Developing a Human Activity Model for Insider IS Security Breaches Using Action Design Research

Abstract : Insider security breaches in organizations have been identified as a pressing problem for academics and practitioners. The literature generally addresses this problem by focusing on the compliance of human behavior to stated policy or the conformance with organizational culture. The cultural stance and resultant activities of organizational insiders are key determinants of information security. However, whilst compliance with security policies and regulations is of great importance, the very structure of human activities that facilitates or hinders such compliance have seldom appeared in the literature. In this paper we present a human activity model that captures different aspects of a security culture. The model elucidates the patterns of behavior in organizations. Applying the model before and after an insider security breach allows us to make salient, critical areas that need attention.
Type de document :
Communication dans un congrès
Jaap-Henk Hoepman; Stefan Katzenbeisser. 31st IFIP International Information Security and Privacy Conference (SEC), May 2016, Ghent, Belgium. IFIP Advances in Information and Communication Technology, AICT-471, pp.49-61, 2016, ICT Systems Security and Privacy Protection. 〈10.1007/978-3-319-33630-5_4〉
Liste complète des métadonnées

Littérature citée [44 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01369541
Contributeur : Hal Ifip <>
Soumis le : mercredi 21 septembre 2016 - 10:51:51
Dernière modification le : mercredi 21 septembre 2016 - 11:43:07
Document(s) archivé(s) le : jeudi 22 décembre 2016 - 13:03:22

Fichier

 Accès restreint
Fichier visible le : 2019-01-01

Connectez-vous pour demander l'accès au fichier

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Gurpreet Dhillon, Spyridon Samonas, Ugo Etudo. Developing a Human Activity Model for Insider IS Security Breaches Using Action Design Research. Jaap-Henk Hoepman; Stefan Katzenbeisser. 31st IFIP International Information Security and Privacy Conference (SEC), May 2016, Ghent, Belgium. IFIP Advances in Information and Communication Technology, AICT-471, pp.49-61, 2016, ICT Systems Security and Privacy Protection. 〈10.1007/978-3-319-33630-5_4〉. 〈hal-01369541〉

Partager

Métriques

Consultations de la notice

36