, and R. Biddle. 2008. “Persuasion for Stronger Passwords: Motivation and Pilot Study.” Persuasive Technology: Lecture Notes in Computer Science 5033: 140–150. doi: 10.1007/978-3-540-68504-3_13
  • Gao, H., X. Wang, F. Cao, Z. Zhang, L. Lei, J. Qi, and X. Liu. 2016. “Robustness of Text-based Completely Automated Public Turing Test to Tell Computers and Humans Apart.” IET Information Security 10 (1): 45–52. doi: 10.1049/iet-ifs.2014.0381
  • Garrett, S., and B. Caldwell. 2002. “Describing Functional Requirements for Knowledge Sharing Communities.” Behaviour & Information Technology 21 (5): 359–364. doi: 10.1080/0144929021000050265
  • Gerami, M. 2010. “Knowledge Management.” International Journal of Computer Science and Information Security 7 (2): 234–238.
  • Gillan, D. J., B. S. Fogas, S. Aberasturi, and S. Richards. 1995. “Cognitive Ability and Computing Experience Influence Interpretation of Computer Metaphors.” The Human Factors and Ergonomics Society 39th Annual Meeting, Santa Monica, CA, 243–247.
  • González, R. M., M. V. Martin, J. M. Arteaga, FJÁ Rodríguez, C. A. Ochoa, and O. Zezzatti. 2009. “Web Service-Security Specification Based on Usability Criteria and Pattern Approach.” Journal of Computers 4 (8): 705–712. doi: 10.4304/jcp.4.8.705-712
  • Graham, J., L. Zheng, and C. Gonzalez. 2006. “A Cognitive Approach to Game Usability and Design: Mental Model Development in Novice Real-Time Strategy Gamers.” Cyberpychology and Behavior 9 (3): 361–366. doi: 10.1089/cpb.2006.9.361
  • Grobauer, B., T. Walloschek, and S. E. Stöcker. 2011. “Understanding Cloud Computing Vulnerabilities.” IEEE Security & Privacy Magazine 9 (2): 50–57. doi: 10.1109/MSP.2010.115
  • Gu, X., and Y. Shi. 2008. “The Match of Implementation Model and Mental Model in Interactive Design.” 9th International Conference on Computer-Aided Industrial Design and Conceptual Design, Kunming, 255–258.
  • Hanmer, R. S., D. T. McBride, and V. B. Mendiratta. 2007. “Comparing Reliability and Security: Concepts, Requirements, and Techniques.” Journal Bell Labs Technical Journal – Information Technology/Network Security Archive 12 (3): 65–78. doi: 10.1002/bltj.20250
  • Hashim, N., and A. B. M. Sultan. 2009. “Knowledge Management and Usability Model for Knowledge: Management System.” Computer and Information Science 2 (3): 166–175. doi: 10.5539/cis.v2n3p166
  • Herbig, P., and S. Dunphy. 1998. “Culture and Innovation.” Cross Cultural Management: An International Journal 5 (4): 13–21. doi: 10.1108/13527609810796844
  • Hillena, F., and B. Höfleb. 2015. “Geo-reCAPTCHA: Crowdsourcing Large Amounts of Geographic Information from Earth Observation Data.” International Journal of Applied Earth Observation and Geoinformation 40: 29–38. doi: 10.1016/j.jag.2015.03.012
  • Houmb, S. H., S. Islam, E. Knauss, J. Jürjens, and K. Schneider. 2010. “Eliciting Security Requirements and Tracing them to Design an Integration of Common Criteria, Heuristics, and UMLsec.” Requirements Engineering 15: 63–93. doi: 10.1007/s00766-009-0093-9
  • Hsieh, C.-C., and Z.-Y. Wu. 2013. “Anti-SIFT Images Based CAPTCHA Using Versatile Characters.” 2013 International Conference on Information Science and Applications (ICISA), Suwon, 1–4.
  • Huang, D.-L., P.-L. P., Rau, & G. Salvendy. 2010. “Perception of Information Security.” Behaviour & Information Technology 29 (3): 221–232.
  • Hung, S.-Y., H.-M. Laia, and W.-W. Chang. 2011. “Knowledge-Sharing Motivations Affecting R&D Employees’ Acceptance of Electronic Knowledge Repository.” Behaviour & Information Technology 30 (2): 213–230. doi: 10.1080/0144929X.2010.545146
  • Hyun, K. S., Q.-H. Wang, and J. B. Ullrich. 2012. “A Comparative Study of Cyberattacks.” Communications of the ACM 55 (3): 66–73. doi: 10.1145/2093548.2093568
  • Imgraben, J., A. Engelbrecht, and K.-K. R. Choo. 2014. “Always Connected, But are Smart Mobile Users Getting More Security Savvy? A Survey of Smart Mobile Device Users.” Behaviour & Information Technology 33 (12): 1347–1360. doi: 10.1080/0144929X.2014.934286
  • Irvine, C., T. Leven, J. W. Wilson, D. Shifflett, and B. Pereira. 2002. “An Approach to Security Requirements Engineering for High Assurance System.” Requirements Engineering 7: 192–206. doi: 10.1007/s007660200015
  • ISO. 1998. Ergonomic Requirements for Office Work with Visual Display Terminals (VDT), ISO 9241-11: Part 11: Guidance on Usability. ISO ICS: 13.180; 35.180, 22.
  • ISO/IEC. 2006. Medical Device Software – Software Life Cycle Processes ISO/IEC Geneva, Switzerland. IEC 62304:2006(E), 11.
  • Jain, S., and B. Sivaselvan. 2012. “Usability Aspects of HCI in the Design of CAPTCHAs.” IEEE International Conference on Computational Intelligence & Computing Research (ICCIC), Coimbatore, 1–4.
  • Jansson, K., and R. von Solms. 2013. “Phishing for Phishing Awareness.” Behaviour & Information Technology 32 (6): 584–593. doi: 10.1080/0144929X.2011.632650
  • Johannessen, J.-A., J. Olaisen, and B. Olsen. 2002. “Aspects of a Systemic Philosophy of Knowledge: From Social Facts to Data, Information and Knowledge.” Kybernetes 31 (7/8): 1099–1120. doi: 10.1108/03684920210436363
  • Jonas, G. A., and C. S. Norman. 2011. “Textbook Websites: User Technology Acceptance Behaviour.” Behaviour & Information Technology 30 (2): 147–159. doi: 10.1080/01449290903353021
  • Jøsang, A., B. AlFayyadh, T. Grandison, M. AlZomai, and J. McNamara. 2000. “Security Usability Principles for Vulnerability Analysis and Risk Assessment.” Twenty-Third Annual Computer Security Applications Conference, Miami Beach, FL, 269–278.
  • Jøsang, A., B. AlFayyadh, T. Grandison, M. AlZomai, and J. McNamara. 2007. “Security Usability Principles for Vulnerability Analysis and Risk Assessment.” Twenty-Third Annual Computer Security Applications Conference, Miami Beach, FL, 269–278.
  • Joshi, J. B. D., W. G. Aref, A. Ghafoor, and E. H. Spafford. 2001. “Security Models for Web-based Applications.” Communications of the ACM 44 (2): 38–44. doi: 10.1145/359205.359224
  • Kahraman, G., and S. Bilgen. 2015. “A Framework for Qualitative Assessment of Domain-Specific Languages.” Software System Model 14: 1505–1526. doi: 10.1007/s10270-013-0387-8
  • Kainda, R., I. Flechais, and A. W. Roscoe. 2010. “Security and Usability: Analysis and Evaluation.” ARES ‘10 International Conference on Availability, Reliability, and Security, Krakow, 275–282.
  • Kaipa, P. 2000. “Knowledge Architecture for the Twenty-First Century.” Behaviour & Information Technology 19 (3): 153–161. doi: 10.1080/014492900406146
  • Ka-Ping, Y. 2004. “Aligning Security and Usability.” IEEE Security & Privacy Magazine 2 (5): 48–55. doi: 10.1109/MSP.2004.64
  • Karat, C.-M., C. Brondie, and J. Karat. 2006. “Usable Privacy and Security for Personal Information Management.” Communications of the ACM 49 (1): 56–57. doi: 10.1145/1107458.1107491
  • Karray, F., M. Alemzadeh, J. Abou-Saleh, and M. N. Arab. 2008. “Human-Computer Interaction: Overview on State of the Art.” International Journal On Smart Sensing and Intelligent Systems 1 (1): 137–159.
  • Kennedy, D. M. 2011. “Team Creative Processes: The Importance of Complementary and Shared Mental Models.” 44th Hawaii International Conference on System Sciences (HICSS), Kauai, HI, 1–10.
  • Khansa, L., and D. Liginlal. 2009. “Quantifying the Benefits of Investing in Information Security.” Communications of the ACM 52 (11): 113–118. doi: 10.1145/1592761.1592789
  • Khelifi, A., and W. Suryn. 2003. “Usability Meanings and Interpretations in ISO Standards.” Software Quality Journal 11: 325–338. doi: 10.1023/A:1025869312943
  • Kim, S., K. Sekiyama, and T. Fukuda. 2009. “User-Adaptive Interface Based on Mental Model and Symbol Matching.” IEEE/ASME International Conference on Advanced Intelligent Mechatronics, Singapore, 457–462.
  • Kiziloz, H., and K. Bicakci. 2015. “Towards Making Accessible Human-Interaction Proofs More Secure and Usable.” 2015 IEEE Symposium on Computers and Communication (ISCC), Larnaca, 607–612.
  • Komlodi, A., and D. Soergel. 2002. “Attorneys Interacting with Legal Information Systems: Tools for Mental Model Building and Task Integration.” The Proceedings of the American Society For Information Science And Technology 39 (1): 152–163. doi: 10.1002/meet.1450390117
  • Kwok, L.-F. 1997. “Hypertext Information Security Model for Organizations.” Information Management & Computer Security 5 (4): 138–148. doi: 10.1108/09685229710184512
  • Langan-Fox, J., C. Platania-Phung, and J. Waycott. 2006. “Effects of Advance Organizers, Mental Models and Abilities on Task and Recall Performance Using a Mobile Phone Network.” Applied Cognitive Psychology 20: 1143–1165. doi: 10.1002/acp.1258
  • Law, E. L.-C., B. J. Blazic, and M. Pipan. 2007. “Analyses of User Rationality and System Learnability: Performing Task Variants in User Tests.” Behaviour & Information Technology 26 (5): 421–436. doi: 10.1080/01449290500484559
  • Lederer, S., J. I. Hong, A. K. Dey, and J. A. Landay. 2004. “Personal Privacy Through Understanding and Action Five Pitfalls for Designers.” Personal and Ubiquitous Computing 8: 440–454. doi: 10.1007/s00779-004-0304-9
  • Lei, T., Y. Yang, and Y. Zhang. 2006. “The Usability of Multimedia Interface Based on User’s Mental Models.” The 16th International Conference on Artificial Reality and Telexistence, Hangzhou, 168–173.
  • Li, L., E. Berki, M. Helenius, and S. Ovaska. 2014. “Towards a Contingency Approach with Whitelist- and Blacklist-based Anti-phishing Applications: What do Usability Tests Indicate?” Behaviour & Information Technology 33 (11): 1136–1147. doi: 10.1080/0144929X.2013.875221
  • Li, C., A. Raghunathan, and N. K. Jha. 2010. “A Secure User Interface for Web Applications Running Under an Untrusted Operating System.” The 10th IEEE International Conference on Computer and Information Technology (CIT 2010), Bradford, 865–870.
  • Liddy, C., and A. Sturgeon. 1999. “The Evolution of Certificate Model Architecture.” Information Management & Computer Security 7 (2): 95–100. doi: 10.1108/09685229910265547
  • Lin, H.-F. 2007. “Knowledge Sharing and Firm Innovation Capability: An Empirical Study.” International Journal of Manpower 28 (3/4): 315–332. doi: 10.1108/01437720710755272
  • Lindman, J., M. Rossi, and V. K. Tuunainen. 2013. “Open Data Services: Research Agenda.” 46th Hawaii International Conference on System Sciences, Wailea, Maui, HI, 1239–1246.
  • Lineberry, S. 2007. “The Human Element: The Weakest Link in Information Security.” Journal of Accountancy 204 (5): 44–47.
  • Liu, F., and X. Li. 2011. “Using Metadata to Maintain Link Integrity for Linked Data.” IEEE international Conferences on Internet of Things, and Cyber, Physical and Social Computing, Dalian, 432–437.
  • Ma, Q., A. Johnston, and M. Pearson. 2008. “Information Security Management Objectives and Practices: A Parsimonious Framework.” Information Management & Computer Security 16 (3): 251–270. doi: 10.1108/09685220810893207
  • Mariano, S., and A. Casey. 2007. “The Process of Knowledge Retrieval: A Case Study of an American High-technology Research, Engineering and Consulting Company.” VINE: Journal of Information and Knowledge Management Systems 37 (3): 314–330. doi: 10.1108/03055720710825636
  • McDougall, S. J. P., M. B. Curry, and O. de Bruijn. 2001. “The Effects of Visual Information on Users’ Mental Models: An Evaluation of Pathfinder Analysis as a Measure of Icon Usability.” International Journal Of Cognitive Ergonomics 5 (1): 59–84. doi: 10.1207/S15327566IJCE0501_4
  • Metaxiotis, K., K. Ergazakis, and J. Psarras. 2005. “Exploring the World of Knowledge Management: Agreements and Disagreements in the Academic/Practitioner Community.” Journal of Knowledge Management 9 (2): 6–18. doi: 10.1108/13673270510590182
  • Mihajlov, M., Blažič, B. J., and Josimovski, S. 2011. “Quantifying Usability and Security in Authentication.” 35th IEEE Annual Computer Software and Applications Conference. Munich, 626–629.
  • Mihajlov, M., S. Josimovski, and B. Jerman-Blazič. 2011. “A Conceptual Framework for Evaluating Usable Security in Authentication Mechanisms – Usability Perspectives.” 5th International Conference on Network and System Security (NSS), 332–336.
  • Milne, P. 2007. “Motivation, Incentives and Organisational Culture.” Journal of Knowledge Management 11 (6): 28–38. doi: 10.1108/13673270710832145
  • Mitrakas, A. 2006. “Information Security and Law in Europe: Risks Checked?” Information & Communications Technology Law 15 (1): 33–53. doi: 10.1080/13600830600557984
  • Mohamed, M. S. 2008. “The “Continuumization” of Knowledge Management Technology.” VINE: The Journal of Information and Knowledge Management Systems 38 (2): 167–173. doi: 10.1108/03055720810889806
  • Molich, R., and J. Nielsen. 1990. “Improving a Human-Computer Dialogue.” Communications of the ACM 33 (3): 338–348. doi: 10.1145/77481.77486
  • Moody, J., J. E. Blanton, and M. A. Augustine. 1996. “Enhancing End-User Mental Models of Computer Systems through the Use of Animation.” The 29th Annual Hawaii International Conference on System Sciences, Wailea, HI, 299–307.
  • Moraga, M. A., C. Calero, M. Piattini, and O. Diaz. 2007. “Improving a Portlet Usability Model.” Software Quality Journal 15: 155–177. doi: 10.1007/s11219-006-9008-x
  • Mylonakis, J., and M. Malioukis. 2010. “Identifying and Managing Enterprise Security Risks in Online Business Convergence Environments.” Business Management & Strategy 1 (1): 1–8. doi: 10.5296/bms.v1i1.350
  • Nielsen, J. 1989. “What do Users Really Want?” Internaional Journal of Human-Computer Interaction 1 (2): 137–147. doi: 10.1080/10447318909525962
  • Nielsen, J. 1990a. “A Meta-Model for Interacting with Computers.” Interacting with Computers 2 (2): 147–160. doi: 10.1016/0953-5438(90)90020-I
  • Nielsen, J. 1990b. “Traditional Dialogue Design Applied to Modern User Interfaces.” Communications of the ACM 33 (10): 109–118. doi: 10.1145/84537.84559
  • Nielsen, J. 1992. “The Usability Engineering Life Cycle.” IEEE Computer 25 (3): 12–22. doi: 10.1109/2.121503
  • Nielsen, J. 1993. “Iterative User Interface Design.” IEEE Computer 26 (11): 32–41. doi: 10.1109/2.241424
  • Nielsen, J. 1994. “Enhancing the Explanatory Power of Usability Heuristics.” Proceedings of the CHI’94 Conference, Boston, MA, 152–158.
  • Nielsen, J. 1997. “The Use and Misuse of Focus Groups.” IEEE Software 14 (1): 94–95. doi: 10.1109/52.566434
  • Nielsen, J., and J. Levy. 1994. “Measuring Usability – Preference vs. Performance.” Communications of the ACM 37 (4): 66–75. doi: 10.1145/175276.175282
  • Nielsen, J., and V. L. Phillips. 1993. “Estimating the Relative Usability of Two Interfaces: Heuristic, Formal, and Empirical Methods Compared.” Proceedings of ACM INTERCHI ‘93 Conference, Amsterdam, the Netherlands, 214–221.
  • Nonaka, I., and H. Takeuchi. 1995. The Knowledge-Creating Company: How Japanese Companies Create the Dynamics of Innovation. New York: Oxford University Press, xii, 284.
  • Olalere, A., J. H. Feng, J. Lazar, and T. Brooks. 2014. “Investigating the Effects of Sound Masking on the use of Audio CAPTCHAs.” Behaviour & Information Technology 33 (9): 919–928. doi: 10.1080/0144929X.2014.898793
  • Olaverri-Monreal, C., and J. Goncalves. 2014. “Collaborative System to Investigate Mental Models: The Information Architecture Automatic Tool (IAAT).” International Conference on Collaboration Technologies and Systems (CTS), Minneapolis, MN, 616–621.
  • Paivio, A. 1991. “Dual Coding Theory: Retrospect and Current Status.” Canadian Journal of Psychology/Revue Canadienne de Psychologie 45 (3): 255–287. doi: 10.1037/h0084295
  • Peltier, T. R. 2006. “Social Engineering: Concepts and Solutions.” Information Systems Security 15 (5): 13–21. doi: 10.1201/1086.1065898X/46353.15.4.20060901/95427.3
  • Polanyi, M. 1958. Personal Knowledge: Towards A Post-critical Philosophy. London: Routledge and Kegan Paul.
  • Potter, T. C. 2012. “ An Evaluation Methodology for the Usability and Security of Cloud-based File Sharing Technologies.” Master of Science in Information Technology Management, Naval Postgraduate School.
  • Puerta-Melguizo, M. C., C. Chisalita, and G. C. Van der Veer. 2002. “Assessing Users Mental Models in Designing Complex Systems.” International Conference on Systems, Man and Cybernetics, 7.
  • Raja, F., K. Hawkey, S. Hsu, K.-L. Wang, and K. Benznosov. 2011. “A Brick Wall, A Locked Door, and A Bandit: A Physical Security Metaphor for Firewall Warnings SOUPS.” 11 Proceedings of the Seventh Symposium on Usable Privacy and Security, Pittsburgh, PA, 1–20.
  • Ratnasingham, P., and P. Swatman. 1997. “EDI Security: A Model of EDI Risks and Associated Controls.” Information Management & Computer Security 5 (2): 63–71. doi: 10.1108/09685229710182848
  • Renaud, K. 2003. “Quantifying the Quality of Web Authentication Mechanisms a Usability Perspective.” Journal of Web Engineering 3 (2): 95–123.
  • Renaud, K., and A. De Angeli. 2004. “My Password is Here! An Investigation into Visuo-Spatial Authentication Mechanisms.” Interacting with Computers 16 (6): 1017–1041.
  • Reza, S., S. Beheshti, and P. Liatsis. 2015. “How Humans Can Help Computers to Solve an Artificial Problem?” International Conference on Systems, Signals and Image Processing (IWSSIP), London, 291–294.
  • Richert, A. 1999. “An Evaluation of Quality Culture Problems in UK Companies.” Industrial and Commercial Training 31 (7): 267–271. doi: 10.1108/00197859910301971
  • Riedinger, J. 2008. “Using an Applied Learning Centre as a Vehicle for Culture Change.” The Journal of Information and Knowledge Management Systems 38 (1): 95–103.
  • Rook, F. W., and M. L. Donnell. 1993. “Human Cognition and the Expert System Interface: Mental Models and Inference Explanations.” IEEE Transactions On Systems, Man, And Cybernetics 23 (9): 1649–1661. doi: 10.1109/21.257760
  • Ruggles, R. 1998. “The State of the Notion: Knowledge Management in Practice.” California Management Review 40 (3): 80–89. doi: 10.2307/41165944
  • Rukšènas, R., P. Curzon, and A. Blandford. 2008. “Modelling and Analysing Cognitive Causes of Security Breaches.” Innovations in Systems and Software Engineering 4: 143–160. doi: 10.1007/s11334-008-0050-7
  • Sae-Bae, N., N. Memon, K. Isbister, and K. Ahmed. 2014. “Multitouch Gesture-based Authentication.” IEEE Transactions On Information Forensics And Security 4 (9): 568–583. doi: 10.1109/TIFS.2014.2302582
  • Sahar, F. 2013. “Tradeoffs Between Usability and Security.” IACSIT International Journal of Engineering and Technology 5 (4): 434–437. doi: 10.7763/IJET.2014.V5.591
  • Saltzer, J. H., and M. D. Schroeder. 1975. “The Protection of Information in Computer Systems.” Proceedings of the IEEE 63: 1278–1308. doi: 10.1109/PROC.1975.9939
  • Santos, O., and J. Boticario. 2015. “User-Centred Design and Educational Data Mining Support During the Recommendations Elicitation Process in Social Online Learning Environments.” Expert Systems 32 (2): 293–311. doi: 10.1111/exsy.12041
  • Sasse, M. A., S. Brostoff, and D. Weirich. 2001. “Transforming the ‘Weakest Link’ — A Human/Computer Interaction Approach to Usable and Effective Security.” BT Technology Journal 19 (3): 122–131. doi: 10.1023/A:1011902718709
  • Schreuders, Z. C., T. J. McGill, and C. Payne. 2012. “Towards Usable Application-Oriented Access Controls: Qualitative Results from A Usability Study of SELinux, AppArmor and FBAC-LSM.” International Journal of Information Security and Privacy 6 (1): 57–76. doi: 10.4018/jisp.2012010104
  • Schultz, E. E., R. W. Proctor, M.-C. Lien, and G. Salvendy. 2001. “Usability and Security An Appraisal of Usability Issues in Information Security Methods.” Computers & Security 20 (7): 620–634. doi: 10.1016/S0167-4048(01)00712-X
  • Scott, B., and D. Keyworth. 1998. “ Initiating a Process Approach to Change Integration.” GartnerGroup Washington, DC, USA DF-05-1855.
  • Scottberg, B., W. Yurcik, and D. Doss. 2002. “Internet Honeypots: Protection or Entrapment?” International Symposium on Technology and Society, 387–391.
  • Senge, P. M. 1990. The Fifth Discipline: The art and Practice of the Learning Organization. New York, NY: Doubleday/Currency.
  • Seyal, A. H., and R. Turner. 2013. “A Study of Executives’ Use of Biometrics: An Application of Theory of Planned Behaviour Service Quality.” Behaviour & Information Technology 32 (12): 1242–1256. doi: 10.1080/0144929X.2012.659217
  • Shneiderman, B., and H. Hochheiser. 2001. “Universal Usability as a Stimulus to Advanced Interface Design.” Behaviour & Information Technology 20 (5): 367–376. doi: 10.1080/01449290110083602
  • Shum, B. 1998. “Evolving the Web for Scientific Knowledge: First Steps Towards an 'HCI Knowledge Web'.“ Interfaces, British HCI Group Magazine 39: 16–21.
  • Sivakorn, S., I. Polakis, and A. Keromytis. 2016. “I Am Robot: (Deep) Learning to Break Semantic Image CAPTCHAs.” 2016 IEEE European Symposium on Security and Privacy, Saarbrucken, 388–403.
  • Skovira, R. J. 2007. “Framing the Corporate Security Problem: The Ecology of Security.” Issues in Informing Science and Information Technology 4: 45–53.
  • Spicer, D. P. 1998. “Linking Mental Models and Cognitive Maps as an Aid to Organisational Learning.” Career Development International 3 (3): 125–132.
  • Stary, C. 2014. “Non-disruptive Knowledge and Business Processing in Knowledge Life Cycles – Aligning Value Network Analysis to Process Management.” Journal of Knowledge Management 18 (4): 651–686. doi: 10.1108/JKM-10-2013-0377
  • Stibel, J. M. 2005. “Mental Models and Online Consumer Behaviour.” Behaviour & Information Technology 24 (2): 147–150. doi: 10.1080/01449290512331321901
  • Strachan, A. 1996. “Managing Transformational Change: The Learning Organization and Teamworking.” Team Performance Management 2 (2): 32–40.
  • Sun, D.-W., G.-R. Chang, L.-Z. Jin, and X.-W. Wang. 2012. “Modeling a Dynamic Data Replication Strategy to Increase System Availability in Cloud Computing Environments.” Journal of Computer Science and Technology 27 (2): 256–272. doi: 10.1007/s11390-012-1221-4
  • Talhi, C., D. Mouheb, V. Lima, M. Debbabi, L. Wang, and M. Pourzandi. 2002. “Usability of Security Specification Approaches for UML Design: A Survey.” The Journal of Object Technology 8 (6): 103–122. doi: 10.5381/jot.2009.8.6.a1
  • Tam, L., M. Glassmana, and M. Vandenwauverb. 2010. “The Psychology of Password Management: A Tradeoff Between Security and Convenience.” Behaviour & Information Technology 29 (3): 233–244. doi: 10.1080/01449290903121386
  • Theofanos, M. 2007. “ Common Industry Specification for Usability – Requirements.” National Institute of Standards and Technology Washington, DC NISTIR 7432.
  • Thomas, D. M., and R. P. Bostrom. 2007. “The Role of A Shared Mental Model of Collaboration Technology in Facilitating Knowledge Work in Virtual Teams.” The 40th Hawaii International Conference on System Sciences, Waikoloa, HI, 1–8.
  • Thovtrup, H., and J. Nielsen. 1991. “Assessing the Usability of a User Interface Standard.” Proceedings of ACM CHI’91 Conference on Human Factors in Computing Systems New Orleans, LA, 335–341.
  • Ting, W. W., and D. R. Comings. 2010. “Information Assurance Metric for Assessing NIST’s Monitoring Step in the Risk Management Framework.” Information Security Journal: A Global Perspective 19: 253–262.
  • Tri, D. T., and T. K. Dang. 2009. “Security Visualization for Peer-to-Peer Resource Sharing Applications.” International Journal on Computer Science and Engineering 1 (2): 47–55.
  • Trim, P. R. J., and Y.-I. Lee. 2008. “A Strategic Approach to Sustainable Partnership Development.” European Business Review 20 (3): 222–239. doi: 10.1108/09555340810871428
  • Trindade, D. D. F. G., C. Guimarães, D. R. Antunes, L. S. N. Garcia, R. A. L. da Silva, and S. Fernandes. 2012. “Challenges of Knowledge Management and Creation in Communities of Practice Organisations of Deaf and non-Deaf Members: Requirements for A Web Platform.” Behaviour & Information Technology 31 (8): 799–810. doi: 10.1080/0144929X.2011.650712
  • Uther, M., and H. Haley. 2008. “Back vs. Stack: Training the Correct Mental Model Affects web Browsing.” Behaviour & Information Technology 27 (3): 211–218. doi: 10.1080/01449290600956357
  • Vance, A., B. P. Lowry, and D. Eggett. 2013. “Using Accountability to Reduce Access Policy Violations in Information Systems.” Journal of Management Information Systems 29 (4): 263–290. doi: 10.2753/MIS0742-1222290410
  • Vance, C. M., and Y. Paik. 2005. “Forms of Host-Country National Learning for Enhanced MNC Absorptive Capacity.” Journal of Managerial Psychology 20 (7): 590–606. doi: 10.1108/02683940510623407
  • Van der Henst, J.-B. 2002. “Mental Model Theory Versus the Inference Rule Approach in Relational Reasoning.” Thinking and Reasoning 8 (3): 193–203. doi: 10.1080/13546780244000024
  • Van Schaik, P., D. Flynn, A. Van Werch, A. Douglass, and P. Cann. 2004. “The Acceptance of a Computerised Decision-Support System in Primary Care: A Preliminary Investigation.” Behaviour & Information Technology 23 (5): 321–326. doi: 10.1080/0144929041000669941
  • Vicente, K. J. 1990. “Coherence- and Correspondence-Driven Work Domains: Implications for Systems Design: The Design of Human-Computer Systems.” Behaviour & Information Technology 9 (6): 493–502. doi: 10.1080/01449299008924262
  • Walle, B. V. d., M. Turoff, M. Chumer, R. Hiltz, R. Klashner, M. Alles, M. Vasarhelyi, and A. Kogan. 2004. “Assuring Homeland Security: Continuous Monitoring, Control & Assurance Of Emergency Preparedness.” Journal of Information Technology Theory and Application (JITTA) 6 (3): 1–24.
  • Wang, A. J. A. 2005. “Information Security Models and Metrics.” 43rd ACM Southeast Conference, Kennesaw, GA, 178–184.
  • Wang, Y., and G. Liu 2009. “Research on Relationships Model of Organization Communication Performance of the Construction Project Based on Shared Mental Model.” International Conference on Information Management, Innovation Management and Industrial Engineering, Xi’an, 208–211.
  • Wells, J. D., and W. L. Fuerst 2000. “Domain-Oriented Interface Metaphors: Designing Web Interfaces for Effective Customer Interaction.” The 33rd Hawaii International Conference on System Sciences, Maui, Hawaii, 1–10.
  • Westerink, J. H. D. M., B. G. M. M. Majoor, and M. D. Rama. 2000. “Interacting with Infotainment Applications: Navigation Patterns and Mental Models.” Behaviour & Information Technology 19 (2): 97–106. doi: 10.1080/014492900118704
  • White, G. L. 2010. “The Evolution and Implementation of Global Assurance.” Issues in Information Systems XI (1): 35–40.
  • Whitten, A., and J. D. Tygar. 2003. “Safe Staging for Computer Security.” The Workshop on Human-Computer Interaction and Security Systems, Ft. Lauderdale, FL, 1–4.
  • Wilke, J., F. McInnes, M. A. Jack, and P. Littlewood. 2007. “Hidden Menu Options in Automated Human-Computer Telephone Dialogues: Dissonance in the User’s Mental Model.” Behaviour & Information Technology 26 (6): 517–534. doi: 10.1080/01449290600717783
  • Willer, D., L. Rutström, L. B. Karr, M. Corra, and D. Girard. 1999. “A Web-Lab to Enhance Social Science Infrastructure: Experiments, Simulations and Archiving.” Journal of Knowledge Management 3 (4): 276–287. doi: 10.1108/13673279910304023
  • Winter, S., S. Wagner, and F. Deissenboeck. 2008. “A Comprehensive Model of Usability.” Engineering Interactive Systems: Lecture Notes in Computer Science 4940: 106–122. doi: 10.1007/978-3-540-92698-6_7
  • Wyatt, J. C. 2001. “Management of Explicit and Tacit Knowledge.” Journal of the Royal Society of Medicine 94 (1): 6–9.
  • Xiang, C., Y. Lu, and S. Gupta. 2013. “Knowledge Sharing in Information System Development Teams: Examining the Impact of Shared Mental Model From A Social Capital Theory Perspective.” Behaviour & Information Technology 32 (10): 1024–1040. doi: 10.1080/0144929X.2012.745901
  • Xiao, L., and J. Carroll. 2007. “Fostering an Informal Learning Community of Computer Technologies at School.” Behaviour & Information Technology 26 (1): 23–36. doi: 10.1080/01449290600811511
  • Yee, K.-P. 2002. “User Interaction Design for Secure Systems.” The 4th International Conference on Information and Communications Security, 278–290.
  • Yeratziotis, A., D. Pottas, and D. V. Greunen. 2012. “A Usable Security Heuristic Evaluation for the Online Health Social Networking Paradigm.” International Journal of Human-Computer Interaction 29 (3): 678–694. doi: 10.1080/10447318.2011.654202
  • Zaphiris, P., B. Shneiderman, and K. L. Norman. 2002. “Expandable Indexes vs. Sequential Menus for Searching Hierarchies on the World Wide Web.” Behaviour & Information Technology 21 (3): 201–207. doi: 10.1080/0144929021000009045
  • Zhang, W., and M. Kim. 2011. “Harnessing Explicit Knowledge.” Journal of Economics and Behavioral Studies 2 (3): 97–107.
  • Zhang, X., and C. Shen. 2006. “Reliability Extended Security Model Combining Confidentiality and Integrity.” 8th International Conference on Signal Processing, Beijing, 1–4.
  • Zhang, W., and P. Xu. 2011. “Do I Have to Learn Something new? Mental Models and the Acceptance of Replacement Technologies.” Behaviour & Information Technology 30 (2): 201–211. doi: 10.1080/0144929X.2010.489665
  • Zhang-Kennedy, L., S. Chiasson, and R. Biddle. 2013. “Password Advice Shouldn’t be Boring: Visualizing Password Guessing Attacks.” eCrime Researchers Summit, San Francisco, CA, 1–11.
  • Ziefle, M. 2002. “The Influence of User Expertise and Phone Complexity on Performance, Ease of use and Learnability of Different Mobile Phones.” Behaviour & Information Technology 21 (5): 303–311. doi: 10.1080/0144929021000048538
  • Zurko, M. E. 2005. “User-Centered Security: Stepping Up to the Grand Challenge.” Computer Security Applications Conference, 21st Annual, Tucson, AZ, 202–215.

Reprints and Corporate Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

To request a reprint or corporate permissions for this article, please click on the relevant link below:

Order Reprints Request Corporate Permissions

Academic Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

Obtain permissions instantly via Rightslink by clicking on the button below:

Request Academic Permissions

If you are unable to obtain permissions via Rightslink, please complete and submit this Permissions form. For more information, please visit our Permissions help page.

Supercharge Your Next Research Paper: Research and write your next paper with Jenni AI.

Related research

People also read lists articles that other readers of this article have read.

Recommended articles lists articles that we recommend and is powered by our AI driven recommendation engine.

Cited by lists all citing articles based on Crossref citations.
Articles with the Crossref icon will open in a new tab.