Abstract
We present a methodology for the formalization of human-computer interaction under security aspects. As part of the methodology, we give formal semantics for the well-known GOMS methodology for user modeling, and we provide a formal definition of an important aspect of human-computer interaction security. We show how formal GOMS models can be augmented with formal models of (1) the application and (2) the user’s assumptions about the application. In combination, this allows the pervasive formal modeling of and reasoning about secure human-computer interaction. The method is illustrated by a simple eVoting example.
This work was partially funded by the German Federal Ministry of Education, Science, Research and Technology (BMBF) in the framework of the Verisoft project under grant 01 IS C38. The responsibility for this article lies with the authors. See http://www.verisoft.de for more information about Verisoft.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bramwell, C.: Formal development methods for interactive systems: Combining interactors and design rationale (1996)
de Haan, G.: ETAG: A Formal Model of Competence Knowledge for User-Interface Design. PhD thesis, Vrije Universiteit, Amsterdam (2000)
Dierstein, R.: Sicherheit in der Informationstechnik: Der Begriff IT-Sicherheit. Informatik Spektrum 27(4) (August 2004)
Dix, A., Abowd, G.: Modelling status and event behaviour of interactive systems. Software Engineering Journal 11(6), 334–346 (1996)
Dix, A., Runciman, C.: Abstract models of interactive systems. In: Johnson, P., Cook, S. (eds.) HCI 1985: People and Computers I: Designing the Interface, pp. 13–22. Cambridge University Press, Cambridge (1985)
Doherty, G., Harrison, M.D.: A Representational Approach to the Specification of Presentations. In: Eurographics Workshop on Design Specification and Verification of Interactive Systems, DSVIS 1997, Granada, Spain (June 1997)
Duke, D., Barnard, P., Duce, D., May, J.: Systematic development of the human interface (1995)
Duke, D.J., Harrison, M.D.: A Theory of Presentations. In: Naftalin, M., Bertrán, M., Denvir, T. (eds.) FME 1994. LNCS, vol. 873, pp. 271–290. Springer, Heidelberg (1994)
Hamilton, F.: Predictive evaluation using task knowledge structures. In: Companion Proceedings of CHI 1996, Vancouver, Canada (1996)
John, B.E., Kieras, D.E.: The GOMS family of user interface analysis techniques: Comparison and contrast. ACM Transactions on Computer-Human Interaction 3(4), 320–351 (1996)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Beckert, B., Beuster, G. (2006). A Method for Formalizing, Analyzing, and Verifying Secure User Interfaces. In: Liu, Z., He, J. (eds) Formal Methods and Software Engineering. ICFEM 2006. Lecture Notes in Computer Science, vol 4260. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11901433_4
Download citation
DOI: https://doi.org/10.1007/11901433_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-47460-9
Online ISBN: 978-3-540-47462-3
eBook Packages: Computer ScienceComputer Science (R0)