Friday, June 14, 2019

Computer Security Essay Example | Topics and Well Written Essays - 2250 words

Computer Security - Essay ExampleOne study was done by a group of academicians. The second study was done by computer hostage professionals. One is a seminal work carried out by Farzeneh Asghapour, Debin Lin and Jean camping ground (2007) in assessing the indirect and implicit use of affable regulates applied to computer pledge. Asghapour et. al., (2007) did three experiments which revealed cor reacting results. First, the experiments showed that for a set of security risks, the self-identified security experts and non-experts exhibit circumstantial mental models. Second, a brand of expertise increases the distance between the mental models of non-experts and experts. Finally, the utilization of models through metaphors did not correspond to metaphors that are similar the mental models of simpleton users. The second study on computer security done by Stuart Schechter and Daniel metalworker tackled the kind of security required to protect a packaged transcription which is prese nt in large organizations from thieves who would plot a vulnerability to attack multiple installations. Both studies are similar since they relay the importance of computer security in organizations.The main theme of Asghapour and her co-researchers were to emphasize the importance of effective security risk communication. The researchers argue that this requires both communicating risk information and motivating the impound risk behaviors. The crucial argument is that the purpose of risk communication is not transmitting truth to the users, but training them to take an appropriate move to respond against a certain threat to their system. Similarly, Schechter and David present an economic threat modeling as a measure for understanding adversaries who are attracted for financial gain. They did a numerical model on thieves outside the target organization who would enter through a simple vulnerability in one of the target companys packaged systems. This model can determine what these thieves are willing to pay for system vulnerabilities and how secure the system should be to withstand any form of theft. The main methodology of Asghapour and her co-researchers were to get a line implicit mental models for computer security which makes these explicit and run a test for mental models for fit for risk communication. They also aim to utilize the mental models in a rational manner to address risk communication to non-expert computer users. The researchers pointed out that a mental model is an internal concept of a given process. This concept is case specific and may depend on life experience, description of the risk, type of risk, and information processing strategies. In contrast, the methodology of Stuart Schechter and David Smith in their computer security study was to project economic threat models. The economic threat models they designed were meant to answer these questions a.) who profits from a computer security attack on a given company and b.) what is the c hoice of attack The threat models enable them to pinpoint the adversary and the respective motivation of those. CONCEPTUAL good example Ashgapour and her co-researchers (2007) determined the scope of mental models which are used in the computer security profession. They chose five conceptual models implicit in language and explicit in metaphors physical safety, medical infections, criminal behavior, warfare and economic failure. Physical safety refers to keys, safe

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.