Skip to main content

Computer security impaired by legitimate users

Besnard, Denis, Arief, Budi (2004) Computer security impaired by legitimate users. Computers and Security, 23 (3). pp. 253-264. ISSN 0167-4048. (doi:10.1016/j.cose.2003.09.002) (KAR id:58698)


Computer security has traditionally been assessed from a technical point of view. Another way to assess it is by investigating the role played by legitimate users of systems in impairing the level of protection. In order to address this issue, we wish to adopt a multidisciplinary standpoint and investigate some of the human aspects involved in computer security. From research in psychology, it is known that people make biased decisions. They sometimes overlook rules in order to gain maximum benefits for the cost of a given action. This situation leads to insidious security lapses whereby the level of protection is traded-off against usability. In this paper, we highlight the cognitive processes underlying such security impairments. At the end of the paper, we propose a short usability-centred set of recommendations.

Item Type: Article
DOI/Identification number: 10.1016/j.cose.2003.09.002
Uncontrolled keywords: Cognitive psychology, Computer security, Cost-benefit trade-offs, Risk, Work practices, Behavioral research, Cost benefit analysis, Electronic commerce, Information technology, Monitoring, Online systems, Professional aspects, Risks, User interfaces, Cognitive psychology, Cost benefit trade-offs, Work practices, Security of data
Subjects: Q Science
Divisions: Divisions > Division of Computing, Engineering and Mathematical Sciences > School of Computing
Depositing User: Budi Arief
Date Deposited: 17 Nov 2016 11:36 UTC
Last Modified: 16 Nov 2021 10:23 UTC
Resource URI: (The current URI for this page, for reference purposes)

University of Kent Author Information

  • Depositors only (login required):

Total unique views for this document in KAR since July 2020. For more details click on the image.