1.
|
Heuristics for Evaluating IT Security Management Tools
/ Pooya Jaferian ; Kirstie Hawkey ; Andreas Sotirakopoulos ; Maria Velez-Rojas ; et al
[LERSSE-RefConfPaper-2011-006]
The usability of IT security management (ITSM) tools is hard to evaluate by regular methods, making heuristic evaluation attractive. [...]
Published in Pooya Jaferian, Kirstie Hawkey, Andreas Sotirakopoulos, Maria Velez-Rojas, Konstantin Beznosov, Heuristics for Evaluating IT Security Management Tools, in Proceedings of the Symposium on Usable Privacy and Security (SOUPS), Carnegie Mellon University, Pittsburgh, PA, USA, July 20-22, 2011. :
Transfer from CDS 0.99.7: PDF;
|
2.
|
Preparation, detection, and analysis: the diagnostic work of IT security incident response
/ Rodrigo Werlinger ; Kasia Muldner ; Kirstie Hawkey ; Konstantin Beznosov
[LERSSE-RefJnlPaper-2009-013]
Purpose — The purpose of this study is to examine security incident response practices of IT security practitioners as a diagnostic work process, including the preparation phase, detection, and analysis of anomalies. [...]
Published in Rodrigo Werlinger, Kasia Muldner, Kirstie Hawkey, and Konstantin Beznosov. Preparation,
detection, and analysis: the diagnostic work of IT security incident response. Journal of
Information Management & Computer Security, 18(1):26-42, January 2010.
:
Transfer from CDS 0.99.7: PDF;
|
3.
|
Towards Developing Usability Heuristics for Evaluation of IT Security Management (ITSM) Tools
/ Pooya Jaferian ; David Botta ; Kirstie Hawkey ; Konstantin Beznosov
[LERSSE-POSTER-2009-010]
Evaluating the usability of specific information technology (IT) security tools is challenging. [...]
Published in Pooya Jaferian, David Botta, Kirstie Hawkey, Konstantin Beznosov, Towards Developing Usability Heuristics for Evaluation of IT Security Management (ITSM) Tools. Poster at CHIMIT 2009, Baltimore, MD, 2009.:
Transfer from CDS 0.99.7: PDF;
|
4.
|
A Case Study of Enterprise Identity Management System Adoption in an Insurance Organization
/ Pooya Jaferian ; David Botta ; Kirstie Hawkey ; Konstantin Beznosov
[LERSSE-RefConfPaper-2009-039]
This case study describes the adoption of an enterprise identity management(IdM) system in an insurance organization [...]
Published in Jaferian, P., Botta, D., Hawkey, K., and Beznosov, K. 2009. A Case Study of Enterprise Identity Management System Adoption in an Insurance Organization. In Proceedings of the 3rd ACM Symposium on Computer Human interaction For Management of information Technology (Baltimore, Maryland, November 7 - 8, 2009). CHiMiT '09. ACM, New York, NY.:
Transfer from CDS 0.99.7: PDF;
|
5.
|
Towards Understanding Diagnostic Work During the Detection and Investigation of Security Incidents
/ Rodrigo Werlinger ; Kasia Muldner ; Kirstie Hawkey ; Konstantin Beznosov
[LERSSE-RefConfPaper-2009-037]
This study investigates how security practitioners perform diagnostic work during the identification of security incidents. [...]
Published in Werlinger, R., Muldner, K., Hawkey, K., and Beznosov, K. (2009). Towards Understanding Diagnostic Work during the Detection and Investigation of Security Incidents. Proc. of Int. Symposium on Human Aspects of Information Security & Assurance (HAISA 2009), Athens, Greece, June 25-26, 2009, 119-132.:
Transfer from CDS 0.99.7: PDF;
|
6.
|
An integrated view of human, organizational, and technological challenges of IT security management
/ Rodrigo Werlinger ; Kirstie Hawkey ; Konstantin Beznosov
[LERSSE-RefJnlPaper-2009-009]
Abstract Purpose – The purpose of this study is to determine the main challenges that IT security practitioners face in their organizations, including the interplay among human, organizational, and technological factors [...]
Published in Rodrigo Werlinger, Kirstie Hawkey and Konstantin Beznosov, "An integrated view of human, organizational, and technological challenges of IT security management", Information Management & Computer Security, vol. 17, n. 1, 2009, pp.4-19.:
Transfer from CDS 0.99.7: PDF;
|
7.
|
Security Practitioners in Context: Their Activities and Interactions with Other Stakeholders within Organizations
/ Rodrigo Werlinger ; Kirstie Hawkey ; David Botta ; Konstantin Beznosov
[LERSSE-RefJnlPaper-2009-007]
This study investigates the context of interactions of IT security practitioners, based on a qualitative analysis of 30 interviews and participatory observation. [...]
Published in Rodrigo Werlinger, Kirstie Hawkey, David Botta, Konstantin Beznosov, "Security Practitioners in Context: Their Activities and Interactions with Other Stakeholders within Organizations", International Journal of Human-Computer Studies, 67(7):584–606, March 2009. :
Transfer from CDS 0.99.7: PDF;
|
8.
|
Auxiliary Material for the Study of Security Practitioners in Context: Their Activities and Interactions with Other Stakeholders Within Organizations
/ Rodrigo Werlinger ; Kirstie Hawkey ; Konstantin Beznosov
[LERSSE-REPORT-2009-028]
This technical report contains additional material for the study, which investigated the context of interactions of IT security practitioners..
Published in Rodrigo Werlinger, Kirstie Hawkey, and Konstantin Beznosov, "Auxiliary Material for the Study of Security Practitioners in Context: Their Activities and Interactions with Other Stakeholders Within Organizations," Tech. Rep. LERSSE-TR-2009-01, Laboratory for Education and Research in Secure Systems Engineering, University of British Columbia, Jan 2009:
Transfer from CDS 0.99.7: PDF;
|
9.
|
On the Imbalance of the Security Problem Space and its Expected Consequences
/ Konstantin Beznosov ; Olga Beznosova
[LERSSE-RefJnlPaper-2008-006]
Purpose – This paper aims to report on the results of an analysis of the computer security problem space, to suggest the areas with highest potential for making progress in the attacker-defender game, and to propose questions for future research. [...]
Published in Konstantin Beznosov and Olga Beznosova, "On the Imbalance of the Security Problem Space and its Expected Consequences," Journal of Information Management & Computer Security, Emerald, vol. 15 n.5, September 2007, pp.420-431.:
Transfer from CDS 0.99.7: PDF;
|
10.
|
Challenges, Collaborative Interactions, and Diagnosis Performed by IT Security Practitioners: An Empirical Study
/ Rodrigo Werlinger
[LERSSE-THESIS-2008-004]
This thesis investigates four different aspects of information security management: challenges faced by security practitioners, interactive collaborations among security practitioners and other stakeholders, diagnostic work performed by security practitioners during the response to incidents, and factors that impact the adoption of an intrusion detection system in one organization. [...]
Published in Rodrigo Werlinger, "Challenges, Collaborative Interactions, and Diagnosis Performed by IT Security Practitioners: An Empirical Study," MASc thesis, Department of Electrical and Computer Engineering, University of British Columbia, Vancouver, Canada, July 2008. :
Transfer from CDS 0.99.7: PDF;
|