{"id":"https://openalex.org/W4312546924","doi":"https://doi.org/10.1109/msec.2022.3205484","title":"Eight Lightweight Usable Security Principles for Developers","display_name":"Eight Lightweight Usable Security Principles for Developers","publication_year":2022,"publication_date":"2022-10-10","ids":{"openalex":"https://openalex.org/W4312546924","doi":"https://doi.org/10.1109/msec.2022.3205484"},"language":"en","primary_location":{"id":"doi:10.1109/msec.2022.3205484","is_oa":true,"landing_page_url":"https://doi.org/10.1109/msec.2022.3205484","pdf_url":"https://ieeexplore.ieee.org/ielx7/8013/10034844/09915009.pdf","source":{"id":"https://openalex.org/S61906035","display_name":"IEEE Security & Privacy","issn_l":"1540-7993","issn":["1540-7993","1558-4046"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Security &amp; Privacy","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"bronze","oa_url":"https://ieeexplore.ieee.org/ielx7/8013/10034844/09915009.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5043448995","display_name":"Peter Leo Gorski","orcid":"https://orcid.org/0000-0003-0391-4054"},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Peter Leo Gorski","raw_affiliation_strings":["INFODAS GmbH, K&#x00F6;ln, Germany"],"affiliations":[{"raw_affiliation_string":"INFODAS GmbH, K&#x00F6;ln, Germany","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5037591969","display_name":"Luigi Lo Iacono","orcid":"https://orcid.org/0000-0002-7863-0622"},"institutions":[{"id":"https://openalex.org/I155417937","display_name":"Hochschule Bonn-Rhein-Sieg","ror":"https://ror.org/04m2anh63","country_code":"DE","type":"education","lineage":["https://openalex.org/I155417937"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Luigi Lo Iacono","raw_affiliation_strings":["Data and Application Security Group, H-BRS University of Applied Sciences, Sankt Augustin, Germany"],"affiliations":[{"raw_affiliation_string":"Data and Application Security Group, H-BRS University of Applied Sciences, Sankt Augustin, Germany","institution_ids":["https://openalex.org/I155417937"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5000498964","display_name":"Matthew Smith","orcid":"https://orcid.org/0000-0002-2724-1379"},"institutions":[{"id":"https://openalex.org/I155417937","display_name":"Hochschule Bonn-Rhein-Sieg","ror":"https://ror.org/04m2anh63","country_code":"DE","type":"education","lineage":["https://openalex.org/I155417937"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Matthew Smith","raw_affiliation_strings":["Data and Application Security Group, H-BRS University of Applied Sciences, Sankt Augustin, Germany"],"affiliations":[{"raw_affiliation_string":"Data and Application Security Group, H-BRS University of Applied Sciences, Sankt Augustin, Germany","institution_ids":["https://openalex.org/I155417937"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5043448995"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.2979,"has_fulltext":true,"cited_by_count":4,"citation_normalized_percentile":{"value":0.53135424,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":99},"biblio":{"volume":"21","issue":"1","first_page":"20","last_page":"26"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9986000061035156,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9959999918937683,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/usable","display_name":"USable","score":0.9491102695465088},{"id":"https://openalex.org/keywords/usability","display_name":"Usability","score":0.7649675607681274},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6710934638977051},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5274978876113892},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.47851550579071045},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.46640151739120483},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.46447765827178955},{"id":"https://openalex.org/keywords/human-computer-interaction-in-information-security","display_name":"Human-computer interaction in information security","score":0.42352601885795593},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.2733405828475952},{"id":"https://openalex.org/keywords/human\u2013computer-interaction","display_name":"Human\u2013computer interaction","score":0.2259792685508728},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.21095183491706848},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.20918700098991394},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.0908544659614563}],"concepts":[{"id":"https://openalex.org/C2780615836","wikidata":"https://www.wikidata.org/wiki/Q2471869","display_name":"USable","level":2,"score":0.9491102695465088},{"id":"https://openalex.org/C170130773","wikidata":"https://www.wikidata.org/wiki/Q216378","display_name":"Usability","level":2,"score":0.7649675607681274},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6710934638977051},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5274978876113892},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.47851550579071045},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.46640151739120483},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.46447765827178955},{"id":"https://openalex.org/C6353995","wikidata":"https://www.wikidata.org/wiki/Q17027910","display_name":"Human-computer interaction in information security","level":5,"score":0.42352601885795593},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.2733405828475952},{"id":"https://openalex.org/C107457646","wikidata":"https://www.wikidata.org/wiki/Q207434","display_name":"Human\u2013computer interaction","level":1,"score":0.2259792685508728},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.21095183491706848},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.20918700098991394},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0908544659614563}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/msec.2022.3205484","is_oa":true,"landing_page_url":"https://doi.org/10.1109/msec.2022.3205484","pdf_url":"https://ieeexplore.ieee.org/ielx7/8013/10034844/09915009.pdf","source":{"id":"https://openalex.org/S61906035","display_name":"IEEE Security & Privacy","issn_l":"1540-7993","issn":["1540-7993","1558-4046"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Security &amp; Privacy","raw_type":"journal-article"},{"id":"pmh:oai:pub.h-brs.de:6461","is_oa":true,"landing_page_url":"https://nbn-resolving.org/urn:nbn:de:hbz:1044-opus-64613","pdf_url":"https://pub.h-brs.de/files/6461/Eight_Lightweight_Usable_Security.pdf","source":{"id":"https://openalex.org/S4306400385","display_name":"Publication Server of Bonn-Rhein-Sieg University of Applied Sciences (Bonn-Rhein-Sieg University of Applied Sciences)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I135140700","host_organization_name":"University of Bonn","host_organization_lineage":["https://openalex.org/I135140700"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"IEEE Security & Privacy 21, 1, 20-26","raw_type":"publishedVersion"}],"best_oa_location":{"id":"doi:10.1109/msec.2022.3205484","is_oa":true,"landing_page_url":"https://doi.org/10.1109/msec.2022.3205484","pdf_url":"https://ieeexplore.ieee.org/ielx7/8013/10034844/09915009.pdf","source":{"id":"https://openalex.org/S61906035","display_name":"IEEE Security & Privacy","issn_l":"1540-7993","issn":["1540-7993","1558-4046"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Security &amp; Privacy","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G4435490016","display_name":null,"funder_award_id":"678341","funder_id":"https://openalex.org/F4320338335","funder_display_name":"H2020 European Research Council"}],"funders":[{"id":"https://openalex.org/F4320338335","display_name":"H2020 European Research Council","ror":"https://ror.org/0472cxd90"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4312546924.pdf","grobid_xml":"https://content.openalex.org/works/W4312546924.grobid-xml"},"referenced_works_count":12,"referenced_works":["https://openalex.org/W1481692486","https://openalex.org/W2095881341","https://openalex.org/W2144981153","https://openalex.org/W2541261609","https://openalex.org/W2541640915","https://openalex.org/W2585818648","https://openalex.org/W2590201952","https://openalex.org/W2888849592","https://openalex.org/W3040234847","https://openalex.org/W6628996700","https://openalex.org/W6754023153","https://openalex.org/W6759080658"],"related_works":["https://openalex.org/W2014373104","https://openalex.org/W4383616936","https://openalex.org/W4389190993","https://openalex.org/W4312546924","https://openalex.org/W2526450411","https://openalex.org/W2146657063","https://openalex.org/W2107557415","https://openalex.org/W2111134024","https://openalex.org/W1983193060","https://openalex.org/W2151206587"],"abstract_inverted_index":{"We":[0],"propose":[1],"eight":[2],"usable":[3],"security":[4,18,33],"principles":[5,24],"that":[6],"provide":[7],"software":[8],"developers":[9,27],"with":[10],"a":[11,20],"lightweight":[12],"framework":[13],"to":[14,35],"help":[15,26],"them":[16],"integrate":[17],"in":[19],"user-friendly":[21],"way.":[22],"These":[23],"should":[25],"who":[28],"must":[29],"weigh":[30],"usability":[31],"and":[32],"tradeoffs":[34],"facilitate":[36],"adoption.":[37]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":1},{"year":2023,"cited_by_count":1}],"updated_date":"2026-04-06T07:47:59.780226","created_date":"2025-10-10T00:00:00"}