Security has evolved into an essential quality factor of software systems. However, security features in software applications are often time-consuming, error-prone and too complicated for common users. This is mainly due to a limited consideration and integration of usability. As a consequence, users either circumvent security features or do not utilize them at all. Usable security is an advanced quality topic and an important research area of software systems. This area combines usability and security with the objective of making the use of security features in software effective, efficient and satisfying. In order to meet this challenge, the research project USecureD aims at supporting small and medium-sized enterprises (SMEs) in facilitating the selection and incorporation of usable security by developing, evaluating and collecting principles, guidelines, patterns and tools for merging usability and security engineering. During the initiation phase of the USecureD project, an online study (N = 118) in conjunction with 10 interviews and 2 workshops have been conducted in order to identify the relevance and requirements of usability, security and usable security with a specific focus on SMEs. The obtained results are presented and derived implications are discussed in this paper.
The USecureD project is funded by the Federal Ministry for Economic Affairs and Energy (BMWi) under project number 01MU14002. The authors would like to thank Jasmin Niess for her constructive comments which helped a lot to improve the readability of the paper.
 Garfinkel, S. L.; Lipford, H. R.: Usable Security: History, Themes, and Challenges. Synthesis Lectures on Information Security, Morgan & Claypool Publishers, 2014.10.2200/S00594ED1V01Y201408SPT011Search in Google Scholar
 Garfinkel, S. L.; Margrave, D.: Schiller, J. I.; Nordlander, E.; Miller, R. C.: How to make secure email easier to use. Conference on Human Factors in Computing Systems (SIGCHI), 2005.Search in Google Scholar
 Nguyen, H. V.; Lo Iacono, L.: Auswertung der Online-Studie. USecureD-Deliverable, 2016. Online available at: https://www.usecured.de/UseWP/wp-content/uploads/2015/04/USecureD-Anforderungsanalyse-Online-Studienergebnisse-V.1.pdf.Search in Google Scholar
 Schmitt, H.: Anforderungsanalyse (Interviewergebnisse). USecureD-Deliverable, 2016. Online available at: https://www.usecured.de/UseWP/wp-content/uploads/2016/02/USecureD-Anforderungsanalyse-Interviewergebnisse-V.1.pdf.Search in Google Scholar
 Whitten, A.; Tygar, J. D.: Why Johnny can’t encrypt: a usability evaluation of PGP 5.0. 8th Usenix Security Symposium, 1999.Search in Google Scholar
© 2016 Walter de Gruyter GmbH, Berlin/Boston