Human Factors in security: User-centred and socio-technical perspectives
نویسندگان
چکیده
منابع مشابه
Human-centred computer security
We re-examine the needs of computer security in pervasive computing from first principles, specifically the problem of bootstrapping secure networks. We consider the case of systems that may have no shared secret information, and where there is no structure such as a PKI available. Nevertheless we propose a protocol which achieves a high degree of security based on a combination of humanmediate...
متن کاملSocio-technical Perspectives on e-Government Initiatives
ICTs are intended to be a powerful tool in support of government transition to the “Digital Age”. The purpose of this paper is to emphasize the importance of integrating a socio-technical perspective into the body of eGovernment practices. The current realisation in Italy of an “Action plan for eGovernment” is a source of interesting preliminary evidence for our purpose. 1 Standard (Tool) Model...
متن کاملTransforming Socio-Technical Security Requirements in SecBPMN Security Policies
Socio-Technical Systems (STSs) are complex systems composed of both social (i.e., humans and organizations) and technical (i.e., hardware and software) elements. Security requirements for STSs define constraints for the sociotechnical interactions and can be specified as a set of security policies that have to be satisfied by the components of the system during their interactions. In this paper...
متن کاملOn Tools for Socio-Technical Security Analysis
Many systems are hacked daily and apparently without much effort (e.g., see [1]). This happens because hackers prefer not to break security mechanisms immediately, but rather to target unguarded components first. Such components, e.g., users and human-computer ceremonies [2], are hacked by exploiting cognitive features (e.g., trust) and people’s dismay with ill-designed interfaces. These user-r...
متن کاملSecurity analysis of socio-technical physical systems
Recent initiatives that evaluate the security of physical systems with objects as assets and people as agents –here called Socio-Technical Physical Systems– have limitations: their agent behaviour is too simple, they just estimate feasibility and not the likelihood of attacks, or they do estimate likelihood but on explicitly provided attacks only. We propose a model that can detect and quantify...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Security Journal
سال: 2015
ISSN: 0955-1662,1743-4645
DOI: 10.1057/sj.2015.40