Introduction

In times of Internet and mobile computing several security mechanisms that are well known in real life, e.g. signing a document, have been transferred to the electronic world. Until now many security tools, e.g. e-mail encryption software, are available for the mass of ordinary users. But often those tools are highly complicated and require security knowledge to be used correctly. Thus, a non-security-expert user can hardly obtain the desired security:

Certificate management window of the "SignTrust" plugin. Click here for better quality.

"Low-Medium-High" approach of MS Internet Explorer 5 and its "advanced" settings.

As actual surveys show, the majority of non-security-expert users want their private data to be secure when acting in the Internet.
The aim of ATUS is to make security available to those non-security-expert users by examining the relationship between usability and security and to find methods that support the development of Usable Security mechanisms.

Trying to exactly define the words Usable Security, we say: Usable Security is the degree to which a user can protect himself and his IT-system efficiently, effectively, and satisfactorily in a certain context.

ATUS' approach to achieve Usable Security is to evaluate and improve the usability of existing security software on the one hand, and to show how to develop usable security software right from the start of the developement process on the other:

• USE is a new evaluation method for security software that has been developed by ATUS.
• Identity Management is a new concept to realize
  Usable Security.