Problem
Scenario
A simple online food pick-up ordering application platform for a restaurant, MCY Fast Food, allows online users to perform the following actions using the web-based application interface:
1) Browse through the restaurant's menu options, corresponding prices, and nutrition information.
2) Add items using a "add" button to the cart.
3) View the cart to finalize the order.
4) Items can be deleted from the cart before proceeding to finalize the order.
5) Provides all necessary personal user information and pay the total amount due using a credit card gateway.
6) Receive confirmation email with order details, itemized bill, and approximate pick up time.
7) The restaurant also receives an email with the order details, itemized bill, and approximate pick up time for the customer.
Task
I. Discuss and explain the usability and security aspects for the above application scenario based on the Security-Usability Threat Model.
II. Based on the assessment techniques applied for Security-Usability Threat Model, discuss the probable de-motivators where users may unknowingly end up breaking the system.
III. Based on the assessment techniques applied for Security-Usability Threat Model, discuss the probable motivators where users may end up performing threat scenarios due to the secure methods being more complicated compared to the regular usage scenarios.
IV. Discuss the choices for triggers, warnings, and indicators which can be adopted for the application interface.