Technical Reports
HPL-2011-36
Click here for full text:
Systematic Decision Making in Security Management Modelling Password Usage and Support
Arnell, Simon; Beautement, Adam; Inglesant, Philip; Monahan, Brian; Pym, David; Sasse, Angela
HP Laboratories
HPL-2011-36
Keyword(s): security analytics, security management, economics, password
Abstract: We demonstrate the use of a systematic decision-making methodology to support an informed choice of a password policy. Our approach uses an executable system model, grounded with empirical data, to compare, using simulations, two options. The basis of the comparison is a notion of organizational utility. Using our results, we are able to explore trade-offs between breaches of system security, users' productivity, and investment in support operations.
31 Pages
External Posting Date: March 21, 2011 [Fulltext]. Approved for External Publication
Internal Posting Date: March 21, 2011 [Fulltext]