Sciweavers

COMPSEC
2004

Computer security impaired by legitimate users

13 years 3 months ago
Computer security impaired by legitimate users
Computer security has traditionally been assessed from a technical point of view. Another way to assess it is by investigating the role played by legitimate users of systems in impairing the level of protection. In order to address this issue, we wish to adopt a multidisciplinary standpoint and investigate some of the human aspects involved in computer security. From research in psychology, it is known that people make biased decisions. They sometimes overlook rules in order to gain maximum benefits for the cost of a given action. This situation leads to insidious security lapses whereby the level of protection is traded-off against usability. In this paper, we highlight the cognitive processes underlying such security impairments. At the end of the paper, we propose a short usability-centered set of recommendations. Keywords. Computer security, cognitive psychology, cost-benefit trade-offs, work practices, risk
Denis Besnard, Budi Arief
Added 17 Dec 2010
Updated 17 Dec 2010
Type Journal
Year 2004
Where COMPSEC
Authors Denis Besnard, Budi Arief
Comments (0)