Article Preview
TopIntroduction
Inadequate usable-security of software systems is deemed as the main reason for the increasing vulnerabilities of the software systems thus rendering them prone to threat attacks. The all-pervasive use of ICT (Information-communication technology) Elisa, (2017) proves that the individuals and organizations today have a huge quantity of physical (accessories) as well as digital (data) assets. However, these assets are at huge risk in the present scenario of cyber assaults Sasse & Flechais, (2005). The abundant production of digital data has drastically increased the need for usable-security. As reckoned in a survey, 2.5 Exabyte of data are generated everyday and 90% of the total data was produced in the last two years alone IBM, (2019). A plethora of security tools and techniques have been developed by the IT industry to meet the rising demand of digital data’s security.
In spite of the huge spending on security in this domain, the growth in the scale and forms of intrusions continues unabated. Even more alarming is the unprecedented increase in the data breach instances witnessed in the healthcare industry. Verizon’s 2018 report states that the healthcare sector is highly susceptible to intrusion attacks in comparison to other sectors. In 2005, 157 cases of data breaches were recorded in the USA which exposed 66.9 million records. In 1914, this number increased to 783 which included 85.61 million records Seh et al., (2020). In August-2019, 3800 data breach cases were reported in the first half of the present year with 3.3 billion records at risk in USA, USA TODAY, (2019). The average cost of a data breach is $39.2in the US Lakh Seh et al., (2020). As iterated by the Verizon’s 2018 report, the key reason for spike in data breach episodes is the mismatch between the available security mechanisms and usable-security in HMSS.
Usable-security ensures that anyone who needs a security product should use it easily and comfortably. Security focuses on prevention of un-authorization, while the usability refers to the ease of users “keeping simple” formula of product Agarwal et al., (2019). Therefore, the software industry should mainly focus on usable-security and it should be one of the top priorities during software development. For attaining this objective, researchers adopt different techniques to evaluate usable-security attributes Agarwal et al., (2019). Moreover, the researchers have also done plenty of work to prioritize those attributes, Alenezi et al., (2019). Nevertheless, only a few selected studies focus on prioritizing factors of usable-security with applicability to real-world problems and provide ways to enhance usable-security services of Hospital-Management Software System (HMSS).
User satisfaction is basically concerned with security services that afford maximum usability. Enhancing security services with usability will correspondingly increase the software user’s acceptance rate Alenezi et al., (2019). Further, different policies of organizations for the assessment make it a decision-making problem Pressman, (2005). Therefore, the assessment will be very beneficial for experts, because it will help them in prioritizing attributes and to take pertinent decisions while certifying usable-security. Productive assessment of usable-security factors is useful for both the security services of software and the quality of software because it improves the overall QoS of software. Therefore, authors of this paper have used an integrated approach of Fuzzy-ANP and Fuzzy-TOPSIS method to make an evaluation of the usability of security services.