Andrew M'manga
Rationalising decision-making about risk: a normative approach.
M'manga, Andrew; Faily, Shamal; McAlaney, John; Williams, Chris
Authors
Shamal Faily
John McAlaney
Chris Williams
Contributors
Nathan L. Clarke
Editor
Steven M. Furnell
Editor
Abstract
Techniques for determining and applying security decisions typically follow risk-based analytical approaches where alternative options are put forward and weighed in accordance to risk severity metrics based on goals and context. The reasoning or validity behind decision making can, however, prove difficult to determine in conditions characterised by uncertainty stemming from environments with insufficient or incoherent information. This paper approaches the problem by proposing a conceptual model that provides security decision making traceability through auditing decision makers' rationalisation of risk. Additionally, the model highlights the role metacognition plays in identifying and understanding information affordances used for decision making.
Citation
M'MANGA, A., FAILY, S., MCALANEY, J. and WILLIAMS, C. 2018. Rationalising decision-making about risk: a normative approach. In Clarke, N.L. and Furnell, S.M. (eds.) Proceedings of the 12th International symposium on human aspects of information security and assurance (HAISA 2018), 29-31 August 2018, Dundee, UK. Plymouth: University of Plymouth, pages 263-271. Hosted on the CSCAN Archive [online]. Available from: https://www.cscan.org/?page=openaccess&eid=20&id=395
Conference Name | 12th International symposium on human aspects of information security and assurance (HAISA 2018) |
---|---|
Conference Location | Dundee, UK |
Start Date | Aug 29, 2018 |
End Date | Aug 31, 2018 |
Acceptance Date | Jul 16, 2018 |
Publication Date | Dec 31, 2018 |
Deposit Date | Sep 19, 2021 |
Publicly Available Date | Mar 28, 2024 |
Publisher | University of Plymouth |
Pages | 263-271 |
ISBN | 9780244402549 |
Keywords | Systems security; Security risk analysis; User behaviour; Human-computer interaction (HCI); Decision-making |
Public URL | https://rgu-repository.worktribe.com/output/1437869 |
Publisher URL | https://www.cscan.org/?page=openaccess&eid=20&id=395 |
Files
M'MANGA 2018 Rationalising decision-making
(794 Kb)
PDF
You might also like
Programming language evaluation criteria for safety-critical software in the air domain.
(2022)
Conference Proceeding
Privacy goals for the data lifecycle.
(2022)
Journal Article
Automation and cyber security risks on the railways: the human factors implications.
(2022)
Presentation / Conference
Integrated design framework for facilitating systems-theoretic process analysis.
(2022)
Conference Proceeding
Cybersecurity user requirements analysis: the ECHO approach.
(2022)
Conference Proceeding
Downloadable Citations
About OpenAIR@RGU
Administrator e-mail: publications@rgu.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search