The Challenges of Using an Intrusion Detection System: Is It Worth the Effort?
An intrusion detection system (IDS) can be a key component of security incident response within organizations. Traditionally, intrusion detection research has focused on improving the accuracy of IDSs,...
View ArticleToward Understanding the Workplace of IT Security Practitioners
Security of information technology (IT) has become a critical issue for organizations as they must protect their information assets from unauthorized access and quickly resume business activities after...
View ArticleManagement of IT Security in Organizations: What Makes It Hard?
Security of information technology (IT) has become a critical issue for organizations as they must protect their information assets from unauthorized access and quickly resume business activities after...
View ArticleTowards Improving Mental Models of Personal Firewall Users
Windows Vista’s personal firewall provides its diverse users with a basic interface that hides many operational details. However, our study of this interface revealed that concealing the impact of...
View ArticleMobile Applications for Public Sector: Balancing Usability and Security
Development of mobile software applications for use in specific domains such as Public Security must conform to stringent security requirements. While mobile devices have many known limitations,...
View ArticleUsability Study of Windows Vista’s Firewall
Windows Vista is shipped with a built-in personal firewall. The firewall has lots of new features over its predecessor, XP’s firewall. But, previous studies showed that Vista’s firewall have a set of...
View ArticleUsability of Windows Vista Firewall: A Laboratory User Study
In this project we conducted a user study of Microsoft Windows Vista Firewall: a lab study followed by a questionnaire to evaluate the usability of Vista’s personal firewall. Our results show that the...
View ArticleA Usability Analysis of Microsoft Windows Vista’s Firewall
The usability of personal firewalls has not received a significant amount of attention in the literature. However, it is essential that these firewalls - which are used by the lay end-user to protect...
View ArticleSecurity Practitioners in Context: Their Activities and Interactions with...
This study investigates the context of interactions of IT security practitioners, based on a qualitative analysis of 30 interviews and participatory observation. We identify nine different activities...
View ArticleUsability Meets Access Control: Challenges and Research Opportunities
This panel discusses specific challenges in the usability of access control technologies and new opportunities for research. The questions vary from “Why nobody, even experts, uses access control lists...
View ArticleRevealing Hidden Context: Improving Mental Models of Personal Firewall Users
The Windows Vista personal firewall provides its diverse users with a basic interface that hides many operational details. However, concealing the impact of network context on the security state of...
View ArticleRevealing Hidden Context: Improving Mental Models of Personal Firewall Users
The Windows Vista personal firewall provides its diverse users with a basic interface that hides many operational details. However, concealing the impact of network context on the security state of the...
View ArticleUser Centered Design of ITSM Tools
IT Security Management (ITSM) requires collaboration between diverse stakeholders, has an environment of numerous technological and business specializations (is complex), has many issues that need to...
View ArticleRevealing Hidden Context: Improving Users' Mental Models of Personal Firewalls
Windows Vista’s personal firewall provides its diverse users with a basic interface that hides many operational details. However, our study of this interface revealed that concealing the impact of...
View ArticleA Multi-method Approach for User-centered Design of Identity Management Systems
Identity management (IdM) comprises the processes and infrastructure for the creation, maintenance, and use of digital identities. This includes designating who has access to resources, who grants that...
View ArticleA Case Study of Enterprise Identity Management System Adoption in an...
This case study describes the adoption of an enterprise identity management(IdM) system in an insurance organization. We describe the state of the organization before deploying the IdM system, and...
View ArticleTowards Developing Usability Heuristics for Evaluation of IT Security...
Evaluating the usability of specific information technology (IT) security tools is challenging. For example, laboratory experiments can have little validity due to the complexity of real-world security...
View ArticlePreparation, detection, and analysis: the diagnostic work of IT security...
Purpose — The purpose of this study is to examine security incident response practices of IT security practitioners as a diagnostic work process, including the preparation phase, detection, and...
View ArticleInvestigating an Appropriate Design for Personal Firewalls
Personal firewalls are an important aspect of security for home computer users, but little attention has been given to their usability. We conducted semi-structured interviews to understand...
View ArticleInvestigating User Account Control Practices
Non-administrator user accounts and the user account control (UAC) approach of Windows Vista are two practical solutions to limit the damage of malware infection. UAC in Windows Vista supports usage of...
View Article
