A Socio-Technical Approach to Information Security

被引：0

作者：

Mujinga, Mathias ^{[1
]}

Eloff, Mariki M. ^{[2
]}

Kroeze, Jan H. ^{[1
]}

机构：

[1] Univ South Africa, Sch Comp, Pretoria, South Africa

[2] Univ South Africa, CEMS, ICC, Pretoria, South Africa

来源：

AMCIS 2017 PROCEEDINGS | 2017年

关键词：

Socio-technical approach; information security; social theory; STInfoSec;

D O I：

暂无

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

The main objective of this paper is to present a preliminary socio-technical information security (STInfoSec) framework for the development of online information security applications that addresses both social and technical aspects of information security design. The paper looks at theoretical aspects related to a view of information security as a socio-technical system in the context of online banking. The STInfoSec framework investigates usability and security requirements for an improved online banking system that seeks to improve the adoption and continued use of the service. The STInfoSec framework proposes 12 usable security design principles that assist in addressing security and usability requirements in online applications such as online banking. The framework seeks to influence the behaviour of designers of online information security applications by incorporating principles that consider the end user behaviour of such applications. The validation of the framework is beyond the scope of this paper.

引用

页数：10

共 50 条

[1] An Information Security Management for Socio-Technical Analysis of System Security
Huynen, Jean-Louis
Lenzini, Gabriele
[J]. INFORMATION SYSTEMS SECURITY AND PRIVACY, 2018, 867 : 222 - 251
[2] Dealing with Security Requirements for Socio-Technical Systems: A Holistic Approach
Li, Tong
Horkoff, Jennifer
[J]. ADVANCED INFORMATION SYSTEMS ENGINEERING (CAISE 2014), 2014, 8484 : 285 - 300
[3] A real-world information security performance assessment using a multidimensional socio-technical approach
Prislan, Kaja
Mihelic, Anze
Bernik, Igor
[J]. PLOS ONE, 2020, 15 (09):
[4] A Socio-Technical Investigation into Smartphone Security
Volkamer, Melanie
Renaud, Karen
Kulyk, Oksana
Emeroez, Sinem
[J]. SECURITY AND TRUST MANAGEMENT (STM 2015), 2015, 9331 : 265 - 273
[5] Socio-Technical Determinants of Information Security Perceptions in US Local Governments
Shin, Eunjung
Welch, Eric W.
[J]. INTERNATIONAL JOURNAL OF ELECTRONIC GOVERNMENT RESEARCH, 2016, 12 (03) : 1 - 20
[6] Modelling Static and Dynamic Aspects of Security: A Socio-Technical View on Information Security Metrics
Kowalski, Stewart
Barabanov, Rostyslav
[J]. IMCIC'11: THE 2ND INTERNATIONAL MULTI-CONFERENCE ON COMPLEXITY, INFORMATICS AND CYBERNETICS, VOL I, 2011, : 246 - 250
[7] Managing complex socio-technical systems: A proactive approach to airport security
Cole, Mara
Maurer, Maik
[J]. INTERNATIONAL JOURNAL OF KNOWLEDGE-BASED AND INTELLIGENT ENGINEERING SYSTEMS, 2014, 18 (03) : 191 - 200
[8] Security analysis of socio-technical physical systems
Lenzini, Gabriele
Mauw, Sjouke
Ouchani, Samir
[J]. COMPUTERS & ELECTRICAL ENGINEERING, 2015, 47 : 258 - 274
[9] Service security and privacy as a socio-technical problem
Bella, Giampaolo
Curzon, Paul
Lenzini, Gabriele
[J]. JOURNAL OF COMPUTER SECURITY, 2015, 23 (05) : 563 - 585
[10] Socio-technical issues and challenges in cyber security
Sadok, Moufida
Bednar, Peter
[J]. INFORMATION AND COMPUTER SECURITY, 2020, 28 (03) : 397 - 398

← 1 2 3 4 5 →