Deakin University
Browse

File(s) under permanent embargo

Foreword from the Programme Chairs

Version 2 2024-06-18, 21:24
Version 1 2020-06-29, 13:55
conference contribution
posted on 2024-06-18, 21:24 authored by T Tryfonas, D Ashenden
It is no longer to be disputed that security and trust are inherently interdisciplinary, both if looked at as problems to solve or as properties to enforce. If we consider them as problems, then we must keep a broad eye at how the technical system intertwines with their users, whose paths of practice could be driven by a plethora of factors. Some come from society, its social, psychological, ethical and legal inputs, others come from the individual features, and all intertwine shaping up the persona that each individual exhibits in front of a specific piece of technology at a specific occasion. Even looking at security and trust as properties at the abstract level, perhaps separately from a socio-technical system that might benefit from them, they must be reviewed to account for the human factor. For example, secrecy in traditional (technological) terms will not stand blatant human behaviour that shares passwords. The "law" comes into play here, for example with the article 32 (1) of the General Data Protection Regulation (EU Regulation 679/2016) calling for "appropriate technical and organisational measures to ensure a level of security appropriate to the risk". And it is then the turn of the ISO/OSI 27000 series standards, stating more specific measures and how to conduct security risk assessment. The human factor reiterates here. Even a security risk assessment exercise ought to be specifically tailored to threats that manifest that human factor. For example, the risk of password sharing or reuse over different platforms cannot be assessed by any clever methodology without due consideration of how humans approach this particular technological item. So, we are, once more this year, advocating a socio-technical approach to establishing security and trust --- at any rate, at any level. And we are confident that (also) this year's programme goes straight in this direction

History

Pagination

iv-iv

Location

San Juan, Puerto Rico

Start date

2018-12-04

End date

2018-12-04

ISBN-13

9781450372855

Language

eng

Publication classification

EN.1 Other conference paper

Copyright notice

2020, ACM

Editor/Contributor(s)

Bella G, Lenzini G

Title of proceedings

STAST 2018: Proceedings of the 8th Workshop on Socio-Technical Aspects in Security and Trust

Event

STAST Socio-Technical Aspects in Security and Trust. Workshop (2018 : 8th : San Juan, Puerto Rico)

Publisher

Association for Computing Machinery (ACM)

Place of publication

New York, N.Y.

Usage metrics

    Research Publications

    Categories

    No categories selected

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC