000000134 001__ 134
000000134 005__ 20130522141947.0
000000134 037__ $$aLERSSE-REPORT-2007-021
000000134 041__ $$aeng
000000134 100__ $$aKartik Markandan
000000134 245__ $$aA Study of Security Administration Errors
000000134 260__ $$c2007-06-25
000000134 300__ $$a12p
000000134 520__ $$aSecurity administrators prevent security breaches against their infrastructure by using their tools to implement the security policy. This paper deals with security administration errors that were collected from the RISKS-forum and were analyzed using grounded theory. The application of open coding, one of the components of grounded theory, led to a classification of errors based on security tasks. Security errors were also divided according to whether the error was due to Human limitations, Organizational limitations, Technological limitations (HOT) or a combination of these limitations. Moreover, security administration errors were categorized according to different functionality. Our findings have pointed out that security administrators commit a variety of “configuration” errors as well as errors that fall under the category of “patching and upgrading.” We also encountered one error under the category of “password maintenance.” Our results showed that human limitations played a crucial role in the errors that we logged in this study. Thus, we have recommended that more study needs to be conducted into the human factors of security administration.
000000134 6531_ $$ahot admin
000000134 6531_ $$asecurity management
000000134 6531_ $$asecurity administration errors
000000134 6531_ $$asecurity tasks
000000134 6531_ $$aUsable Security
000000134 8560_ $$fqiangw@ece.ubc.ca
000000134 8564_ $$uhttp://lersse-dl.ece.ubc.ca/record/134/files/134.pdf$$yTransfer from CDS 0.99.7
000000134 909C4 $$pKartik Markandan, "A Study of Security Administration Errors", Laboratory for Education and Research in Secure Systems Engineering, Vancouver, Canada, University of British Columbia, technical report LERSSE-TR-2006-03, 17 December, 2006, pp.12.
000000134 980__ $$aREPORT
guest ::