Methodology for considering environments and culture in developing information security systems
2009 (English)In: ISSA 2009 Conference Proceedings, 2009Conference paper (Refereed)
In this paper, we describe a methodology for considering culture of users and environments when developing information security systems. We discuss the problem of how researchers and developers of security for information systems have had difficulties in considering culture of users and environments when they develop information security systems. This has created environments where people serve technology instead of technology serving people. Users have been considered just as any other component in an information system, which has resulted in having efficient technical controls but inadequate social controls for security. In this paper, we propose a holistic and immune security framework that considers culture of users and system environments in developing information security systems.
Place, publisher, year, edition, pages
Deterrence, response, recovery, value-based chain, adaptability, environments, detection
Computer and Information Science
IdentifiersURN: urn:nbn:se:kth:diva-34472OAI: oai:DiVA.org:kth-34472DiVA: diva2:421715