Scenarios are used in both security design and usability design, but these two do not necessarily overlap. Usability design scenarios are concerned more with the personal and occupational goals of legitimate system users. Security scenarios tend to focus on vectors of attack--intentional illegitimate usage of the system. To the extent that security design factors in usability, it is often focused on the usability of security controls, and not the interaction between security and usability concerns per se.
Misusability cases are scenarios that describe how design assumptions and decisions may lead to inadvertent misuse of a system by legitimate users. Examples of this include exploitation of vulnerabilities to achieve user goals, or inadvertent violation of security protocols due to gaps in system security requirements.
The authors present an approach for finding and mitigating security misusability in a system. This includes an initial assessment of related work in user-centered security and design. Following this is a description of the overall approach to eliciting misusability cases, modeling these cases, and investigating and applying the results of this analysis. Finally, a case study is presented, including discussion of the benefits realized by applying the proposed approach.
In a world where system security is increasingly of paramount concern, this approach will be of value to a broad audience, including developers, security professionals, usability engineers, and requirements engineers.