Abstract
We present a systematization of usable security principles, guidelines and patterns to facilitate the transfer of existing knowledge to researchers and practitioners. Based on a literature review, we extracted 23 principles, 11 guidelines and 47 patterns for usable security and identified their interconnection. The results indicate that current research tends to focus on only a subset of important principles. The fact that some principles are not yet addressed by any design patterns suggests that further work on refining these patterns is needed. We developed an online repository, which stores the harmonized principles, guidelines and patterns. The tool enables users to search for relevant guidance and explore it in an interactive and programmatic manner. We argue that both the insights presented in this article and the web-based repository will be highly valuable for students to get a good overview, practitioners to implement usable security and researchers to identify areas of future research.
On providing systematized access to consolidated principles, guidelines and patterns for usable security research and development†