A Taxonomy to Classify Risk End-User Profile in Interaction with the Computing Environment
The objective of this paper to summarize the current knowledge in Human Computer Interaction (HCI) and Information Security (IS) areas regarding the classification of the end-user profile and present a new taxonomy to classify risk end-user profile in interaction with the computing environment in the information security perspective. A systematic mapping study was performed to assess the taxonomy of end-users. From an initial set of 105 papers based on string search, we conducted and selected a total of 21 papers. After the full reading of these 21 papers, only 02 papers were selected and 01 new paper were manually added. The results obtained allowed us to identify gap profiles of end-users related to the risk they cause to the computing environment. Thus, we propose a taxonomy to classify risk end-user profile in interaction with the computing environment.
KeywordsRisk end-user Taxonomy, Computing environment
We would like to acknowledge the financial support granted by CAPES (Coordination for Improvement of Higher Education Personnel).
- 1.Beisse, F.: A Guide to Computer User Support for Help Desk and Support Specialists, 5th edn. Course Technology Cengage Learning, USA (2012)Google Scholar
- 4.Rogers, Y., Sharp, H., Preece, J.: Interaction Design: Beyond Human - Computer Interaction, 4th edn. Elsevier Editora Ltda., London (2015)Google Scholar
- 5.ISO/IEC: ISO/IEC 27002:2005 - Information technology – Security techniques – Code of practice for information security management. Technical report (2005)Google Scholar
- 6.ISO/IEC: ISO/IEC 27000: 2009 information technology - security techniques - information security management systems -overview and vocabulary. Technical report (2009a)Google Scholar
- 7.ISO/IEC: ISO/IEC 27005:2008: Information Technology - Security Techniques - Information Security Risk Management. Technical report (2008)Google Scholar
- 8.ISO/IEC: ISO/IEC 13335-1: 2004 Information technology – Security techniques – Management of information and communications technology security – Part 1: Concepts and models for information and communications technology security management. Technical report (2004)Google Scholar
- 9.Oxford Dictionary of English. OUP Oxford, 3rd edn. (2010)Google Scholar
- 10.ISO/IEC 31000: 2009: Risk management? Principles and guidelines. Technical report (2009b)Google Scholar
- 11.Barbosa, S.D.J., de Souza, C.S., Paula, M.G.: The semiotic engineering use of models for supporting reflection-in-action. In: HCII2003 - HCI International, 2003, Creta, Human-Computer Interaction: Theory and Practice (Part I), vol. 1, pp. 18–22. Lawrence Erlbaum, Mawah (2003)Google Scholar
- 12.Kitchenham, B., Charters, S.: Guidelines for Performing Systematic Literature Reviews in Software Engineering, Version 2.3, EBSE Technical Report, Keele University, UK (2007)Google Scholar
- 15.Paseka, T.: Why google went offline today and a bit about how the internet works. https://blog.cloudflare.com/why-google-went-offline-today-and-a-bit-about/ (2012)