City, University of London Library

    City Research Online

    Modeling Security Policy and the Effect for End-Users

    Jones, K. and Salako, K. (2013). Modeling Security Policy and the Effect for End-Users. In: Marinos, L. and Askoxylakis, I. (Eds.), Human Aspects of Information Security, Privacy, and Trust. HAS 2013. Lecture Notes in Computer Science. (pp. 256-265). Cham: Springer. ISBN 978-3-642-39345-7

    Abstract

    Many "good practices" in computer security are based on assumptions and local evidence that do not generalize. There are few quantifiable methods of establishing or refuting the validity of these practices from a user perspective. We propose a formal model of security policies that allows us to evaluate the claimed benefits to the user of the system quantitatively. We illustrate the use of the model by looking at a security policy we all live with daily: The Password Policy.

    Publication Type: Conference or Workshop Item (Paper)
    Additional Information: The final authenticated publication is available online at https://doi.org/10.1007/978-3-642-39345-7_27.
    Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
    Departments: School of Mathematics, Computer Science & Engineering > Computer Science > Software Reliability
    URI: https://openaccess.city.ac.uk/id/eprint/2151
    [img]
    Preview
    		 Text - Accepted Version
    Download (680kB) | Preview

    Export

    Downloads

    Downloads per month over past year

    View more statistics

    Actions (login required)

    Admin Login Admin Login
    CORE (COnnecting REpositories)