About Contact Help us

Join us ! Publish !

Interaction Design Foundation

Free educational materials - made by the world's technology elite

About sponsorships

References

David Botta

iPad and tablet version

Publication statistics

Pub. period:2007-2009
Pub. count:8
Number of co-authors:10

Co-authors

Number of publications with 3 favourite co-authors:

Konstantin Beznosov:8
Kirstie Hawkey:6
Rodrigo Werlinger:4

Productive colleagues

David Botta's 3 most productive colleagues in number of publications:

Kirstie Hawkey:37
Sidney Fels:36
Konstantin Beznoso..:23

Calendar

May 22

Knowing (by) Designing 2013

May 27

13th Intl. Conf. on New Interfaces for Musical Expression

May 28

Graphics Interface 2013

May 21

“ Computer analyst to programmer: "You start coding. I'll go find out what they want." ”

-- Popular computer one-liner

Share this quote on...
Get more quotes via RSS or by joining our Usability Quote of the Day Facebook Page

Featured chapter

Read the fascinating history of Wearable Computing, told by its father, Steve Mann

Read Steve's chapter !

Help us help you!

Spread the word:
Donate
Other ways to help

David Botta

Add description

← Button will not work: You have not enabled Javascript. How do I enable it?

Rename / change spelling

Add publication

← Button will not work: You have not enabled Javascript. How do I enable it?

Publications by David Botta (bibliography)

2009

Edit | Del

Jaferian, Pooya, Botta, David, Hawkey, Kirstie and Beznosov, Konstantin (2009): A multi-method approach for user-centered design of identity management systems. In: Proceedings of the 2009 Symposium on Usable Privacy and Security 2009. p. 36.

Edit | Del

Werlinger, Rodrigo, Hawkey, Kirstie, Botta, David and Beznosov, Konstantin (2009): Security practitioners in context: Their activities and interactions with other stakeholders within organizations. In International Journal of Human-Computer Studies, 67 (7) pp. 584-606.

“This study investigates the context of interactions of information technology (IT) security practitioners, based on a qualitative analysis of 30 interviews and participatory observation. We identify nine different activities that require interactions between security practitioners and other stakeholders, and describe in detail two of these activities that may serve as useful references for security-tool usability scenarios. We propose a model of the factors contributing to the complexity of interactions between security practitioners and other stakeholders, and discuss how this complexity is a potential source of security issues that increase the risk level within organizations. Our analysis also reveals that the tools used by our participants to perform their security tasks provide insufficient support for the complex, collaborative interactions that their duties involve. We offer several recommendations for addressing this complexity and improving IT security tools.”

Edit | Del

Jaferian, Pooya, Botta, David, Hawkey, Kirstie and Beznosov, Konstantin (2009): A case study of enterprise identity management system adoption in an insurance organization. In: Proceedings of the 2009 Symposium on Computer Human Interaction for the Management of Information Technology 2009. p. 7.

“This case study describes the adoption of an enterprise identity management (IdM) system in an insurance organization. We describe the state of the organization before deploying the IdM system, and point out the challenges in its IdM practices. We describe the organization's requirements for an IdM system, why a particular solution was chosen, issues in the deployment and configuration of the solution, the expected benefits, and the new challenges that arose from using the solution. Throughout, we identify practical problems that can be the focus of future research and development efforts. Our results confirm and elaborate upon the findings of previous research, contributing to an as-yet immature body of cases about IdM. Furthermore, our findings serve as a validation of our previously identified guidelines for IT security tools in general.”

2008

Edit | Del

Hawkey, Kirstie, Botta, David, Werlinger, Rodrigo, Muldner, Kasia, Gagné, André and Beznosov, Konstantin (2008): Human, organizational, and technological factors of IT security. In: Proceedings of ACM CHI 2008 Conference on Human Factors in Computing Systems April 5-10, 2008. pp. 3639-3644.

“This paper describes the HOT Admin research project, which is investigating the human, organizational, and technological factors of IT security from the perspective of security practitioners. We use qualitative methods to examine their experiences along several themes including: unique characteristics of this population, the challenges they face within the organization, their activities, their collaborative interactions with other stakeholders, the sub-optimal situations they face as a result of distributed security management, and the impact of the security management model in place. We present preliminary results for each theme, as well as the implications of these results on the field of usable security and other research areas within HCI.”

Edit | Del

Jaferian, Pooya, Botta, David, Raja, Fahimeh, Hawkey, Kirstie and Beznosov, Konstantin (2008): Guidelines for designing IT security management tools. In: Frisch, AEleen, Kandogan, Eser, Lutters, Wayne G., Thornton, James D. and Mouloua, Mustapha (eds.) CHIMIT 2008 - Proceedings of the 2nd ACM Symposium on Computer Human Interaction for Management of Information Technology November 14-15, 2008, San Diego, California, USA. p. 7.

Edit | Del

Jaferian, Pooya, Botta, David, Raja, Fahimeh, Hawkey, Kirstie and Beznosov, Konstantin (2008): Guidelines for designing IT security management tools. In: Proceedings of the 2008 Symposium on Computer Human Interaction for the Management of Information Technology 2008. p. 7.

“An important factor that impacts the effectiveness of security systems within an organization is the usability of security management tools. In this paper, we present a survey of design guidelines for such tools. We gathered guidelines and recommendations related to IT security management tools from the literature as well as from our own prior studies of IT security management. We categorized and combined these into a set of high level guidelines and identified the relationships between the guidelines and challenges in IT security management. We also illustrated the need for the guidelines, where possible, with quotes from additional interviews with five security practitioners. Our framework of guidelines can be used by those developing IT security tools, as well as by practitioners and managers evaluating tools.”

2007

Edit | Del

Botta, David, Werlinger, Rodrigo, Gagné, André, Beznosov, Konstantin, Iverson, Lee, Fels, Sidney and Fisher, Brian D. (2007): Towards understanding IT security professionals and their tools. In: Proceedings of the 2007 Symposium on Usable Privacy and Security 2007. pp. 100-111.

“We report preliminary results of our ongoing field study of IT professionals who are involved in security management. We interviewed a dozen practitioners from five organizations to understand their workplace and tools. We analyzed the interviews using a variation of Grounded Theory and predesigned themes. Our results suggest that the job of IT security management is distributed across multiple employees, often affiliated with different organizational units or groups within a unit and responsible for different aspects of it. The workplace of our participants can be characterized by their responsibilities, goals, tasks, and skills. Three skills stand out as significant in the IT security management workplace: inferential analysis, pattern recognition, and bricolage.”

Edit | Del

Werlinger, Rodrigo, Botta, David and Beznosov, Konstantin (2007): Detecting, analyzing and responding to security incidents: a qualitative analysis. In: Proceedings of the 2007 Symposium on Usable Privacy and Security 2007. pp. 149-150.

“Persistence and cost are the two factors that have motivated several studies about better practices for dealing with security incidents [5]. However, there is not much literature about IT professionals who have to deal with security incidents, in terms of which tasks they actually perform and which resources they need to handle the complex scenarios given by real incidents [6]. This lack of research makes it difficult to evaluate and improve the support that IT security professionals need to respond efficiently to security incidents.”

Add publication