# Using Cognitive Dimensions Questionnaire to Evaluate the Usability of   Security APIs

**Authors:** Chamila Wijayarathna, Nalin Asanka Gamagedara Arachchilage, Jill Slay

arXiv: 1706.00138 · 2017-06-13

## TL;DR

This paper evaluates the usability of security APIs using the Cognitive Dimensions Questionnaire, revealing common usability issues and demonstrating the methodology's effectiveness in identifying them.

## Contribution

It introduces a novel application of the Cognitive Dimensions framework to assess security API usability, filling a gap in usability evaluation methods for security tools.

## Key findings

- Identified prevalent usability issues in four security APIs.
- Demonstrated the questionnaire's capability to detect usability problems.
- Provided insights into improving security API design.

## Abstract

Usability issues that exist in security APIs cause programmers to embed those security APIs incorrectly to the applications they develop. This results in introduction of security vulnerabilities to those applications. One of the main reasons for security APIs to be not usable is currently there is no proper method by which the usability issues of security APIs can be identified. We conducted a study to assess the effectiveness of the cognitive dimensions questionnaire based usability evaluation methodology in evaluating the usability of security APIs. We used a cognitive dimensions based generic questionnaire to collect feedback from programmers who participated in the study. Results revealed interesting facts about the prevailing usability issues in four commonly used security APIs and the capability of the methodology to identify those issues.

---
Source: https://tomesphere.com/paper/1706.00138