Multilateral security a concept and examples for balanced security
Proceedings of the 2000 workshop on New security paradigms
Safe and sound: a safety-critical approach to security
Proceedings of the 2001 workshop on New security paradigms
Information security is information risk management
Proceedings of the 2001 workshop on New security paradigms
Security Engineering: A Guide to Building Dependable Distributed Systems
Security Engineering: A Guide to Building Dependable Distributed Systems
Why Johnny can't encrypt: a usability evaluation of PGP 5.0
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
Communications of the ACM - The psychology of security: why do good users make bad decisions?
The compliance budget: managing security behaviour in organisations
Proceedings of the 2008 workshop on New security paradigms
Towards an ethical code for information security?
Proceedings of the 2008 workshop on New security paradigms
Security and usability: the gap in real-world online banking
NSPW '07 Proceedings of the 2007 Workshop on New Security Paradigms
So long, and no thanks for the externalities: the rational rejection of security advice by users
NSPW '09 Proceedings of the 2009 workshop on New security paradigms workshop
WISI'06 Proceedings of the 2006 international conference on Intelligence and Security Informatics
User Perceptions of Security Technologies
International Journal of Information Security and Privacy
Hi-index | 0.00 |
This panel will address users' perceptions and misperceptions of the risk/benefit and benefit/nuisance ratios associated with information security products, and will grope for a solution, based on the psychology of personality trait-factoring results, among other multidisciplinary approaches, to the problem of user non-acceptance of information security products. This problem has acquired a much more scientific guise when amalgamated with the psychology of personality and reinforced by reflections from the field on patterns of user behavior. A gross simplification of the main thrust of the panel is this thesis: if we start profiling the defenders rather than the offenders and do it on the basis of real science rather than very crude personality tests, then we will, at the very least, understand what is happening and possibly create a desirable profile for sysadmins, CIOs, and perhaps even CFOs. This swept-under-the-rug problem is information security's "dirty little secret." No other forum is designed to address this, and it may well become yet another major conceptual and paradigmatic shift in the field, of the type initiated in the NSPWs over the last decade. We know that the panel will generate an assured considerable interest among the participants.