Location of Repository

Added entries

By Simon Parkin, Aad Van Moorsel, Philip Inglesant, M. Angela Sasse, S. Parkin, A. Van Moorsel, P. Inglesant and M. A. Sasse

Abstract

Recent strides in usability research have produced various solutions to assist computer users during interactions with IT security mechanisms. However, the usability concerns of users within organisations are not considered or simply not apparent to the one individual who can effect change, the IT security manager. Ideally these concerns would resonate with the IT security manager, and here we explore how that can be realised, through the design of a password policy decisionsupport tool. During two 2-hour sessions, 3 IT security managers discussed with us our mock-up prototypes and a range of potential usage scenarios (e.g. cloud-based password-cracking attacks and “hot desking ” initiatives). We find that the experience of the end-user is currently not appropriately represented within the IT security manager’s decision-making process, where the financial costs/benefits and business impacts of information security controls are foremost. Our tool design process elicits findings to help develop mechanisms to visualise these tradeoffs

Year: 1209
OAI identifier: oai:CiteSeerX.psu:10.1.1.173.1074
Provided by: CiteSeerX
Download PDF:
Sorry, we are unable to provide the full text but you may find it at the following location(s):
  • http://citeseerx.ist.psu.edu/v... (external link)
  • http://www.cs.ncl.ac.uk/public... (external link)
  • Suggested articles


    To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.