000000107 001__ 107
000000107 005__ 20130522141951.0
000000107 037__ $$aLERSSE-PRESENTATION-2006-055
000000107 041__ $$aeng
000000107 100__ $$aKonstantin Beznosov
000000107 100__ $$aSid Fels
000000107 100__ $$aLee Iverson
000000107 100__ $$aBrian Fisher
000000107 245__ $$aHOT Admin: Human, Organization, and Technology Centred Improvement of the IT Security Administration
000000107 260__ $$c2006-03-02
000000107 520__ $$aWhile cryptography, access control, accountability, and other security technologies have received a great deal of attention, to our knowledge this is the first attempt to address systematically the interaction of security administrative models and technologies with usability within an organization. Our focus on the integration of organizational structure, security mechanisms, and user interface design addresses the three key components of effective security administration (SA) in today’s workplace. Our novel approach will consider the problem as the interaction of three main factors: Humans, Organizations, and Technologies (HOT). Addressed Problem: The management of security and privacy in IT settings is an enormous, difficult, and costly problem with over $15B spent on tools alone around the world in 2004. Yet little is known about security administrators, their roles and responsibilities within organizations, and how effective existing tools and practices are at protecting organizations and employees while still allowing productive collaborative work. Much like an air-traffic controller, if a security administrator makes an error, entire organizations may be compromised leading to, in the best case, loss of productivity and, in the worst case, injury or death to people. Project Goals: To improve information technology (IT) security administration (SA), this project aims to achieve two overarching goals: first, to devise a methodology for evaluating the effectiveness of IT security administrative tools; second, to design effective technological solutions, guidelines, and techniques to aid security administrators. To achieve these objectives, we will advance the understanding of IT SA as a distinct human activity to the level at which comprehensive human, organizational, and technological models of IT SA can be used to develop the proposed evaluation methodology, and design guidelines and techniques. 
000000107 6531_ $$aHOT Admin
000000107 6531_ $$ausable security administration
000000107 6531_ $$ausable security 
000000107 8560_ $$fqiangw@ece.ubc.ca
000000107 8564_ $$uhttp://lersse-dl.ece.ubc.ca/record/107/files/107.pdf$$yTransfer from CDS 0.99.7
000000107 909C4 $$pKonstantin Beznosov, Sid Fels, Lee Iverson, Brian Fisher, "HOT Admin: Human, Organization, and Technology Centred Improvement of the IT Security Administration," CIPS Vancouver Security SIG Meeting, Vancouver, 8 March, 2006, pp.35.
000000107 980__ $$aPRESENTATION