Are easily usable security libraries possible and how should experts work together to create them?
This work aims to improve security for applications built by non-expert developers, but it is incremental as it builds on existing usability challenges without introducing a new method.
The paper addresses the problem of non-experts developing vulnerable security applications due to poor usability of security libraries, proposing that collaboration between cryptographic and API-usability experts can tackle this issue.
Due to non-experts also developing security relevant applications it is necessary to support them too. Some improvements in the current research may not reach or impact these developers. Nonetheless these developers use security libraries. There are findings that even their usage is not easily possible and applications are left vulnerable to supposedly treated threats. So it is important to improve the usability of the security libraries. This is itself is not straightforward because of a required maturing process for example. By getting together experts of different involved areas, especially cryptographic and API-usability experts, both of the problems can be tackled.