Reference : Service security and privacy as a socio-technical problem
Scientific journals : Article
Engineering, computing & technology : Computer science
http://hdl.handle.net/10993/25412
Service security and privacy as a socio-technical problem
English
Bella, Giampaolo [Univ Catania, Dipartimento Matemat & Informat, Catania, Italy.]
Curzon, Paul [Queen Mary Univ London, Sch Elect Engn & Comp Sci, London, England.]
Lenzini, Gabriele mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) >]
2015
JOURNAL OF COMPUTER SECURITY
Ios Press
23
5
563-585
Yes
International
0926-227X
Amsterdam
[en] Security ceremony ; concertina ; cloud ; cybersecurity ; modelling ; analysis ; verification ; awareness
[en] The security and privacy of the data that users transmit, more or less deliberately, to modern services is an open problem. It is not solely limited to the actual Internet traversal, a sub-problem vastly tackled by consolidated research in security protocol design and analysis. By contrast, it entails much broader dimensions pertaining to how users approach technology and understand the risks for the data they enter. For example, users may express cautious or distracted personas depending on the service and the point in time; further, pre-established paths of practice may lead them to neglect the intrusive privacy policy offered by a service, or the outdated protections adopted by another. The approach that sees the service security and privacy problem as a socio-technical one needs consolidation. With this motivation, the article makes a threefold contribution. It reviews the existing literature on service security and privacy, especially from the socio-technical standpoint. Further, it outlines a general research methodology aimed at layering the problem appropriately, at suggesting how to position existing findings, and ultimately at indicating where a transdisciplinary task force may fit in. The article concludes with the description of the three challenge domains of services whose security and privacy we deem open socio-technical problems, not only due to their inherent facets but also to their huge number of users.
http://hdl.handle.net/10993/25412
10.3233/JCS-150536

File(s) associated to this reference

Fulltext file(s):

FileCommentaryVersionSizeAccess
Open access
Service security and privacy.pdfPublisher postprint375.32 kBView/Open

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.