Toggle Main Menu Toggle Search

Open Access padlockePrints

Computer security impaired by legitimate users

Lookup NU author(s): Dr Denis Besnard, Dr Leonardus Arief



Computer security has traditionally been assessed from a technical point of view. Another way to assess it is by investigating the role played by legitimate users of systems in impairing the level of protection. In order to address this issue, we wish to adopt a multidisciplinary standpoint and investigate some of the human aspects involved in computer security. From research in psychology, it is known that people make biased decisions. They sometimes overlook rules in order to gain maximum benefits for the cost of a given action. This situation leads to insidious security lapses whereby the level of protection is traded-off against usability. In this paper, we highlight the cognitive processes underlying such security impairments. At the end of the paper, we propose a short usability-centred set of recommendations. © 2004 Elsevier Ltd. All rights reserved.

Publication metadata

Author(s): Besnard D, Arief B

Publication type: Review

Publication status: Published

Journal: Computers and Security

Year: 2004

Volume: 23

Issue: 3

Pages: 253-264

ISSN (print): 0167-4048

ISSN (electronic): 1872-6208


DOI: 10.1016/j.cose.2003.09.002