用户认证的隐性价格:成本分析与利益相关者动机

2011 Sixth International Conference on Availability, Reliability and Security Pub Date : 2011-08-22 DOI:10.1109/ARES.2011.54

Ludwig Meyer, M. Auer, M. Klemen, S. Biffl

{"title":"用户认证的隐性价格:成本分析与利益相关者动机","authors":"Ludwig Meyer, M. Auer, M. Klemen, S. Biffl","doi":"10.1109/ARES.2011.54","DOIUrl":null,"url":null,"abstract":"IT security is a vital task; user authentication a fundamental part. Yet the policies to implement user authentication often have a poor cost/benefit ratio. This paper (i) analyzes the costs of typical user authentication policies based on interviews with large Austrian IT providers. It (ii) then elaborates on how the policies are chosen, focusing on a lack of real cost accounting, and riskaverse principal agents in the security departments.","PeriodicalId":254443,"journal":{"name":"2011 Sixth International Conference on Availability, Reliability and Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-08-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Hidden Price of User Authentication: Cost Analysis and Stakeholder Motivation\",\"authors\":\"Ludwig Meyer, M. Auer, M. Klemen, S. Biffl\",\"doi\":\"10.1109/ARES.2011.54\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"IT security is a vital task; user authentication a fundamental part. Yet the policies to implement user authentication often have a poor cost/benefit ratio. This paper (i) analyzes the costs of typical user authentication policies based on interviews with large Austrian IT providers. It (ii) then elaborates on how the policies are chosen, focusing on a lack of real cost accounting, and riskaverse principal agents in the security departments.\",\"PeriodicalId\":254443,\"journal\":{\"name\":\"2011 Sixth International Conference on Availability, Reliability and Security\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2011-08-22\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2011 Sixth International Conference on Availability, Reliability and Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ARES.2011.54\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2011 Sixth International Conference on Availability, Reliability and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ARES.2011.54","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

资讯科技保安是一项重要的工作;用户身份验证是最基本的部分。然而，实现用户身份验证的策略通常具有较低的成本/收益比。本文(i)基于对奥地利大型IT提供商的采访，分析了典型用户身份验证策略的成本。它(ii)然后详细说明了如何选择政策，重点是缺乏真正的成本核算，以及在安全部门规避风险的代理人。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Hidden Price of User Authentication: Cost Analysis and Stakeholder Motivation

IT security is a vital task; user authentication a fundamental part. Yet the policies to implement user authentication often have a poor cost/benefit ratio. This paper (i) analyzes the costs of typical user authentication policies based on interviews with large Austrian IT providers. It (ii) then elaborates on how the policies are chosen, focusing on a lack of real cost accounting, and riskaverse principal agents in the security departments.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2011 Sixth International Conference on Availability, Reliability and Security

自引率

0.00%

发文量