• Like
Experience Design Framework for securing Large Scale Information and Communication Systems
Upcoming SlideShare
Loading in...5

Experience Design Framework for securing Large Scale Information and Communication Systems

Uploaded on

* Paper presented at the Design Research Society Conference 2014 at Umeå, Sweden. It proposes a framework for UX design regarding security and privacy of Information and Communication Systems …

* Paper presented at the Design Research Society Conference 2014 at Umeå, Sweden. It proposes a framework for UX design regarding security and privacy of Information and Communication Systems (ICSs)

---- Abstract -----
Securing Information and Communication Systems (ICSs) is a highly complex process due in large part to the feedback relationship that holds between the users and the system and its 'ecosystem' of usage. Such a relationship is critical for experience designers. The design of secure systems can thereby be enhanced by using principles from disciplines where similar relations hold, such as security engineering and adaptive systems. In this work, we propose a user experience design framework based on six principles and use a social networking system as an example of its application. The proposed design principles are grounded in complex systems theory. We address several potential security and privacy challenges inherent in the design of a large-scale adaptive system. By means of this framework we reflect upon the participation of an experience designer regarding the conceptualization, selection, review, and update of security and privacy matters. In this sense, we observe the role of the designer as a translator across disciplines. By introducing our framework, we also attempt to start a conversation about the challenges a designer faces in the appropriation of this role, either for the case of securing large-scale systems or in those situations where the boundaries of design and knowledge from other disciplines already overlap.

More in: Design , Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads


Total Views
On Slideshare
From Embeds
Number of Embeds



Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

    No notes for slide


  • 1. Azadeh Nematzadeh Omar Sosa-Tzec School of Informatics and Computing Indiana University Design Research Society Conference 2014 June 16, 2014. Umeå, Sweden ExperienceDesignFrameworkfor SecuringLargeScaleInformationand CommunicationSystems
  • 2. 1. SecurityandPrivacyConcerns 2. InformationandCommunicationSystems (ICSs) Concerns 3. ComplexSystemsandICSs 4. SecurityandPrivacyFramework 5. Implications 6. Conclusions agenda
  • 3. 1.SecurityandPrivacyConcerns
  • 4. Asdesigners,whatandhow dowethinkabout securityandprivacy ofInformationand CommunicationSystems?
  • 5. People have different privacy and security concerns
  • 6. Picturesource:http://bit.ly/1xFLspW responsibility on the users’ hands
  • 7. between public and private
  • 8. Unknown and unpredictable security and privacy threats and failures
  • 9. 2.ICSsconcerns
  • 10. Heterogeneity of users
  • 11. Imagebytheauthors u u u u u u u u uu u u u u u u u u u u u u u diverse people: a “world” using icss
  • 12. ICSs entail multiple use scenarios
  • 13. same system, different use
  • 14. different security and privacy scenarios
  • 15. Use scenarios change over time
  • 16. Information and Communication Systems also change
  • 17. Picturesource:http://bit.ly/1lblv7T
  • 18. 3.ComplexSystemsandICSs
  • 19. Picturesource:http://karaaustin.blogspot.com/ complex systems Picturesource:http://tinyurl.com/k76185y Picturesource:http://bit.ly/SDVhE9 Picturesource:http://dailym.ai/IUNYDM
  • 20. Aspects of security and privacy in ICSs show the characteristics of complex systems
  • 21. Picturesource:http://bit.ly/1s7lmw0 self-organization
  • 22. Picturesource:http://bit.ly/1kQ3X64 emergence
  • 23. Picturesource:http://bit.ly/1oWmXiy evolution Picturesource:http://bit.ly/1qBWKXJ
  • 24. Picturesource:http://bit.ly/1nxVy70 coevolution
  • 25. As complex systems,ICSs entail user-system coevolution
  • 26. Imagebytheauthors ICSTime User User-System Coevolution
  • 27. 4.SecurityandPrivacyFramework
  • 28. Complex System Heterogeneity of users User's privacy and security concerns and behaviors Multiple use scenarios Evolvable use scenarios Evolution on ICT infrastructure security and privacy challenges for experience design
  • 29. Avoid Unintentional Disclosure Security and Privacy Matters Expandability Personalization AdaptabilityUsability Imagebytheauthors framework
  • 30. security and privacy matters Imagebytheauthors *Discussion *Reflection *Interaction flows *Possible security and privacy mechanisms *Taking into account dynamic behavior *How to mitigate future attacks *Think about possible system failures *Generalities of the users *Context of use *Technological aspects Security and Privacy Specialist Experience Designer User
  • 31. personalization Imagebytheauthors Users: group 1 Users: group n-1 Large-ScaleICS PrivacyandSecurityMechanisms Users: group n Sensitive Parameters Sensitive Parameters Sensitive Parameters
  • 32. Facebookimagesfromauthor'sprofile personalization
  • 33. adaptability, expandability and usability Imagebytheauthors User t n t n+1User's attributes Interaction with the system User's attributes ICS
  • 34. Facebookimagesfromauthor'sprofile adaptability, expandability and usability
  • 35. Facebookimagesfromauthor'sprofile unintentional disclosure
  • 36. 5.Implications
  • 37. ICSTime User + + what is the meaning of this relation?
  • 38. The experience designer as translator and communicator of knowledge
  • 39. ICS Time User Experience Designer Security and Privacy Specialist Client and Stakeholders User-SystemCoevolution DesignProcess
  • 40. ICSs entail a challenge for both design practice and design pedagogy
  • 41. 6.Conclusions
  • 42. We proposed an experience design framework constituted by six security and privacy principles
  • 43. Security and Privacy Matters Personalization Adaptability Expandability Usability Avoid Unintentional Disclosure
  • 44. Complex Systems Heterogeneity of Users Multiple and Evolvable Use Scenarios User-System Coevolution Security and Privacy Experience Design
  • 45. Our attempt is to open a conversation about security and privacy,and also about the implications of user-system coevolution in ICSs for experience design.
  • 46. azadnema@indiana.edu http://mypage.iu.edu/~azadnema/ omarsosa@indiana.edu http://tzec.com/ Paper available at: http://goo.gl/qZ7qsA Thankyou! Questions?