City Research Online

Modeling Security Policy and the Effect for End-Users

Jones, K. & Salako, K. ORCID: 0000-0003-0394-7833 (2013). Modeling Security Policy and the Effect for End-Users. In: Marinos, L. & Askoxylakis, I. (Eds.), Human Aspects of Information Security, Privacy, and Trust. HAS 2013. HCI International 2013: 15th International Conference on Human-Computer Interaction, 21 - 26 Jul 2013, Las Vegas, Nevada, US. doi: 10.1007/978-3-642-39345-7_27

Abstract

Many "good practices" in computer security are based on assumptions and local evidence that do not generalize. There are few quantifiable methods of establishing or refuting the validity of these practices from a user perspective. We propose a formal model of security policies that allows us to evaluate the claimed benefits to the user of the system quantitatively. We illustrate the use of the model by looking at a security policy we all live with daily: The Password Policy.

Publication Type: Conference or Workshop Item (Paper)
Additional Information: The final authenticated publication is available online at https://doi.org/10.1007/978-3-642-39345-7_27.
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Departments: School of Science & Technology > Computer Science > Software Reliability
[thumbnail of Password_Security_Modelling_20130226v3.pdf]
Preview
Text - Accepted Version
Download (680kB) | Preview

Export

Add to AnyAdd to TwitterAdd to FacebookAdd to LinkedinAdd to PinterestAdd to Email

Downloads

Downloads per month over past year

View more statistics

Actions (login required)

Admin Login Admin Login