1.
|
Preparation, detection, and analysis: the diagnostic work of IT security incident response
/ Rodrigo Werlinger ; Kasia Muldner ; Kirstie Hawkey ; Konstantin Beznosov
[LERSSE-RefJnlPaper-2009-013]
Purpose — The purpose of this study is to examine security incident response practices of IT security practitioners as a diagnostic work process, including the preparation phase, detection, and analysis of anomalies. [...]
Published in Rodrigo Werlinger, Kasia Muldner, Kirstie Hawkey, and Konstantin Beznosov. Preparation,
detection, and analysis: the diagnostic work of IT security incident response. Journal of
Information Management & Computer Security, 18(1):26-42, January 2010.
:
Transfer from CDS 0.99.7: PDF;
|
2.
|
Towards Understanding Diagnostic Work During the Detection and Investigation of Security Incidents
/ Rodrigo Werlinger ; Kasia Muldner ; Kirstie Hawkey ; Konstantin Beznosov
[LERSSE-RefConfPaper-2009-037]
This study investigates how security practitioners perform diagnostic work during the identification of security incidents. [...]
Published in Werlinger, R., Muldner, K., Hawkey, K., and Beznosov, K. (2009). Towards Understanding Diagnostic Work during the Detection and Investigation of Security Incidents. Proc. of Int. Symposium on Human Aspects of Information Security & Assurance (HAISA 2009), Athens, Greece, June 25-26, 2009, 119-132.:
Transfer from CDS 0.99.7: PDF;
|
3.
|
User Centered Design of ITSM Tools
/ Pooya Jaferian
[LERSSE-PRESENTATION-2009-077]
IT Security Management (ITSM) requires collaboration between diverse stakeholders, has an environment of numerous technological and business specializations (is complex), has many issues that need to be handled with discretion, is fast paced, uncertain, requires reliance of practitioners on tacit knowledge, and there is lack of immediate feedback when imposing a change on the system. [...]
Published in Talk given at NSERC ISSNet Workshop 2009, Carleton University, Ottawa, Canada.:
Transfer from CDS 0.99.7: PDF;
|
4.
|
Security Practitioners in Context: Their Activities and Interactions with Other Stakeholders within Organizations
/ Rodrigo Werlinger ; Kirstie Hawkey ; David Botta ; Konstantin Beznosov
[LERSSE-RefJnlPaper-2009-007]
This study investigates the context of interactions of IT security practitioners, based on a qualitative analysis of 30 interviews and participatory observation. [...]
Published in Rodrigo Werlinger, Kirstie Hawkey, David Botta, Konstantin Beznosov, "Security Practitioners in Context: Their Activities and Interactions with Other Stakeholders within Organizations", International Journal of Human-Computer Studies, 67(7):584–606, March 2009. :
Transfer from CDS 0.99.7: PDF;
|
5.
|
Challenges, Collaborative Interactions, and Diagnosis Performed by IT Security Practitioners: An Empirical Study
/ Rodrigo Werlinger
[LERSSE-THESIS-2008-004]
This thesis investigates four different aspects of information security management: challenges faced by security practitioners, interactive collaborations among security practitioners and other stakeholders, diagnostic work performed by security practitioners during the response to incidents, and factors that impact the adoption of an intrusion detection system in one organization. [...]
Published in Rodrigo Werlinger, "Challenges, Collaborative Interactions, and Diagnosis Performed by IT Security Practitioners: An Empirical Study," MASc thesis, Department of Electrical and Computer Engineering, University of British Columbia, Vancouver, Canada, July 2008. :
Transfer from CDS 0.99.7: PDF;
|
6.
|
The Challenges of Using an Intrusion Detection System: Is It Worth the Effort?
/ Rodrigo Werlinger ; Kirstie Hawkey ; Kasia Muldner ; Pooya Jaferian ; et al
[LERSSE-RefConfPaper-2008-029]
An intrusion detection system (IDS) can be a key component of security incident response within organizations. [...]
Published in R. Werlinger, K. Hawkey, K. Muldner, P. Jaferian, and K. Beznosov. The challenges of using an intrusion detection system: Is it worth the effort? In Proc. of ACM Symposium on Usable Privacy and Security (SOUPS) , pp 107 - 116 , 2008:
Transfer from CDS 0.99.7: PDF;
|
7.
|
Searching for the Right Fit: A Case Study of IT Security Management Model Tradeoffs
/ Kirstie Hawkey ; Kasia Muldner ; Konstantin Beznosov
[LERSSE-REPORT-2007-024]
The usability of security systems within an organization is impacted not only by tool interfaces but also by the security management model (SMM) of the IT security team. [...]
Published in Kirstie Hawkey, Kasia Muldnery, and Konstantin Beznosov, "Searching for the Right Fit: A Case Study of IT Security Management Model Tradeoffs", Laboratory for Education and Research in Secure Systems Engineering, Vancouver, Canada, University of British Columbia, technical report LERSSE-TR-2007-03, 16 November, 2007, pp.23.:
Transfer from CDS 0.99.7: PDF;
|
8.
|
Understanding IT Security Administration through a Field Study
/ David Botta ; Rodrigo Werlinger ; André Gagné ; Konstantin Beznosov ; et al
[LERSSE-REPORT-2007-002]
[LERSSE-REPORT-2007-020]
The security administration of large organizations is exceptionally challenging due to the increasingly large numbers of application instances, resources, and users; the growing complexity and dynamics of business processes; and the spiralling volume of change that results from the interaction of the first two factors. [...]
Published in David Botta, Rodrigo Werlinger, André Gagné, Konstantin Beznosov, Lee Iverson, Sidney Fels and Brian Fisher, "Understanding Information Technology Security Administration through a Field Study", Laboratory for Education and Research in Secure Systems Engineering, University of British Columbia, 2007:
Transfer from CDS 0.99.7: PDF;
|