Computer security: The long road ahead

Paans, Ronald; Herschberg, I.S.

doi:10.1016/0167-4048(87)90013-7

Cited by 21 publications

(13 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…It has been suggested that password characteristics affect memorizability [2,33,28,45,46]. Consequently, it follows that ifa password is difficult to remember it will be written down [3,27,28,52].…”

Section: Relationship Between Password Characteristics and Memorizabimentioning

confidence: 99%

“…A password that is difficult to remember invites users to write it down, ensuring they will not forget it but compromising its secrecy [45]. On the other hand, if a difficult password is not written down, it may well be forgotten, resulting in serious inconve-nience [I, 3).…”

Section: Evolution Of Passwordsmentioning

confidence: 99%

“…PASSWORD SECURITY 167 The next set of hypotheses investigates possible relationships between password characteristics and their memorizability and the tendency to write down passwords. It has been suggested that password characteristics affect memorizability [2,3,28,45,46]. It follows that, if a password is difficult to remember, it will be written down [3,27,28,64].…”

Section: Key Issues and Exploration Hypothesesmentioning

confidence: 99%

See 2 more Smart Citations

Password Security: An Empirical Study

Zviran

Haga

1999

Journal of Management Information Systems

181

125

View full text Add to dashboard Cite

Organizations are more dependent than ever on the reliable operation of their information systems, which have become a key to their success and effectiveness. While the growing dependence on information systems creates an urgent need to collect information and make it accessible, the proliferation of computer technology has also spawned opportunities for ill-intentioned individuals to violate the information systems' integrity and validity.One of the most common control mechanisms for authenticating users of computerized information systems is the use of passwords. However, despite the widespread use of passwords, little attention has been given to the characteristics of their actual use. This paper addresses the gap in evaluating the characteristics of real-life passwords and presents the results of an empirical study on password usage. It investigates the core characteristics of user-generated passwords and associations among those characteristics.

show abstract

Section: Relationship Between Password Characteristics and Memorizabimentioning

confidence: 99%

Section: Evolution Of Passwordsmentioning

confidence: 99%

Section: Key Issues and Exploration Hypothesesmentioning

confidence: 99%

See 1 more Smart Citation

Password Security: An Empirical Study

Zviran

Haga

1999

Journal of Management Information Systems

181

125

View full text Add to dashboard Cite

show abstract

“…Such passwords are difficult to guess by others, but are difficult to remember. To remember them, users write them down [Paans and Herschberg, 1987], which reduces their secrecy. Moreover, most users have multiple passwords for different systems and applications, forcing them to remember several passwords [Adams and Sasse, 1999].…”

Section: Knowledge-based Authenticationmentioning

confidence: 99%

Identification and Authentication: Technology and Implementation Issues

Zviran¹,

Erlich²

2006

CAIS

View full text Add to dashboard Cite

Computer-based information systems in general, and Internet e-commerce and e-business systems in particular, employ many types of resources that need to be protected against access by unauthorized users. Three main components of access control are used in most information systems: identification, authentication, and authorization. In this paper we focus on authentication, which is the most problematic component. The three main approaches to user authentication are: knowledge-based, possession-based, and biometric-based. We review and compare the various authentication mechanisms of these approaches and the technology and implementation issues they involve. Our conclusion is that there is no silver bullet solution to user authentication problems. Authentication practices need improvement. Further research should lead to a better understanding of user behavior and the applied psychology aspects of computer security.

show abstract

“…End users at the workplace are said to be "the weakest link" in information systems (IS) security (Guo, Yuan, Archer, & Connelly, 2011;Paans & Herschberg, 1987). Early studies on data breaches have showed that many hackers turned out to be employees or insiders (Escamilla, 1998;Russell & Gangemi 1992, cited in Cavusoglu, Mishra, & Raghunathan, 2005.…”

Section: Introductionmentioning

confidence: 99%

Multiple Case Study Approach to Identify Aggravating Variables of Insider Threats in Information Systems

Nicho¹,

Kamoun²

2014

CAIS

View full text Add to dashboard Cite

Malicious insiders present a serious threat to information systems due to privilege of access, knowledge of internal computer resources, and potential threats on the part of disgruntled employees or insiders collaborating with external cybercriminals. Researchers have extensively studied insiders' motivation to attack from the broader perspective of the deterrence theory and have explored the rationale for employees to disregard/overlook security policies from the perspective of neutralization theory. This research takes a step further: we explore the aggravating variables of insider threat using a multiple case study approach. Empirical research using black hat analysis of three case studies of insider threats suggests that, while neutralization plays an important role in insider attacks, it takes a cumulative set of aggravating factors to trigger an actual data breach. By identifying and aggregating the variables, this study presents a predictive model that can guide IS managers to proactively mitigate insider threats. Given the economic and legal ramifications of insider threats, this research has implications relevant both for both academics and security practitioners.

show abstract

Computer security: The long road ahead

Cited by 21 publications

References 6 publications

Password Security: An Empirical Study

Password Security: An Empirical Study

Identification and Authentication: Technology and Implementation Issues

Multiple Case Study Approach to Identify Aggravating Variables of Insider Threats in Information Systems

Contact Info

Product

Resources

About