”Comply or Die” is Dead: Long Live Security-Aware Principal Agents

Iacovos Kirlappos, Adam Beautement and M. Angela Sasse Abstract Information security has adapted to the modern collaborative organisational nature, and abandoned “command-and-control” approaches of the past. But when it comes to managing employee’s information security behaviour, many organisations still use policies proscribing behaviour and sanctioning non-compliance. Whilst many organisations are Read more…

Too Close for Comfort: a study of the effectiveness and acceptability of rich-media personalized advertising

Miguel Malheiros, Charlene Jennett, Snehalee Patel, Sacha Brostoff and Martina Angela Sasse  Abstract Online display advertising is predicted to make $29.53 billion this year. Advertisers believe targeted and personalized ads to be more effective, but many users are concerned about their privacy. We conducted a study where 30 participants completed Read more…

Program Analysis Probably Counts

Alessandra Di Pierro, Chris Hankin and Herbert Wiklicky Abstract: Semantics-based program analysis uses an abstract semantics of programs/systems to statically determine run-time properties. Classic examples from compiler technology include analyses to support constant propagation and constant folding transformations and estimation of pointer values to prevent buffer overruns. More recent examples Read more…