2014

chapter in monograph

english

EN The purpose of the paper is to show some examples of human behaviour impact on data protec-tion and to try to determine a set of different sources of human negative impact related to such securi-ty areas as: general models, risk analysis, authentication (with special emphasis on some innovative methods and tools). Mobile devices and wireless transmission systems are of particular interest here. Unfortunately, some security researchers focus only on technological issues and qualitative measures (e.g. encryption key length, password length, fault rate) of data security. Human factor should not be excluded. A lot of research is dedicated to a single security factor, e.g. a new protection method, secu-rity protocol. Here, we try to incorporate more complete approach – discussing technology issues to-gether with human behaviour. The results show that there are many different sources of human de-structive impact on data protection. They are related to awareness, human behaviour, errors in risk perception, lack of security policy compliance. The paper should be of interest to many different groups of people, among them are researchers, designers, policy makers and users of security systems. The paper links different findings and research results from diverse areas: models of security systems, standards, technology, behavioural sciences. Linking the diverse areas we may increase security level. The paper offers a useful starting point for further research in the area.

89 - 98

Information Systems Architecture and Technology : Contemporary Approaches to Design and Evaluation of Information Systems