CT-ISG: Violations in computer and information security
University Of Wisconsin-Madison, Madison WI
Investigators
Abstract
PROJECT ABSTRACT CT proposal #0627682 "Violations in computer and information security" Anchored in the human factors engineering discipline, this research explores systematically the reasons or factors contributing to computer and information security (CIS) violations. The focus is on CIS violations committed by network administrators. A mixed-methods research approach combines qualitative (focus groups) and quantitative (survey) research in order to understand CIS violations, their consequences and the factors contributing to violations, and to develop solutions to deal with CIS violations. This research can help identify solutions for improving CIS-related behaviors of network administrators (i.e. reducing the occurrence of violations or mitigating their impact on CIS vulnerabilities). This research can shed light on the human factors involved in CIS, in particular the role of wrongful behaviors (i.e. violations) of network administrators and methods for dealing with those violations. The proposed research effort takes advantage of the expertise in computer and information security of Sami Saydjari, president of the Cyber Defense Agency (CDA). The collaboration with the University of Wisconsin E-Business Institute will strengthen the dissemination efforts, such as the organization of a workshop for companies to learn about human factors in CIS. This research will also contribute to the training of diverse undergraduate and graduate students in industrial and systems engineering (ISyE). Several links between the research and teaching activities will be organized, in particular with the ISyE courses taught by the PI (Carayon) and the co-PI (Veeramani). The publication plan contributes to the dissemination of information on this research to several communities (e.g., computer security, human factors engineering).
View original record on NSF Award Search →