Jones, K. & Salako, K. (2013). Modeling Security Policy and the Effect for End-Users. Paper presented at the HCI International 2013: 15th International Conference on Human-Computer Interaction, 21 - 26 Jul 2013, Las Vegas, Nevada, US.
Download (680kB) | Preview
Many "good practices" in computer security are based on assumptions and local evidence that do not generalize. There are few quantifiable methods of establishing or refuting the validity of these practices from a user perspective. We propose a formal model of security policies that allows us to evaluate the claimed benefits to the user of the system quantitatively. We illustrate the use of the model by looking at a security policy we all live with daily: The Password Policy.
|Item Type:||Conference or Workshop Item (Paper)|
|Subjects:||Q Science > QA Mathematics > QA75 Electronic computers. Computer science|
|Divisions:||School of Informatics > Department of Computing|
Actions (login required)
Downloads per month over past year