Related papers: User-Centric IT Security - How to Design Usable Se…
In recent years, Artificial Intelligence has become more and more relevant in our society. Creating AI systems is almost always the prerogative of IT and AI experts. However, users may need to create intelligent solutions tailored to their…
Often the hardest job is to get business representatives to look at security as something that makes managing their risks and achieving their objectives easier, with security compliance as just part of that journey. This paper addresses…
The Open Source Software movement has been growing exponentially for a number of years with no signs of slowing. Driving this growth is the widespread availability of libraries and frameworks that provide many functionalities. Developers…
The most important aspect of any Software is the operability for the intended audience. This factor of operability is encompassed in the user interface, which serves as the only window to the features of the system. It is thus essential…
Many computer-based authentication schemata are based on pass- words. Logging on a computer, reading email, accessing content on a web server are all examples of applications where the identification of the user is usually accomplished…
There is no denying the fact that with the widespread usage of computers and the Internet in our daily lives, security of information and data has gained increased attention. Information stored in electronic form is more susceptible to…
A digital security-by-design computer architecture, like CHERI, lets you program without fear of buffer overflows or other memory safety errors, but CHERI also rewrites some of the assumptions about how C works and how fundamental types…
Often, security is considered in an advanced stage of the implementation of a system, rather than integrating it into the system design. This leads to less secure systems, as the security mechanisms are only applied as an afterthought and…
Consumer and defense systems demanded design and manufacturing of electronics with increased performance, compared to their predecessors. As such systems became ubiquitous in a plethora of domains, their application surface increased, thus…
AI-based systems have been used widely across various industries for different decisions ranging from operational decisions to tactical and strategic ones in low- and high-stakes contexts. Gradually the weaknesses and issues of these…
There is an overlooked iceberg of problems in end user computing. Spreadsheets are developed by people who are very skilled in their main job function, be it finance, procurement, or production planning, but often have had no formal…
Modern cyber-physical systems are operated by complex software that increasingly takes over safety-critical functions. Software enables rapid iterations and continuous delivery of new functionality that meets the ever-changing expectations…
Security must be considered in almost every software system. Unfortunately, selecting and implementing security features remains challenging due to the variety of security threats and possible countermeasures. While security standards are…
Secure software engineering is a fundamental activity in modern software development. However, while the field of security research has been advancing quite fast, in practice, there is still a vast knowledge gap between the security experts…
Open Source Software (OSS) security and resilience are worldwide phenomena hampering economic and technological innovation. OSS vulnerabilities can cause unauthorized access, data breaches, network disruptions, and privacy violations,…
In recent years, agentic artificial intelligence (AI) systems are becoming increasingly widespread. These systems allow agents to use various tools, such as web browsers, compilers, and more. However, despite their popularity, agentic AI…
Safety-critical software systems are those whose failure or malfunction could result in casualty and/or serious financial loss. In such systems, safety assurance cases (SACs) are an emerging approach that adopts a proactive strategy to…
Producing secure software is challenging. The poor usability of security APIs makes this even harder. Many recommendations have been proposed to support developers by improving the usability of cryptography libraries and APIs; rooted in…
Solving cybersecurity issues requires a holistic understanding of components, factors, structures and their interactions in cyberspace, but conventional modeling approaches view the field of cybersecurity by their boundaries so that we are…
Organizations struggle to comply with legal requirements as well as customers calls for better data protection. On the implementation level, incorporation of privacy protections in products and services depends on the commitment of the…