Computer Information Security

Computer and information security risks often are the result of how people interact with technology, not the technology itself.

Photo: Jeff Miller

Research at CQPI investigates human factors aspects that affect computer information security and ultimately aims to create more effective security solutions.

Past Project(s)

Human Factors in Computer & Information Security
Red Team Performance for Improved Computer and Information Security


Hoonakker, P., Bornoe, N.A., & Carayon, P. (2009). Password Authentication from a Human Factors Perspective: Results of a survey among end-users. Paper presented at the Human Factors and Ergonomics Society (HFES) 53rd Annual Meeting, San Antonio, TX.

Hoonakker, P., Carayon, P. & Bornoe, N.A. (2009). Spamming, phishing and spoofing. Paper presented at the IEA Conference, Beijing China.

Kraemer, S. & Carayon, P. (2009). Human and organizational factors in computer and information security: Pathways to vulnerabilities. Computers & Security, 28 (7), 509-520.


Hoonakker, P. & Carayon, P. (2008). Computer and information security from a human factors perspective. Paper presented at the 2008 ODAM Conference, Guaruja, Brazil.


Kraemer, S. & Carayon, P. (2007). Human errors and violations in computer and information security: The viewpoint of network administrators and security specialists. Applied Ergonomics, 38 (2), 143-154. PMID: 16782040


Kraemer, S., Carayon, P. & Clem, J. (2006). Characterizing violations in computer and information security systems. Paper presented at the IEA 2006 Conference, Maastricht, The Netherlands.

Kraemer, S., Carayon, P., & Clem, J. (2006). Performance of red teams in computer and information security. Applied Ergonomics.


Kraemer, S., Carayon, P., & Duggan, R. (2003). A model of red team performance. In Luczak & Zink (Eds.) Proceedings of the Seventh International Symposium on Human Factors Organizational Design and Management, IEA Press: Aachen, Germany.

Carayon, P. & Kraemer, S. (2003). Using accident analysis methods in computer security: The development of the human factors vulnerability analysis (HFVA). Proceedings of the XVth Triennial Congress of the International Ergonomics Association and the 7th Joint Conference of Ergonomics Society of Korea/Japan Ergonomics Society, Seoul, Korea.

Kraemer, S. & Carayon, P. (2003). A human factors vulnerability evaluation method for computer and information security.Proceedings of the Human Factors and Ergonomics Society (HFES) 47th Annual Meeting, Denver, CO.

Carayon, P., & Kraemer, S. (2003). Human factors in e-security: The business viewpoint. Center for Quality and Productivity Improvement (CQPI), Madison, WI.


Kraemer, S. (2002). A human factors evaluation method for computer and information security technical vulnerabilities and security breaches. MS Thesis, Department of Industrial and Systems Engineering, University of Wisconsin-Madison.

Carayon, P. & Kraemer, S. (2002). Macroergonomics in WWDU: What about computer and information security? In H. Luczak, A.E. Cakir, & G. Cakir (Eds.). Proceedings of the 6th International Scientific Conference on Work With Display Units (WWDU) – World Wide Work. (pp. 87-89). Berlin, Germany: Ergonomic Institut fur Arbeits – und Sozialforschung Forschungsgesellschaft mbH.

Human Factors in Computer & Information Security

Pilot Study Questionnaire
Explanation of Topics in Questionnaire