In the eye of the beholder: A visualization-based approach to information system security

In this paper, we will describe our explorations of this issue. In particular, we will draw on three major elements of our research to date. The first is empirical investigation into everyday security practices, looking at how people manage security as a practical, day-to-day concern, and exploring the context in which security decisions are made. This empirical work provides a foundation for our reconsideration of the problems of security to a large degree as an interactional problem. The second is our systems approach, based on visualization and event-based architectures. This technical approach provides a broad platform for investigating security and interaction, based on a set of general principles. The third is our initial experiences in a prototype deployment of these mechanisms in an application for peer-to-peer file sharing in face-to-face collaborative settings. We have been using this application as the basis of an initial evaluation of our technology in support of everyday security practices in collaborative workgroups.