SECReT 2010 PhD projects
- Metal oxide semiconductor gas sensors as an electronic nose for the detection of microbial agents
- What are the factors that make communities vulnerable to, or resistant against, the emergence of radicalising settings?
- Covert taggant nanoparticle inks - discovery, process and product development, and analysis for sustainability and efficiency
- Diffusion processes of political violence: The role of information
- Engineering IT risk awareness, education and training
- Three-dimentional imaging of baggage for security applications.
- Understanding the traffic-driven epidemic spreading in scale-free networks
- Optimal search and detection of targets in an uncertain environment using unmanned aerial vehicle
- Explosive residue: Evaluation and optimisation of detection and sampling procedures
- Forecasting adversary’s scenarios: Systemic competitive red teaming
- Secure digital archive and web search using a Probably Approximately Correct architecture
- Mobilising community resilience through techno-social innovation
- Numerical modelling/empirical analysis of civil conflict
- Landmine, IED, UXO Detection using Ground Penetrating Radar from an Unmanned Aerial Vehicle
- Towards a usable and less disruptive security in the workplace
- Securing from exploits using information theoretical techniques
- Crime drop in Chile: Searching for causes and mechanisms
- Inferring user behaviour despite wireless network encryption
- The Chain of Evidence - a critical appraisal of the applicability and validity of forensic research and the usability of forensic evidence
Towards a usable and less disruptive security in the workplace
7 March 2012
My PhD research will explore employees’ coping techniques with regard to security procedures. I will look at the problem at two levels. Firstly, at the Human-Computer Interaction (HCI) level, people often do not comply with security procedures because they find them too tiresome and hard to comprehend. Previous research has introduced the notion of ‘compliance budget’ to describe the decision employees make when weighting the costs and benefits of following a security procedure.
Often, there is a trade-off between productivity and security. In what follows, this project will aim to develop more usable computer interfaces to make security seamlessly fit into employees’ usual activities and make it significantly less interfering with business processes. Secondly, there are changes needed in terms of staff’s perception of security. Employees need training to better understand risks and start to think about security as something valuable rather than bothersome.
In terms of EPSRC’s mission and vision, this project will make a step towards a more usable security and at the same time, advance people’s understanding of computer security. Its aim is to diminish information leakage, loss and theft due to mistakes made by insiders. Part of this project will involve liaising with organisations from the public and private sector which will add value to the outcomes of the project and enable a quick implementation of proposed solutions.