Change-episodes in coding: when and how do programmers change their code?
Empirical studies of programmers: second workshop
Why the Future Belongs to the Quants
IEEE Security and Privacy
So long, and no thanks for the externalities: the rational rejection of security advice by users
NSPW '09 Proceedings of the 2009 workshop on New security paradigms workshop
IEEE Security and Privacy
Short paper: smartphones: not smart enough?
Proceedings of the second ACM workshop on Security and privacy in smartphones and mobile devices
| Hi-index | 0.00 |
Solutions to security problems, particularly ones involving cryptography, have typically been approached through the Inside-Out Threat Model, "this is our solution and whatever it addresses is the threat". Email encryption/signing and SSL/TLS are two examples of the Inside-Out Threat Model, with the existence of a multi-billion dollar global cybercrime industry testifying to the fact that the threat-modelling performed during the design process was aimed more at satisfying the cryptographers' rather than the end users' needs. This paper looks at the application of problem-structuring methods or PSMs, a technique from the field of social planning, to address computer security problems, not so much to define technical solutions but to help analyse the problem so that the most appropriate, rather than simply the most technologically trendy, solution is applied to the problem.