Computer and information security risks often are the result of how people interact with technology, not the technology itself.
Research at CQPI investigates human factors aspects that affect computer information security and ultimately aims to create more effective security solutions.
Human Factors in Computer & Information Security
Red Team Performance for Improved Computer and Information Security
Hoonakker, P., Bornoe, N.A., & Carayon, P. (2009). Password Authentication from a Human Factors Perspective: Results of a survey among end-users. Paper presented at the Human Factors and Ergonomics Society (HFES) 53rd Annual Meeting, San Antonio, TX.
Hoonakker, P., Carayon, P. & Bornoe, N.A. (2009). Spamming, phishing and spoofing. Paper presented at the IEA Conference, Beijing China.
Kraemer, S. & Carayon, P. (2009). Human and organizational factors in computer and information security: Pathways to vulnerabilities. Computers & Security, 28 (7), 509-520.
Hoonakker, P. & Carayon, P. (2008). Computer and information security from a human factors perspective. Paper presented at the 2008 ODAM Conference, Guaruja, Brazil.
Kraemer, S. & Carayon, P. (2007). Human errors and violations in computer and information security: The viewpoint of network administrators and security specialists. Applied Ergonomics, 38 (2), 143-154. PMID: 16782040
Kraemer, S., Carayon, P. & Clem, J. (2006). Characterizing violations in computer and information security systems. Paper presented at the IEA 2006 Conference, Maastricht, The Netherlands.
Kraemer, S., Carayon, P., & Clem, J. (2006). Performance of red teams in computer and information security. Applied Ergonomics.
Kraemer, S., Carayon, P., & Duggan, R. (2003). A model of red team performance. In Luczak & Zink (Eds.) Proceedings of the Seventh International Symposium on Human Factors Organizational Design and Management, IEA Press: Aachen, Germany.
Carayon, P. & Kraemer, S. (2003). Using accident analysis methods in computer security: The development of the human factors vulnerability analysis (HFVA). Proceedings of the XVth Triennial Congress of the International Ergonomics Association and the 7th Joint Conference of Ergonomics Society of Korea/Japan Ergonomics Society, Seoul, Korea.
Kraemer, S. & Carayon, P. (2003). A human factors vulnerability evaluation method for computer and information security.Proceedings of the Human Factors and Ergonomics Society (HFES) 47th Annual Meeting, Denver, CO.
Carayon, P., & Kraemer, S. (2003). Human factors in e-security: The business viewpoint. Center for Quality and Productivity Improvement (CQPI), Madison, WI.
Kraemer, S. (2002). A human factors evaluation method for computer and information security technical vulnerabilities and security breaches. MS Thesis, Department of Industrial and Systems Engineering, University of Wisconsin-Madison.
Carayon, P. & Kraemer, S. (2002). Macroergonomics in WWDU: What about computer and information security? In H. Luczak, A.E. Cakir, & G. Cakir (Eds.). Proceedings of the 6th International Scientific Conference on Work With Display Units (WWDU) – World Wide Work. (pp. 87-89). Berlin, Germany: Ergonomic Institut fur Arbeits – und Sozialforschung Forschungsgesellschaft mbH.