(2006), "International Conference on Human Aspects of Information Security and Assurance (HAISA 2007)", Information Management & Computer Security, Vol. 14 No. 5. https://doi.org/10.1108/imcs.2006.04614eaa.004Download as .RIS
Emerald Group Publishing Limited
Copyright © 2006, Emerald Group Publishing Limited
International Conference on Human Aspects of Information Security and Assurance (HAISA 2007)
International Conference on Human Aspects of Information Security and Assurance (HAISA 2007),10-12 July 2007, Plymouth, UK
It is commonly acknowledged that security requirements cannot be addressed by technical means alone, and that a significant aspect of protection comes down to the attitudes, awareness, behaviour and capabilities of the people involved. Indeed, people can potentially represent a key asset in achieving security, but at present, factors such as lack of awareness and understanding, combined with unreasonable demands from security technologies, can dramatically impede their ability to do so. Ensuring appropriate attention and support for the needs of users should therefore be seen as a vital element of a successful security strategy. People at all levels (i.e. from organisations to domestic environments; from system administrators to end- users) need to understand security concepts, how the issues may apply to them, and how to use the available technology to protect their systems. In addition, the technology itself can make a contribution by reducing the demands upon users, simplifying protection measures, and automating a variety of safeguards.
With the above in mind, this conference specifically addresses information security issues that relate to people. It concerns the methods that inform and guide users' understanding of security, and the technologies that can benefit and support them in achieving protection. The conference welcomes papers addressing research and case studies in relation to any aspect of information security that pertains to the attitudes, perceptions and behaviour of people, and how human characteristics or technologies may be positively modified to improve the level of protection. Indicative themes include:
information security culture; awareness and education methods; enhancing risk perception; public understanding of security; usable security; psychological models of security software usage; user acceptance of security policies and technologies; user-friendly authentication methods; biometric technologies and impacts; automating security functionality; non-intrusive security; assisting security administration; impacts of standards, policies, compliance requirements; organizational governance for information assurance; simplifying risk and threat assessment; understanding motivations for misuse; social engineering and other human-related risks; privacy attitudes and practices; and computer ethics and security.
Authors are invited to submit full papers, not exceeding ten pages (including all figures, tables and references) by 1 December 2006. Comprehensive author guidelines, including details of acceptable file formats, can be found on the conference web site.