{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,30]],"date-time":"2026-01-30T03:39:13Z","timestamp":1769744353683,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":43,"publisher":"ACM","license":[{"start":{"date-parts":[[2010,9,21]],"date-time":"2010-09-21T00:00:00Z","timestamp":1285027200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2010,9,21]]},"DOI":"10.1145\/1900546.1900553","type":"proceedings-article","created":{"date-parts":[[2010,12,20]],"date-time":"2010-12-20T16:13:47Z","timestamp":1292861627000},"page":"33-50","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":35,"title":["A stealth approach to usable security"],"prefix":"10.1145","author":[{"given":"Simon","family":"Parkin","sequence":"first","affiliation":[{"name":"Newcastle University, Newcastle, United Kingdom"}]},{"given":"Aad","family":"van Moorsel","sequence":"additional","affiliation":[{"name":"Newcastle University, Newcastle, United Kingdom"}]},{"given":"Philip","family":"Inglesant","sequence":"additional","affiliation":[{"name":"University College London, London, United Kingdom"}]},{"given":"M. Angela","family":"Sasse","sequence":"additional","affiliation":[{"name":"University College London, London, United Kingdom"}]}],"member":"320","published-online":{"date-parts":[[2010,9,21]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/1626195.1626209"},{"key":"e_1_3_2_1_2_1","volume-title":"Proceedings of the 4th International Conference on Software and Data Technologies (ICSOFT)","author":"Stepanova D.","year":"2009","unstructured":"D. Stepanova , S. Parkin , and A. van Moorsel , \" A Knowledge Base for Justified Information Security Decision-Making\" , Proceedings of the 4th International Conference on Software and Data Technologies (ICSOFT) , July 2009 D. Stepanova, S. Parkin, and A. van Moorsel, \"A Knowledge Base for Justified Information Security Decision-Making\", Proceedings of the 4th International Conference on Software and Data Technologies (ICSOFT), July 2009"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/1873561.1873566"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/508171.508187"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1108\/09685220710831116"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/322796.322806"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/1595676.1595684"},{"key":"e_1_3_2_1_8_1","volume-title":"SOUPS Workshop on IT Security Management (USM)","author":"Jaferian P.","year":"2008","unstructured":"P. Jaferian , D. Botta , K. Hawkey , K. Besnosov , \" Design Guidelines for IT Security Management Tools\" , SOUPS Workshop on IT Security Management (USM) , 2008 P. Jaferian, D. Botta, K. Hawkey, K. Besnosov, \"Design Guidelines for IT Security Management Tools\", SOUPS Workshop on IT Security Management (USM), 2008"},{"key":"e_1_3_2_1_9_1","first-page":"A45","volume-title":"38th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN 2008","author":"Coles R.","year":"2008","unstructured":"R. Coles , J. Griffin , H. Johnson , B. Monahan , S.E. Parkin , D. Pym , M.A. Sasse , A. van Moorsel , \" Trust Economics Feasibility Study\" , In 38th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN 2008 ), IEEE Computer Society , pp A45 - A50 , 2008 R. Coles, J. Griffin, H. Johnson, B. Monahan, S.E. Parkin, D. Pym, M.A. Sasse, A. van Moorsel, \"Trust Economics Feasibility Study\", In 38th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN 2008), IEEE Computer Society, pp A45-A50, 2008"},{"key":"e_1_3_2_1_10_1","volume-title":"Workshop on Economics in Information Security (WEIS)","author":"Beautement A.","year":"2008","unstructured":"A. Beautement , R. Coles , J. Griffin , B. Monahan , D. Pym , M.A. Sasse , M. Wonham , \" Modelling the Human and Technological Costs and Benefits of USB Memory Stick Security\" , Workshop on Economics in Information Security (WEIS) , 2008 A. Beautement, R. Coles, J. Griffin, B. Monahan, D. Pym, M.A. Sasse, M. Wonham, \"Modelling the Human and Technological Costs and Benefits of USB Memory Stick Security\", Workshop on Economics in Information Security (WEIS), 2008"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/133160.133216"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/1477973.1477983"},{"key":"e_1_3_2_1_13_1","volume-title":"Human Aspects of Information Security and Assurance (HAISA'08)","author":"Werlinger R.","year":"2008","unstructured":"R. Werlinger , K. Hawkey , and K. Beznosov , \" Human, Organizational and Technological Challenges of Implementing IT Security in Organizations \", Human Aspects of Information Security and Assurance (HAISA'08) , Plymouth , UK , July 2008 ,. 35--48. R. Werlinger, K. Hawkey, and K. Beznosov, \"Human, Organizational and Technological Challenges of Implementing IT Security in Organizations\", Human Aspects of Information Security and Assurance (HAISA'08), Plymouth, UK, July 2008,. 35--48."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10207-009-0084-3"},{"key":"e_1_3_2_1_15_1","volume-title":"ISACA","author":"An ISACA","year":"2009","unstructured":"ISACA , \" An Introduction to the Business Model for Information Security \", ISACA , 2009 ISACA, \"An Introduction to the Business Model for Information Security\", ISACA, 2009"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1147\/sj.462.0205"},{"key":"e_1_3_2_1_17_1","volume-title":"Proc. Of the 5th International Workshop on Business-driven IT Management, IEEE","author":"Beresnevichiene Y.","year":"2010","unstructured":"Y. Beresnevichiene , D. Pym , and S. Shiu , \" Decision Support for Systems Security Investment\", To Appear , Proc. Of the 5th International Workshop on Business-driven IT Management, IEEE , 2010 Y. Beresnevichiene, D. Pym, and S. Shiu, \"Decision Support for Systems Security Investment\", To Appear, Proc. Of the 5th International Workshop on Business-driven IT Management, IEEE, 2010"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"crossref","DOI":"10.1017\/CBO9781139173933","volume-title":"The Adaptive Decision Maker","author":"Payne J. W.","year":"1993","unstructured":"J. W. Payne , J. R. Bettman , and E. J. Johnson , \" The Adaptive Decision Maker \". New York : Cambridge University Press , 1993 J. W. Payne, J. R. Bettman, and E. J. Johnson, \"The Adaptive Decision Maker\". New York: Cambridge University Press, 1993"},{"key":"e_1_3_2_1_19_1","volume-title":"A Practical Guide through Qualitative Analysis","author":"Charmaz K.","year":"2006","unstructured":"K. Charmaz , \" Constructing Grounded Theory : A Practical Guide through Qualitative Analysis \", Sage Publications , London UK , 2006 K. Charmaz, \"Constructing Grounded Theory: A Practical Guide through Qualitative Analysis\", Sage Publications, London UK, 2006"},{"key":"e_1_3_2_1_20_1","volume-title":"http:\/\/www.hpl.hp.com\/research\/systems_security\/gnosis.html","author":"Development Company Hewlett Packard","year":"2010","unstructured":"Hewlett Packard Development Company , L.P. , \"A brief introduction to structured modelling with Core Gnosis\" , http:\/\/www.hpl.hp.com\/research\/systems_security\/gnosis.html , 2010 , last viewed 13\/02\/10 Hewlett Packard Development Company, L.P., \"A brief introduction to structured modelling with Core Gnosis\", http:\/\/www.hpl.hp.com\/research\/systems_security\/gnosis.html, 2010, last viewed 13\/02\/10"},{"key":"e_1_3_2_1_21_1","volume-title":"Cyber Security Knowledge Transfer Network (KTN)","author":"KTN Human Factors Working Group","year":"2007","unstructured":"KTN Human Factors Working Group , \" Human Vulnerabilities in Security Systems : White Paper \", Cyber Security Knowledge Transfer Network (KTN) , 2007 KTN Human Factors Working Group, \"Human Vulnerabilities in Security Systems: White Paper\", Cyber Security Knowledge Transfer Network (KTN), 2007"},{"key":"e_1_3_2_1_22_1","unstructured":"Electric Alchemy Limited \"Cracking Passwords in the Cloud: Insights on Password Policies\" http:\/\/news.electricalchemy.net\/2009\/10\/password-cracking-in-cloud-part-5.html last viewed 2002\/10  Electric Alchemy Limited \"Cracking Passwords in the Cloud: Insights on Password Policies\" http:\/\/news.electricalchemy.net\/2009\/10\/password-cracking-in-cloud-part-5.html last viewed 2002\/10"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/304851.304859"},{"key":"e_1_3_2_1_24_1","volume-title":"Proceedings of the 8th conference on USENIX Security Symposium -","volume":"8","author":"Whitten A.","year":"1999","unstructured":"A. Whitten , J. D. Tygar , \" Why Johnny can't encrypt : a usability evaluation of PGP 5.0 \". Proceedings of the 8th conference on USENIX Security Symposium - Volume 8 , 1999 A. Whitten, J. D. Tygar, \"Why Johnny can't encrypt: a usability evaluation of PGP 5.0\". Proceedings of the 8th conference on USENIX Security Symposium - Volume 8, 1999"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1023\/A:1011902718709"},{"issue":"10","key":"e_1_3_2_1_26_1","first-page":"291","article-title":"An Introduction to the Human Applications Standard Computer Interface: Part 1: Theory and Principles","volume":"7","author":"Rutkowski C.","year":"1982","unstructured":"C. Rutkowski , \" An Introduction to the Human Applications Standard Computer Interface: Part 1: Theory and Principles \", Byte Vol 7 , Number 10 , ( October 1982 ), 291 -- 310 C. Rutkowski, \"An Introduction to the Human Applications Standard Computer Interface: Part 1: Theory and Principles\", Byte Vol 7, Number 10, (October 1982), 291--310","journal-title":"Byte"},{"key":"e_1_3_2_1_27_1","volume-title":"Proceedings of the 9th conference on USENIX Security Symposium -","volume":"9","author":"Dhamija R.","year":"2000","unstructured":"R. Dhamija , A. Perrig , \" D\u00e9j\u00e0 Vu : a user study using images for authentication \", Proceedings of the 9th conference on USENIX Security Symposium - Volume 9 , 2000 R. Dhamija, A. Perrig, \"D\u00e9j\u00e0 Vu: a user study using images for authentication\", Proceedings of the 9th conference on USENIX Security Symposium - Volume 9, 2000"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/1719030.1719050"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.ijhcs.2005.04.010"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/1753326.1753491"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1007\/s11042-006-0074-7"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/1146269.1146282"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/1719030.1719043"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/1753326.1753384"},{"key":"e_1_3_2_1_35_1","unstructured":"Newcastle University \"Trust Economics Economically justified security investments\" http:\/\/www.trust-economics.org\/ last viewed 15\/04\/10  Newcastle University \"Trust Economics Economically justified security investments\" http:\/\/www.trust-economics.org\/ last viewed 15\/04\/10"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/1242572.1242661"},{"key":"e_1_3_2_1_37_1","unstructured":"C. M. Karat C. Brodie J. Karat \"Usability Design and Evaluation for Privacy and Security Solutions\" Ch 4 Security and Usability O'Reilly 2005  C. M. Karat C. Brodie J. Karat \"Usability Design and Evaluation for Privacy and Security Solutions\" Ch 4 Security and Usability O'Reilly 2005"},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1016\/S1754-4548(07)70041-4"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1207\/s15327051hci0403_1"},{"key":"e_1_3_2_1_40_1","unstructured":"British Standards Institution \"BS ISO\/IEC 27001:2005 - Information Technology -- Security Techniques - Information Security Management Systems -- Requirements\" 2005  British Standards Institution \"BS ISO\/IEC 27001:2005 - Information Technology -- Security Techniques - Information Security Management Systems -- Requirements\" 2005"},{"key":"e_1_3_2_1_41_1","volume-title":"Proc. Of the 8th Conference on USENIX Security Symposium","author":"Whitten A.","year":"1999","unstructured":"A. Whitten , J.D. Tygar , \" Why Johnny Can't Encrypt : a Usability Evaluation of PGP 5.0 \", Proc. Of the 8th Conference on USENIX Security Symposium , 1999 A. Whitten, J.D. Tygar, \"Why Johnny Can't Encrypt: a Usability Evaluation of PGP 5.0\", Proc. Of the 8th Conference on USENIX Security Symposium, 1999"},{"key":"e_1_3_2_1_42_1","volume-title":"Workshop on Usable IT Security Management (USM '07), held in conjunction with the Symposium on Usable Security and Privacy (SOUPS 2007","author":"Chiasson S.","year":"2007","unstructured":"S. Chiasson , R. Biddle , and A. Somayaji , \" Even Experts Deserve Usable Security: Design guidelines for security managements systems \", Workshop on Usable IT Security Management (USM '07), held in conjunction with the Symposium on Usable Security and Privacy (SOUPS 2007 ), Pittsburgh, PA, USA , July 2007 S. Chiasson, R. Biddle, and A. Somayaji, \"Even Experts Deserve Usable Security: Design guidelines for security managements systems\", Workshop on Usable IT Security Management (USM '07), held in conjunction with the Symposium on Usable Security and Privacy (SOUPS 2007), Pittsburgh, PA, USA, July 2007"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.4108\/ICST.SIMUTOOLS2010.8631"}],"event":{"name":"NSPW '10: 2010 New Security Paradigms Workshop","location":"Concord Massachusetts USA","acronym":"NSPW '10","sponsor":["ACSA Applied Computing Security Assoc"]},"container-title":["Proceedings of the 2010 New Security Paradigms Workshop"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1900546.1900553","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1900546.1900553","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T10:52:53Z","timestamp":1750243973000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1900546.1900553"}},"subtitle":["helping IT security managers to identify workable security solutions"],"short-title":[],"issued":{"date-parts":[[2010,9,21]]},"references-count":43,"alternative-id":["10.1145\/1900546.1900553","10.1145\/1900546"],"URL":"https:\/\/doi.org\/10.1145\/1900546.1900553","relation":{},"subject":[],"published":{"date-parts":[[2010,9,21]]},"assertion":[{"value":"2010-09-21","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}