Publication statistics

Pub. period:2007-2009
Pub. count:8
Number of co-authors:10



Co-authors

Number of publications with 3 favourite co-authors:

Sidney Fels:
Brian D. Fisher:
Pooya Jaferian:

 

 

Productive colleagues

David Botta's 3 most productive colleagues in number of publications:

Kirstie Hawkey:37
Sidney Fels:36
Konstantin Beznoso..:23
 
 
 

Upcoming Courses

go to course
User-Centred Design - Module 2
Starts TODAY LAST CALL!
go to course
User Experience: The Beginner's Guide
Starts TODAY LAST CALL!
 
 

Featured chapter

Marc Hassenzahl explains the fascinating concept of User Experience and Experience Design. Commentaries by Don Norman, Eric Reiss, Mark Blythe, and Whitney Hess

User Experience and Experience Design !

 
 

Our Latest Books

 
 
The Social Design of Technical Systems: Building technologies for communities. 2nd Edition
by Brian Whitworth and Adnan Ahmad
start reading
 
 
 
 
Gamification at Work: Designing Engaging Business Software
by Janaki Mythily Kumar and Mario Herger
start reading
 
 
 
 
The Social Design of Technical Systems: Building technologies for communities
by Brian Whitworth and Adnan Ahmad
start reading
 
 
 
 
The Encyclopedia of Human-Computer Interaction, 2nd Ed.
by Mads Soegaard and Rikke Friis Dam
start reading
 
 

David Botta

 

Publications by David Botta (bibliography)

 what's this?
2009
 
Edit | Del

Jaferian, Pooya, Botta, David, Hawkey, Kirstie and Beznosov, Konstantin (2009): A multi-method approach for user-centered design of identity management systems. In: Proceedings of the 2009 Symposium on Usable Privacy and Security 2009. p. 36. Available online

 
Edit | Del

Werlinger, Rodrigo, Hawkey, Kirstie, Botta, David and Beznosov, Konstantin (2009): Security practitioners in context: Their activities and interactions with other stakeholders within organizations. In International Journal of Human-Computer Studies, 67 (7) pp. 584-606. Available online

This study investigates the context of interactions of information technology (IT) security practitioners, based on a qualitative analysis of 30 interviews and participatory observation. We identify nine different activities that require interactions between security practitioners and other stakeholders, and describe in detail two of these activities that may serve as useful references for security-tool usability scenarios. We propose a model of the factors contributing to the complexity of interactions between security practitioners and other stakeholders, and discuss how this complexity is a potential source of security issues that increase the risk level within organizations. Our analysis also reveals that the tools used by our participants to perform their security tasks provide insufficient support for the complex, collaborative interactions that their duties involve. We offer several recommendations for addressing this complexity and improving IT security tools.

© All rights reserved Werlinger et al. and/or Academic Press

 
Edit | Del

Jaferian, Pooya, Botta, David, Hawkey, Kirstie and Beznosov, Konstantin (2009): A case study of enterprise identity management system adoption in an insurance organization. In: Proceedings of the 2009 Symposium on Computer Human Interaction for the Management of Information Technology 2009. p. 7. Available online

This case study describes the adoption of an enterprise identity management (IdM) system in an insurance organization. We describe the state of the organization before deploying the IdM system, and point out the challenges in its IdM practices. We describe the organization's requirements for an IdM system, why a particular solution was chosen, issues in the deployment and configuration of the solution, the expected benefits, and the new challenges that arose from using the solution. Throughout, we identify practical problems that can be the focus of future research and development efforts. Our results confirm and elaborate upon the findings of previous research, contributing to an as-yet immature body of cases about IdM. Furthermore, our findings serve as a validation of our previously identified guidelines for IT security tools in general.

© All rights reserved Jaferian et al. and/or ACM Press

2008
 
Edit | Del

Hawkey, Kirstie, Botta, David, Werlinger, Rodrigo, Muldner, Kasia, Gagn, Andr and Beznosov, Konstantin (2008): Human, organizational, and technological factors of IT security. In: Proceedings of ACM CHI 2008 Conference on Human Factors in Computing Systems April 5-10, 2008. pp. 3639-3644. Available online

This paper describes the HOT Admin research project, which is investigating the human, organizational, and technological factors of IT security from the perspective of security practitioners. We use qualitative methods to examine their experiences along several themes including: unique characteristics of this population, the challenges they face within the organization, their activities, their collaborative interactions with other stakeholders, the sub-optimal situations they face as a result of distributed security management, and the impact of the security management model in place. We present preliminary results for each theme, as well as the implications of these results on the field of usable security and other research areas within HCI.

© All rights reserved Hawkey et al. and/or ACM Press

 
Edit | Del

Jaferian, Pooya, Botta, David, Raja, Fahimeh, Hawkey, Kirstie and Beznosov, Konstantin (2008): Guidelines for designing IT security management tools. In: Frisch, AEleen, Kandogan, Eser, Lutters, Wayne G., Thornton, James D. and Mouloua, Mustapha (eds.) CHIMIT 2008 - Proceedings of the 2nd ACM Symposium on Computer Human Interaction for Management of Information Technology November 14-15, 2008, San Diego, California, USA. p. 7. Available online

 
Edit | Del

Jaferian, Pooya, Botta, David, Raja, Fahimeh, Hawkey, Kirstie and Beznosov, Konstantin (2008): Guidelines for designing IT security management tools. In: Proceedings of the 2008 Symposium on Computer Human Interaction for the Management of Information Technology 2008. p. 7. Available online

An important factor that impacts the effectiveness of security systems within an organization is the usability of security management tools. In this paper, we present a survey of design guidelines for such tools. We gathered guidelines and recommendations related to IT security management tools from the literature as well as from our own prior studies of IT security management. We categorized and combined these into a set of high level guidelines and identified the relationships between the guidelines and challenges in IT security management. We also illustrated the need for the guidelines, where possible, with quotes from additional interviews with five security practitioners. Our framework of guidelines can be used by those developing IT security tools, as well as by practitioners and managers evaluating tools.

© All rights reserved Jaferian et al. and/or ACM Press

2007
 
Edit | Del

Botta, David, Werlinger, Rodrigo, Gagn, Andr, Beznosov, Konstantin, Iverson, Lee, Fels, Sidney and Fisher, Brian D. (2007): Towards understanding IT security professionals and their tools. In: Proceedings of the 2007 Symposium on Usable Privacy and Security 2007. pp. 100-111. Available online

We report preliminary results of our ongoing field study of IT professionals who are involved in security management. We interviewed a dozen practitioners from five organizations to understand their workplace and tools. We analyzed the interviews using a variation of Grounded Theory and predesigned themes. Our results suggest that the job of IT security management is distributed across multiple employees, often affiliated with different organizational units or groups within a unit and responsible for different aspects of it. The workplace of our participants can be characterized by their responsibilities, goals, tasks, and skills. Three skills stand out as significant in the IT security management workplace: inferential analysis, pattern recognition, and bricolage.

© All rights reserved Botta et al. and/or ACM Press

 
Edit | Del

Werlinger, Rodrigo, Botta, David and Beznosov, Konstantin (2007): Detecting, analyzing and responding to security incidents: a qualitative analysis. In: Proceedings of the 2007 Symposium on Usable Privacy and Security 2007. pp. 149-150. Available online

Persistence and cost are the two factors that have motivated several studies about better practices for dealing with security incidents [5]. However, there is not much literature about IT professionals who have to deal with security incidents, in terms of which tasks they actually perform and which resources they need to handle the complex scenarios given by real incidents [6]. This lack of research makes it difficult to evaluate and improve the support that IT security professionals need to respond efficiently to security incidents.

© All rights reserved Werlinger et al. and/or ACM Press

 
Add publication
Show list on your website
 
 

Join our community and advance:

Your
Skills

Your
Network

Your
Career

 
Join our community!
 
 
 

Page Information

Page maintainer: The Editorial Team
URL: http://www.interaction-design.org/references/authors/david_botta.html