Designing and aligning e-Science security culture with design

Authors: Faily, S. and Fléchais, I.

Journal: Information Management and Computer Security

Volume: 18

Issue: 5

Pages: 339-349

ISSN: 0968-5227

DOI: 10.1108/09685221011095254

Abstract:

Purpose: The purpose of this paper is to identify the key cultural concepts effecting security in multi-organisational systems and align these with design techniques and tools. Design/methodology/approach: A grounded theory model of security culture was derived from the related security culture literature and empirical data from an e-Science project. Influencing concepts were derived from these and aligned with recent work on techniques and tools for usable secure systems design. Findings: Roles and responsibility, sub-cultural norms and contexts, and different perceptions of requirements were found to be influencing concepts towards a culture of security. These concepts align with recent work on personas, environment models, and related tool support. Originality/value: This paper contributes a theoretically and empirically grounded model of security culture. This is also the first paper explicitly aligning key concepts of security culture to design techniques and tools. © Emerald Group Publishing Limited.

Source: Scopus