Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Bücher
Zeitschriften
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
SLX-Digitalkonferenz: Zukunftswerkstatt 2024

Mehr Umsatz mit Top-Kontakten

Am 7. Mai erfahren Sie, wie Vertriebsteams Leadgenerierung, Leadnurturing und Leadstrategien effizient steuern können.
Erweiterte Suche
Anmelden
nach oben
Erschienen in:
Why Designing for Usability and Security is Hard Kapitel lesen Erstes Kapitel lesen

2018 | OriginalPaper | Buchkapitel

11. Evaluate Security as an Innovation

verfasst von : Shamal Faily

Erschienen in: Designing Usable and Secure Software with IRIS and CAIRIS

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

This chapter presents the paradigm of Security Entrepreneurship: the application of innovation models and principles to organise, create, and manage security design elements to bring about improved system security. I begin by introducing some tenets from the innovation literature, before introducing four sample Security Entrepreneurship techniques, and illustrating each with a working example. Finally, the consequences of this paradigm are discussed, and I propose research directions for the mainstream introduction of Security Entrepreneurship for security design.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Jetzt informieren
Vorheriges Kapitel Case Study: Securing An Internet of Things Middleware
Nächstes Kapitel Further Applications of CAIRIS for Usable and Secure Software Design
Literatur
1.
ISO. ISO/IEC 27002: Information Technology – Security Techniques – Code of Practice for Information Security Management. ISO/IEC; 2007.
2.
Rittel HWJ, Webber MM. Dilemmas in a general theory of planning. Policy Sci. 1973;4(2):155–69.CrossRef
3.
Karlsen IK, Maiden N, Kerne A. Inventing requirements with creativity support tools. In: REFSQ ’09: Proceedings of the 15th international working conference on requirements engineering: foundation for software quality. Berlin, Heidelberg: Springer; 2009. p. 162–174.CrossRef
4.
5.
Robertson J. Eureka! why analysts should invent requirements. IEEE Softw. 2002;19(4):20–2.CrossRef
6.
Godin B. The linear model of innovation: the historical construction of an analytical framework. Sci Technol Human Values. 2006;31(6):639–67.CrossRef
7.
Hughes TP. Networks of power: electrification in Western society, 1880-1930. Johns Hopkins University Press; 1983.
8.
Murphy AE. Richard cantillon, entrepreneur and economist. Clarendon Press; 1986.
9.
Schumpeter JA. Capitalism, socialism, and democracy. Allen & Urwin; 1944.
10.
Martin RL, Osberg S. Social entrepreneurship: the case for definition. Stanf Soc Innov Rev. 2007;5(2):29–39.
11.
Abernathy WJ, Clark KB. Innovation: mapping the winds of creative destruction. Res Policy. 1985;14(1):3–22.CrossRef
12.
Henderson RM, Clark KB. Architectural innovation: the reconfiguration of existing product technologies and the failure of established firms. Adm Sci Q. 1990;35(1):9.CrossRef
13.
Weinberg AS, Pellow DN, Schaiberg A. Urban recycling and the search for sustainable community development. Princeton University Press; 2000.
14.
Bass F. A new product growth model for consumer durables. Manag Sci. 1969;15(5):215–27.CrossRef
15.
Gravier MJ, Swartz SM. The dark side of innovation: exploring obsolescence and supply chain evolution for sustainment-dominated systems. J High Technol Manag Res. 2009;20(2):87–102.CrossRef
16.
Christensen CM. The innovator’s dilemma: when new technologies cause great firms to fail. Harvard Business School Press; 1997.
17.
Mukunda G. We cannot go on: disruptive innovation and the first world war royal navy. SecurStud. 2010;19(1):124–59.
18.
Leadbeater C. The Socially entrepreneurial city. In: Social entrepreneurship: new models of sustainable social change. Oxford University Press; 2006. p. 233–246.
19.
Fléchais I, Sasse MA, Hailes SMV. Bringing security home: a process for developing secure and usable systems. In: proceedings of the 2003 new security paradigms workshop. ACM; 2003. p. 49–57.
20.
den Braber F, Hogganvik I, Lund MS, Stølen K, Vraalsen F. Model-based security analysis in seven steps - a guided tour to the CORAS method. BT Technol J. 2007;25(1):101–17.CrossRef
21.
Shostack A. Threat modeling: designing for security. John Wiley & Sons; 2014.
22.
Bass L, Clements P, Kazman R. Software architecture in practice. 2nd ed. Addison-Wesley; 2003.
23.
Grinter RE. Systems architecture: product designing and social engineering. SIGSOFT Softw Eng Notes. 1999;24(2):11–8.CrossRef
24.
Nuseibeh B. Weaving together requirements and architectures. Computer. 2001;34(3):115–7.CrossRef
25.
Gibson JJ. The ecological approach to visual perception. Houghton Mifflin; 1979.
26.
Bell G, Blythe M, Sengers P. Making by making strange: defamiliarization and the design of domestic technologies. ACM Trans Comput -Human Interact. 2005;12(2):149–73.CrossRef
27.
28.
29.
Afuah A. 2. In: Innovation management: strategies, implementation and profits. 2nd ed. Oxford University Press; 2003.
30.
31.
International Telecommunication Union. X.509 : Information technology - Open Systems Interconnection - The Directory: Public-key and attribute certificate frameworks. International Telecommunication Union; 2005.
32.
Barrett DJ, Silverman RE, Byrnes RG. SSH, the secure shell: the definitive guide. 2nd ed. O’Reilly; 2005.
33.
Digital Imaging and Communications in Medicine (DICOM): Part 1: Introduction and Overview: PS 3.1-2009. National Electronic Manufacturers Association; 2009.
34.
Borgatti S, Mehra A, Brass D, Labianca G. Network analysis in the social sciences. Science. 2009;323(5916):892–5.CrossRef
35.
Anderson R, Moore T. The economics of information security. Science. 2006.
36.
Granovetter M. The strength of weak ties: a network theory revisited. 1983;1:201–33.
37.
Faily S, Fléchais I. Designing and aligning e-Science security culture with design. Inf Manag Comput Secur. 2010;18(5):339–49.CrossRef
38.
39.
Klein G. Performing a project premortem. Harv Bus Rev. 2007;85(9):18–9.
40.
Thomke S, Nimgade A. IDEO Product development (HBS-9-600-143). Harvard Business School Case Study. 2007.
41.
Hobek J. The innovation design dilemma: some notes on its relevance and solution. In: Grønhaug K, Kaufmann G, editors. Innovation: a cross-disciplinary perspective. Norwegian University Press; 1988.
42.
Rapoport RN. Three dilemmas in action research. Human Relat. 1970;23(6):499–513.CrossRef
43.
Baskerville RL. Investigating information systems with action research. Commun Assoc Inf Syst. 1999;2(19):1–32.
44.
Rasmussen LB, Nielsen T. Entrepreneurial capabilities: is entrepreneurship action research in disguise? AI Soc. 2004;18(2):100–12.CrossRef
45.
James HL. Managing information systems security: a soft approach. In: Proceedings of the information systems conference of New Zealand. IEEE Computer Society; 1996. p. 10–20.
46.
Straub DW, Welke RJ. Coping with systems risk: security planning models for management decision making. MIS Q Manag Inf Syst. 1998;22(4):441–64.CrossRef
47.
Abernathy WJ, Utterback JM. Patterns of innovation in technology. Technol Rev. 1978;80(7):40–7.
Metadaten
Titel
Evaluate Security as an Innovation
verfasst von
Shamal Faily
Copyright-Jahr
2018
Buch
Designing Usable and Secure Software with IRIS and CAIRIS

Print ISBN: 978-3-319-75492-5

Electronic ISBN: 978-3-319-75493-2

Copyright-Jahr: 2018

DOI
https://doi.org/10.1007/978-3-319-75493-2_11