Seeing the full picture : The case for extending security ceremony analysis. / Bella, Giampaolo; Coles-Kemp, Lizzie.

Proceedings of 9th Australian Information Security Management Conference. 2011. p. 49-55.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Published

Standard

Seeing the full picture : The case for extending security ceremony analysis. / Bella, Giampaolo; Coles-Kemp, Lizzie.

Proceedings of 9th Australian Information Security Management Conference. 2011. p. 49-55.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Harvard

Bella, G & Coles-Kemp, L 2011, Seeing the full picture: The case for extending security ceremony analysis. in Proceedings of 9th Australian Information Security Management Conference. pp. 49-55.

APA

Bella, G., & Coles-Kemp, L. (2011). Seeing the full picture: The case for extending security ceremony analysis. In Proceedings of 9th Australian Information Security Management Conference (pp. 49-55)

Vancouver

Bella G, Coles-Kemp L. Seeing the full picture: The case for extending security ceremony analysis. In Proceedings of 9th Australian Information Security Management Conference. 2011. p. 49-55

Author

Bella, Giampaolo ; Coles-Kemp, Lizzie. / Seeing the full picture : The case for extending security ceremony analysis. Proceedings of 9th Australian Information Security Management Conference. 2011. pp. 49-55

BibTeX

@inproceedings{dde2dfb1706f4e4dab3024719d9d8c1c,
title = "Seeing the full picture: The case for extending security ceremony analysis",
abstract = "he concept of the security ceremony was introduced a few years ago to complement the concept of the security protocol with everything about the context in which a protocol is run. In particular, such context involves the human executors of a protocol. When including human actors, human protocols become the focus, hence the concept of the security ceremony can be seen as part of the domain of socio-technical studies. This paper addresses the problem of ceremony analysis lacking the full view of human protocols. This paper categorises existing security ceremony analysis work and illustrates how the ceremony picture could be extended to support a more comprehensive analysis. The paper explores recent weaknesses found on the Amazon's web interface to illustrate different approaches to the analysis of the full ceremony picture.",
author = "Giampaolo Bella and Lizzie Coles-Kemp",
year = "2011",
language = "English",
pages = "49--55",
booktitle = "Proceedings of 9th Australian Information Security Management Conference",

}

RIS

TY - GEN

T1 - Seeing the full picture

T2 - The case for extending security ceremony analysis

AU - Bella, Giampaolo

AU - Coles-Kemp, Lizzie

PY - 2011

Y1 - 2011

N2 - he concept of the security ceremony was introduced a few years ago to complement the concept of the security protocol with everything about the context in which a protocol is run. In particular, such context involves the human executors of a protocol. When including human actors, human protocols become the focus, hence the concept of the security ceremony can be seen as part of the domain of socio-technical studies. This paper addresses the problem of ceremony analysis lacking the full view of human protocols. This paper categorises existing security ceremony analysis work and illustrates how the ceremony picture could be extended to support a more comprehensive analysis. The paper explores recent weaknesses found on the Amazon's web interface to illustrate different approaches to the analysis of the full ceremony picture.

AB - he concept of the security ceremony was introduced a few years ago to complement the concept of the security protocol with everything about the context in which a protocol is run. In particular, such context involves the human executors of a protocol. When including human actors, human protocols become the focus, hence the concept of the security ceremony can be seen as part of the domain of socio-technical studies. This paper addresses the problem of ceremony analysis lacking the full view of human protocols. This paper categorises existing security ceremony analysis work and illustrates how the ceremony picture could be extended to support a more comprehensive analysis. The paper explores recent weaknesses found on the Amazon's web interface to illustrate different approaches to the analysis of the full ceremony picture.

M3 - Conference contribution

SP - 49

EP - 55

BT - Proceedings of 9th Australian Information Security Management Conference

ER -