التفاصيل البيبلوغرافية
| العنوان: |
Hur autentiseringsregler kan bli användarvänliga : En systematisk litteraturstudie inom autentiseringsreglers användarvänlighet |
| Alternate Title: |
How authentication policies can become user friendly |
| المؤلفون: |
Malmström, Villy Malmström, Ringdahl, Tobias, Uhlmann, David |
| بيانات النشر: |
Jönköping University, Tekniska Högskolan, 2024. |
| سنة النشر: |
2024 |
| المجموعة: |
DiVA Archive at Upsalla University |
| مصطلحات موضوعية: |
Information Security Policy (ISP), Policy Development, Authentication Policy, Information Security, Literature Review, User-centric, Recommendations, Informationssäkerhetspolicy (ISP), Policyutveckling, Autentiseringspolicy, Lösenord, Informationssäkerhet, Litteraturstudie, Användarbaserad, Rekommendationer, Information Systems, Systemvetenskap, informationssystem och informatik |
| الوصف: |
The human factor often plays a significant role in cyberattacks targeted against organisations. Therefore, controlling user behaviour is critical to companies’ cybersecurity strengthening efforts. A method used by companies for this is information security policies (ISP). User compliance is required for policies to be able to regulate user behaviour, but research suggests that compliance is often low. This study aims to improve authentication rules in ISP development by executing a systematic literature review. It does this by providing recommendations on how to better capture the user perspective based on the reviewed literature and the collected policies from the public sector. First a database search was conducted then backwards snowballing, which left us with 61 accepted articles that then underwent coding and ultimately a thematic analysis. This process identified eight key themes: authentication stress, password strength, password changing, password sharing, password reuse, password storage, user guidance and policy design. With these themes in hand, each area could be analysed and compared to corresponding area from the collected policies. This revealed discrepancies between the research and the organizational policies, enabling recommendations on how to improve policies from a user-based perspective to be put forward. The study is limited to authentication rules found in information security policies and excludes rules that might be found in different documents. Additionally, the systematic literature review is limited to digital databases. |
| Original Identifier: |
oai:DiVA.org:hj-65124 |
| نوع الوثيقة: |
Text |
| وصف الملف: |
application/pdf |
| اللغة: |
Swedish |
| الاتاحة: |
http://urn.kb.se/resolve?urn=urn:nbn:se:hj:diva-65124 |
| Rights: |
info:eu-repo/semantics/openAccess |
| رقم الانضمام: |
edsndl.UPSALLA1.oai.DiVA.org.hj.65124 |
| قاعدة البيانات: |
Networked Digital Library of Theses & Dissertations |