Development of security scanner with high usability

In this paper, we propose and develop a security scanner with high usability. Any user can operate the scanner easily. Recently, illegal access has been increasing tremendously. Not only the expert but also the beginners need to cope up with vulnerability of a system promptly and properly. In such cases, a security scanner is an efficient tool to point out the vulnerability. However, for general users, most of the presently available security scanners are hard to install and operate because they have considerably poor usability. Our design criteria of the security scanner are that it should be Web based, should not depend on operating systems, and should not need any installation. To attain these goals, we adopted Perl and Macromedia Flash for development of the security scanner. Moreover, since all the scanning processes are performed only by one mouse click, our security scanner improves usability enormously. Additionally, we have introduced an extension script file, which contains additional vulnerability information for beginner users, detailed description of vulnerability from OS or application vendor, translated description into users' local languages, and so on. In addition, we designed it based on the knowledge of human interface study such as displaying scanning progress bar. Usability of our security scanner was evaluated by comparing with the usability of the existing security scanners using several points of view. In functionality, we have realized very high extensionality and reliability by using the external script of Nessus.