Designing and executing a security and usability testing plan: IdeaClick Prototype
Gutiérrez Gutiérrez, Omar Lenin; Bacso, Manuel (2013)
Gutiérrez Gutiérrez, Omar Lenin
Bacso, Manuel
HAAGA-HELIA ammattikorkeakoulu
2013
All rights reserved
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-2013060513074
https://urn.fi/URN:NBN:fi:amk-2013060513074
Tiivistelmä
The purpose of this thesis was to define, analyse and execute usability and security test-ing plans for an application prototype named IdeaClick. IdeaClick is a web application and its main purpose is to share ideas and provide a means to collaborate on them.
The usability aspects of IdeaClick were tested and analysed based on two standard web user interface methodologies. The first method followed the black-box procedure, consisting of I/O data. The second one was a heuristic evaluation done by the testing facilitator responsible and the testers. The security of this prototype was tested follow-ing the OWASP guidelines for web application security testing. This non-profit organi-zation provides an extended guide on how to test a web application regarding various security vulnerabilities.
As a result of this thesis, two individual testing plans were created. In addition, the study includes a description of the prototype and its features.
The thesis concludes that the prototype functions well; however, the overall usability should be improved by investing more time in the further development of the user interface. Furthermore, some security flaws were found and they require attention as soon as possible.
The usability aspects of IdeaClick were tested and analysed based on two standard web user interface methodologies. The first method followed the black-box procedure, consisting of I/O data. The second one was a heuristic evaluation done by the testing facilitator responsible and the testers. The security of this prototype was tested follow-ing the OWASP guidelines for web application security testing. This non-profit organi-zation provides an extended guide on how to test a web application regarding various security vulnerabilities.
As a result of this thesis, two individual testing plans were created. In addition, the study includes a description of the prototype and its features.
The thesis concludes that the prototype functions well; however, the overall usability should be improved by investing more time in the further development of the user interface. Furthermore, some security flaws were found and they require attention as soon as possible.