Computer Security Essay Example | Topics and Well Written Essays - 2250 words

Computer Security - Essay ExampleOne study was done by a group of academicians. The second study was done by computer guarantor professionals. One is a creative work carried out by Farzeneh Asghapour, Debin Lin and Jean Camp (2007) in assessing the indirect and implicit use of noetic models applied to computer warranter. Asghapour et. al., (2007) did three experiments which revealed corresponding results. First, the experiments showed that for a set of security risks, the self-identified security experts and non-experts exhibit particular proposition mental models. Second, a brand of expertise increases the distance between the mental models of non-experts and experts. Finally, the utilization of models through metaphors did not correspond to metaphors that be similar the mental models of simple users. The second study on computer security done by Stuart Schechter and Daniel Smith tackled the kind of security required to protect a packaged constitution which is present in large organizations from thieves who would plot a exposure to attack multiple installations. Both studies are similar since they relay the splendor of computer security in organizations.The main theme of Asghapour and her co-researchers were to emphasize the importance of effective security risk communication. The researchers argue that this requires both communicating risk information and motivating the get hold of risk behaviors. The crucial argument is that the purpose of risk communication is not transmitting truth to the users, save training them to take an appropriate move to respond against a certain threat to their system. Similarly, Schechter and David present an economical threat modeling as a measure for understanding adversaries who are attracted for financial gain. They did a numerical model on thieves outside the target organization who would enter through a simple vulnerability in one of the target companys packaged systems. This model can determine what these thieves are willing to reach for system vulnerabilities and how secure the system should be to withstand any form of theft. The main methodology of Asghapour and her co-researchers were to discern implicit mental models for computer security which makes these explicit and run a test for mental models for chalk up for risk communication. They also aim to utilize the mental models in a rational manner to overcompensate risk communication to non-expert computer users. The researchers pointed out that a mental model is an internal concept of a given process. This concept is case specific and may depend on life experience, description of the risk, typewrite of risk, and information processing strategies. In contrast, the methodology of Stuart Schechter and David Smith in their computer security study was to hear economic threat models. The economic threat models they designed were meant to answer these questions a.) who profits from a computer security attack on a given company and b.) wh at is the choice of attack The threat models enable them to atom the adversary and the respective motivation of those. CONCEPTUAL FRAMEWORK Ashgapour and her co-researchers (2007) determined the scope of mental models which are apply in the computer security profession. They chose five conceptual models implicit in language and explicit in metaphors physical safety, medical infections, criminal behavior, warfare and economic failure. Physical safety refers to keys, safe