Towards understanding IT security professionals and their tools

ACM International Conference Proceeding Series

Volumn 229, Issue , 2007, Pages 100-111

  Botta, David ^a   Werlinger, Rodrigo ^a   Gagné, André ^a   Beznosov, Konstantin ^a   Iverson, Lee ^a   Fels, Sidney ^a   Fisher, Brian ^a  

^a UNIVERSITY OF BRITISH COLUMBIA   (Canada)

Author keywords

Collaboration; Ethnography; Security management; Security tasks; Security tools; Usable security

Indexed keywords

INFORMATION TECHNOLOGY; PATTERN RECOGNITION; PERSONNEL; SOCIETIES AND INSTITUTIONS;

ETHNOGRAPHY; SECURITY MANAGEMENT; SECURITY TASKS; SECURITY TOOLS; USABLE SECURITY;

SECURITY OF DATA;

EID: 36849085382     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1280680.1280693     Document Type: Conference Paper

References (26)

1. Argus intrusion detection and prevention. http://www.qosient.com/argus/, February 2007.
2. R. Barrett, E. Haber, E. Kandogan, P. Maglio, M. Prabaker, and L. Takayama. Field studies of computer system administrators: Analysis of system management tools and practices. In Proceedings of the Conference on Computer Supported Collaborative Work, 2004.
3. A. Bartels, B. J. Holmes, and H. Lo. Global IT spending and investment forecast, 2006 to 2007. Forrester Research, 2006.
4. F.J. Björck. Discovering Information Security Management. Doctoral thesis, Stockholm University, Royal Institute of Technology, 2005.
5. S. Bodker. Human activity and humain-computer interaction. In S. Bodker, editor, Through the Interface: A Human Activity Approach to User Interface Design, pages 18-56. Lawrence Erlbaum Associates, Publishers, Hillsdale, NJ, 1991.
6. H. H. Clark. Using Language. Cambridge University Press, Cambridge, England, 1996.
7. H. H. Clark and M. F. Schober. Asking questions and influencing answers. In J. M. Tanur, editor, Questions about questions: Inquiries into the cognitive bases of surveys. Russell Sage, New York, NY, 1992.
8. M. Elliott and R. Kling. Organizational usability of digital libraries: Case study of legal research in civil and criminal courts. American Society for Information Science., 4(11):1023-1035, 1997.
9. G. Fischer and E. Scharff. Meta-design: design for designers. In Proceedings of the Conference on Designing Interactive Systems (DIS), pages 396-405, New York, NY, USA, 2000. ACM Press.
10. B. Glaser and A. L. Strauss. The Discovery of Grounded Theory, Strategies for Qualitative Research. Aldine Publishing Company, Chicago, Illinois, 1967.
11. U. Holmstrom. User-centered design of secure software. In the 17th Symposium on Human Factors in Telecommunications, Denmark, 1999.
12. E. Hutchins. Cognition in the Wild. MIT Press, Cambridge, MA, 1995.
13. Internet relay chat (irc) help archive. http://www.irchelp.org/, February 2007.
14. E. Kandogan and E. M. Haber. Security administration tools and practices. In L. F. Cranor and S. Garfinkel, editors, Security and Usability: Designing Secure Systems that People Can Use, chapter 18, pages 357-378. O'Reilly Media, Inc., Sebastapol, 2005.
15. K. Kark, C. McClean, L. Koetzle, J. Penn, and S. Bernhardt. 2007 security budgets increase: The transition to information risk management begins. Forrester Research, 2007.
16. P. P. Maglio, E. Kandogan, and E. Haber. Distributed cognition and joint activity in collaborative problem solving. In Proceedings of the Twenty-fifth Annual Conference of the Cognitive Science Society, 2003.
17. T. Malone, K. Lai, and K. Grant. Two design principles for collaboration technology: Examples of semiformal systems and radical tailorability. Coordination Theory and Collaboration Technology, pages 125-160, 2001.
18. Merriam-Webster. Merriam-webster's collegiate dictionary, 1994.
19. Nessus security scanner, http://www.nessus.org/, February 2007.
20. J. Nielsen. Usability Engineering. Morgan Kaufmann, San Francisco, 1994.
21. Idea works: Qualrus software. http://www.ideaworks.com/qualrus/index. html, February 2007.
22. K. J. . Vicente. Cognitive Work Analysis: Toward Safe, Productive, and Healthy Computer-Based Work. Mahwah, NJ: Lawrence Erlbaum Associates, Publishers, 1999.
23. A. Wool. A quantitative study of firewall configuration errors. Computer, 37(6):62- 67, 2004.
24. R., Yin. Case study research: Design and methods (2nd ed.). Sage Publishing, Beverly Hills, CA, 1994.
25. M. Zurko, R. Simon, and T. Sanfilippo. A user-centered, modular authorization service built on an RBAC foundation. In IEEE Symposium on Security and Privacy, pages 57-71, Oakland, CA , USA, 1999.
26. M. E. Zurko and R. T. Simon. User-centered security. In New Security Paradigms Workshop, pages 27-33, Lake Arrowhead, California, 1996. ACM Press.