{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,21]],"date-time":"2026-04-21T14:47:17Z","timestamp":1776782837155,"version":"3.51.2"},"publisher-location":"New York, NY, USA","reference-count":21,"publisher":"ACM","license":[{"start":{"date-parts":[[2018,4,10]],"date-time":"2018-04-10T00:00:00Z","timestamp":1523318400000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"Research Council of Norway","award":["247678"],"award-info":[{"award-number":["247678"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2018,4,10]]},"DOI":"10.1145\/3190619.3190633","type":"proceedings-article","created":{"date-parts":[[2018,4,11]],"date-time":"2018-04-11T12:31:17Z","timestamp":1523449877000},"page":"1-10","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":6,"title":["Understanding challenges to adoption of the Microsoft elevation of privilege game"],"prefix":"10.1145","author":[{"given":"Inger Anne","family":"T\u00f8ndel","sequence":"first","affiliation":[{"name":"Norwegian University of Science and Technology (NTNU), Trondheim, Norway"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Tosin Daniel","family":"Oyetoyan","sequence":"additional","affiliation":[{"name":"SINTEF Digital, Trondheim, Norway"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Martin Gilje","family":"Jaatun","sequence":"additional","affiliation":[{"name":"SINTEF Digital, Trondheim, Norway"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Daniela","family":"Cruzes","sequence":"additional","affiliation":[{"name":"SINTEF Digital, Trondheim, Norway"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2018,4,10]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Icek Ajzen and Martin Fishbein. 1980. Understanding attitudes and predicting social behavior. Prentice-Hall.  Icek Ajzen and Martin Fishbein. 1980. Understanding attitudes and predicting social behavior. Prentice-Hall."},{"key":"e_1_3_2_1_2_1","unstructured":"Paulo Caroli and Taina Caetano. 2015. Fun Retrospectives - Activities and ideas for making agile retrospectives more engaging. Leanpub Layton.  Paulo Caroli and Taina Caetano. 2015. Fun Retrospectives - Activities and ideas for making agile retrospectives more engaging. Leanpub Layton."},{"key":"e_1_3_2_1_3_1","unstructured":"Fred D Davis. 1985. A technology acceptance model for empirically testing new end-user information systems: Theory and results. Ph.D. Dissertation. Massachusetts Institute of Technology.  Fred D Davis. 1985. A technology acceptance model for empirically testing new end-user information systems: Theory and results. Ph.D. Dissertation. Massachusetts Institute of Technology."},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.2307\/249008"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1109\/MS.2009.145"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.5555\/1018439.1021907"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1023\/A:1026586415054"},{"key":"e_1_3_2_1_8_1","unstructured":"Michael Howard and Steve Lipner. 2006. The Security Development Lifecycle. Microsoft Press.   Michael Howard and Steve Lipner. 2006. The Security Development Lifecycle. Microsoft Press."},{"key":"e_1_3_2_1_9_1","volume-title":"Lecture Notes in Computer Science","volume":"7465","author":"Jaatun Martin Gilje","year":"2012"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-23318-5_7"},{"key":"e_1_3_2_1_11_1","unstructured":"Long Li. 2008. A critical review of technology acceptance literature. Department of Accounting Economics and Information Systems College of Business Grambling State University. (2008).  Long Li. 2008. A critical review of technology acceptance literature. Department of Accounting Economics and Information Systems College of Business Grambling State University. (2008)."},{"key":"e_1_3_2_1_12_1","volume-title":"Software Security: Building Security In","author":"McGraw Gary","year":"2006"},{"key":"e_1_3_2_1_13_1","unstructured":"G McGraw S Migues and J West. 2015. BSIMM 6. Technical Report.  G McGraw S Migues and J West. 2015. BSIMM 6. Technical Report."},{"key":"e_1_3_2_1_14_1","unstructured":"Microsoft. {n. d.}. Microsoft Security Development Lifecycle. ({n. d.}). https:\/\/www.microsoft.com\/en-us\/SDL  Microsoft. {n. d.}. Microsoft Security Development Lifecycle. ({n. d.}). https:\/\/www.microsoft.com\/en-us\/SDL"},{"key":"e_1_3_2_1_16_1","unstructured":"OpenSAMM. {n. d.}. Software Assurance Maturity Model (SAMM): A guide to building security into software development. ({n. d.}). http:\/\/www.opensamm.org\/.  OpenSAMM. {n. d.}. Software Assurance Maturity Model (SAMM): A guide to building security into software development. ({n. d.}). http:\/\/www.opensamm.org\/."},{"key":"e_1_3_2_1_17_1","unstructured":"Adam Shostack. 2014. Elevation of Privilege: Drawing Developers into Threat Modeling. In 2014 USENIX Summit on Gaming Games and Gamification in Security Education (3GSE 14).  Adam Shostack. 2014. Elevation of Privilege: Drawing Developers into Threat Modeling. In 2014 USENIX Summit on Gaming Games and Gamification in Security Education (3GSE 14)."},{"key":"e_1_3_2_1_18_1","volume-title":"Threat Modeling: Designing for Security","author":"Shostack Adam","year":"2014"},{"key":"e_1_3_2_1_19_1","unstructured":"Forrest Shull and Nancy Mead. 2016. Cyber Threat Modeling: An Evaluation of Three Methods. (2016). https:\/\/insights.sei.cmu.edu\/sei_blog\/2016\/11\/cyber-threat-modeling-an-evaluation-of-three-methods.html  Forrest Shull and Nancy Mead. 2016. Cyber Threat Modeling: An Evaluation of Three Methods. (2016). https:\/\/insights.sei.cmu.edu\/sei_blog\/2016\/11\/cyber-threat-modeling-an-evaluation-of-three-methods.html"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/1414004.1414055"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"crossref","unstructured":"Viswanath Venkatesh and Fred D Davis. 1996. A model of the antecedents of perceived ease of use: Development and test. Decision sciences 27 3 (1996) 451--481.  Viswanath Venkatesh and Fred D Davis. 1996. A model of the antecedents of perceived ease of use: Development and test. Decision sciences 27 3 (1996) 451--481.","DOI":"10.1111\/j.1540-5915.1996.tb00860.x"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2010.58"}],"event":{"name":"HoTSoS '18: Symposium and Bootcamp","location":"Raleigh North Carolina","acronym":"HoTSoS '18","sponsor":["National Security Agency National Security Agency","SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 5th Annual Symposium and Bootcamp on Hot Topics in the Science of Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3190619.3190633","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,1,14]],"date-time":"2023-01-14T06:04:57Z","timestamp":1673676297000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3190619.3190633"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,4,10]]},"references-count":21,"alternative-id":["10.1145\/3190619.3190633","10.1145\/3190619"],"URL":"https:\/\/doi.org\/10.1145\/3190619.3190633","relation":{},"subject":[],"published":{"date-parts":[[2018,4,10]]},"assertion":[{"value":"2018-04-10","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}