Open Access Open Access  Restricted Access Subscription or Fee Access

A Trade-Off Model of Software Requirements for Balancing Between Security and Usability Issues

(*) Corresponding author

Authors' affiliations



The growing dependence on technology drives the pronounced need of developing secure systems that can easily be used by their users. Security and usability have been widely recognized as two non-functional requirements. Different researchers have argued that handling those requirements in a separate manner is considered as a challenge that affects negatively on developing usable systems that can be easily used by their users. Where the security experts most often endeavor to identify and specify the security requirements to resist the potential harms, attacks, and risks that may face the overall system without paying any attention to the resulting issues and difficulties that may face end users when they handle such systems. Over the last two decades, several researchers have introduced different methodologies to facilitate developing usable security systems. Despite that, the research in this area still requires expending more efforts in order to reach a good trade-off between security and usability requirements. For this purpose, this paper aims to analyze the relation between security and usability requirements in order to design a trade-off model that assists in integrating the experiences of both security and usability experts at the requirement stage for reaching a good compromise between both the security and usability requirements.
Copyright © 2015 Praise Worthy Prize - All rights reserved.


Security Requirements; Usability Requirements; Trade-Off Model

Full Text:



K. T. Al-Sarayreh, "Identification, specification and measurement, using international standards, of the system non functional requirements allocated to realtime embedded software," École de technologie supérieure, 2011.

Abran, A., K. T. Al-Sarayreh, and J. J. Cuadrado-Gallego, "A Standards-based Reference Framework for System Portability Requirements", Computer Standards and Interface, Elsevier, V:35(4):pp.:380-395, 2013.

Al-Sarayreh, K. T., A. Abran and J. J. Cuadrado-Gallego, " A Standards-based model of system maintainability requirements", Journal of Software: Evolution and Process, John Wiley & Sons, Ltd, V:25(5): pp:459-505, 2013.

Al-Sarayreh, K., Dependability Model for Decomposition and Allocation of System Safety Integrity Levels of Software Quality, (2015) International Review on Computers and Software (IRECOS), 10 (11), pp. 1110-1119.

Jabbar, H., Gopal, T., An Integrated Metrics Based Approach for Usability Engineering, (2014) International Journal on Information Technology (IREIT), 2 (5), pp. 158-167.

Julia, S., Rodrigues, P., Analyzing Software Architecture Styles Using Quality Attributes, (2014) International Journal on Information Technology (IREIT), 2 (2), pp. 43-47..

Bures, V., Comparative analysis of system dynamics software packages, (2015) International Review on Modelling and Simulations (IREMOS), 8 (2), pp. 245-256.

Khalid T. Al-Sarayreh, Asma Labadi and Kenza Meridji, "A Generic Method for Identifying Maintainability Requirements Using ISO Standards", International Conference on Intelligent Information Processing, Security and Advanced Communication (IPAC 2015), ISBN: 978-1-4503-3458-7, ACM, ICPS, Algeria, NOV. 23-25, 2015.

Lina Hasan and Khalid T. Al-Sarayreh, "An Integrated Measurement Model for Evaluating Usability Attributes", International Conference on Intelligent Information Processing, Security and Advanced Communication (IPAC 2015), ISBN: 978-1-4503-3458-7, ACM, ICPS, Algeria, NOV. 23-25, 2015.

Khalid T. Al-Sarayreh and Kenza Meridji, "Towards a Development of an Operational Process for Software Requirements: Case study application for Renewable Energy Software", International journal of software engineering and its applications. IJSEIA. Vol. 9, No. 7, pp. 11-26, 2015.

Kenza Meridji, Khaled AlMakadmeh , Khalid T. Al-Sarayreh, Anas Abuljadayel and Mohammad Khalaf, "Towards A Requirements Model of System Security Using International Standards", International journal of software engineering and its applications. IJSEIA. Vol. 9, No. 4, pp. 139-164, 2015.

J. Zhou and D. Gollmann, "Observations on non-repudiation," in Advances in Cryptology—ASIACRYPT'96, 1996, pp. 133-144.

R. Gajanayake, R. Iannella, and T. Sahama, "Sharing with care: An information accountability perspective," Internet Computing, IEEE, vol. 15, pp. 31-38, 2011.

Y. Sattarova Feruza and T.-h. Kim, "IT security review: Privacy, protection, access control, assurance and system security," International journal of multimedia and ubiquitous engineering, vol. 2, pp. 17-31, 2007.

D. Zissis and D. Lekkas, "Addressing cloud computing security issues," Future Generation computer systems, vol. 28, pp. 583-592, 2012.

M. Agrawal and P. Mishra, "A comparative survey on symmetric key encryption techniques," International Journal on Computer Science and Engineering (IJCSE), vol. 4, pp. 877-882, 2012.

K. T. Fung, Network security technologies: CRC Press, 2004.

M. Ciampa, Security+ guide to network security fundamentals: Cengage Learning, 2011.

R. B. Grady, Practical software metrics for project management and process improvement: Prentice-Hall, Inc., 1992.

J. Nielsen, Usability engineering: Elsevier, 1994.

A. Abran, A. Khelifi, W. Suryn, and A. Seffah, "Usability meanings and interpretations in ISO standards," Software Quality Journal, vol. 11, pp. 325-338, 2003.

ISO, "IEC25022: 2012 - Systems and software engineering -- Systems and software Quality Requirements and Evaluation (SQuaRE) – Measurement of quality in use," International Organization for Standardization, 2012.

A. Seffah, M. Donyaee, R. B. Kline, and H. K. Padda, "Usability measurement and metrics: A consolidated model," Software Quality Journal, vol. 14, pp. 159-178, 2006.

D. Gupta, A. Ahlawat, and K. Sagar, "A critical analysis of a hierarchy based Usability Model," in Contemporary Computing and Informatics (IC3I), 2014 International Conference on, 2014, pp. 255-260.

K. T. Al-Sarayreh, I. Al-Oqily, and K. Meridji, "A standard-based reference framework for system operations requirements," Int. J. Comput. Appl. Technol., vol. 47, pp. 351-363, 2013.

M. Rausand, Risk Assessment: Theory, Methods, and Applications: Wiley, 2013.


  • There are currently no refbacks.

Please send any question about this web site to
Copyright © 2005-2023 Praise Worthy Prize