Designing and Aligning e-Science Security Culture with Design.
This data was imported from DBLP:
Authors: Faily, S. and Flechais, I.
Journal: Inf. Manag. Comput. Security
This data was imported from Scopus:
Authors: Faily, S. and Fléchais, I.
Journal: Information Management and Computer Security
Purpose: The purpose of this paper is to identify the key cultural concepts effecting security in multi-organisational systems and align these with design techniques and tools. Design/methodology/approach: A grounded theory model of security culture was derived from the related security culture literature and empirical data from an e-Science project. Influencing concepts were derived from these and aligned with recent work on techniques and tools for usable secure systems design. Findings: Roles and responsibility, sub-cultural norms and contexts, and different perceptions of requirements were found to be influencing concepts towards a culture of security. These concepts align with recent work on personas, environment models, and related tool support. Originality/value: This paper contributes a theoretically and empirically grounded model of security culture. This is also the first paper explicitly aligning key concepts of security culture to design techniques and tools. © Emerald Group Publishing Limited.