Article (Scientific journals)
Service security and privacy as a socio-technical problem
Bella, Giampaolo; Curzon, Paul; Lenzini, Gabriele
2015In Journal of Computer Security, 23 (5), p. 563-585
Peer Reviewed verified by ORBi
 

Files


Full Text
Service security and privacy.pdf
Publisher postprint (384.32 kB)
Download

All documents in ORBilu are protected by a user license.

Send to



Details



Keywords :
Security ceremony; concertina; cloud; cybersecurity; modelling; analysis; verification; awareness
Abstract :
[en] The security and privacy of the data that users transmit, more or less deliberately, to modern services is an open problem. It is not solely limited to the actual Internet traversal, a sub-problem vastly tackled by consolidated research in security protocol design and analysis. By contrast, it entails much broader dimensions pertaining to how users approach technology and understand the risks for the data they enter. For example, users may express cautious or distracted personas depending on the service and the point in time; further, pre-established paths of practice may lead them to neglect the intrusive privacy policy offered by a service, or the outdated protections adopted by another. The approach that sees the service security and privacy problem as a socio-technical one needs consolidation. With this motivation, the article makes a threefold contribution. It reviews the existing literature on service security and privacy, especially from the socio-technical standpoint. Further, it outlines a general research methodology aimed at layering the problem appropriately, at suggesting how to position existing findings, and ultimately at indicating where a transdisciplinary task force may fit in. The article concludes with the description of the three challenge domains of services whose security and privacy we deem open socio-technical problems, not only due to their inherent facets but also to their huge number of users.
Disciplines :
Computer science
Author, co-author :
Bella, Giampaolo;  Univ Catania, Dipartimento Matemat & Informat, Catania, Italy.
Curzon, Paul;  Queen Mary Univ London, Sch Elect Engn & Comp Sci, London, England.
Lenzini, Gabriele ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
External co-authors :
yes
Language :
English
Title :
Service security and privacy as a socio-technical problem
Publication date :
2015
Journal title :
Journal of Computer Security
ISSN :
0926-227X
Publisher :
Ios Press, Amsterdam, Unknown/unspecified
Volume :
23
Issue :
5
Pages :
563-585
Peer reviewed :
Peer Reviewed verified by ORBi
Available on ORBilu :
since 10 March 2016

Statistics


Number of views
115 (8 by Unilu)
Number of downloads
577 (7 by Unilu)

Scopus citations®
 
11
Scopus citations®
without self-citations
7

Bibliography


Similar publications



Contact ORBilu