Emergence of Human-Centric Information Security – Towards an Integrated Research Framework

In this poster, we first summarize the evolution of information security research as three stages of information security development: technology-centric, economics-centric, and the emerging trend of human-centric. We identify the main contributors and outputs of each stage. Based on this understanding, we present an integrated research framework termed Integrated Model of Human-Centric Information Security (iMOHCIS), which systematically incorporates various factors that influence human brain functions, and illustrates how human brain activities eventually lead to actual information security behaviors. This iMOHCIS framework focuses on human-centric information security at individual agent level. We then extend it to incorporate multi-agent interactions in two significant dimensions: qualitative dimension and quantitative dimension. The iMOHCIS framework and its extension capture the essence of the emerging human-centric information security, provide a comprehensive framework for understanding human elements in information security, and generate a systematic approach to identifying significant research questions related to human-centric information security. This framework also provides a foundation for human-centric information security education curriculum design.