Faily, S., Iacob, C. and Field, S, 2016. Ethical Hazards and Safeguards in Penetration Testing. In: 30th British HCI Group Annual Conference on People and Computers: Fusion, 11-15 July 2016, Bournemouth, UK.
Full text available as:
faif16.pdf - Accepted Version
Available under License Creative Commons Attribution Non-commercial No Derivatives.
Official URL: http://hci2016.bcs.org/
Penetration testing entails attacking a system to identify and report insecurity, but doing so without harming the system nor encroaching on the dignity of those affected by it. To improve the interaction between penetration testers and their processes and technology, we need to understand the factors that affect decisions they make with ethical import. This paper presents four ethical hazards faced by penetration testers, and three safeguards that address them. We also present preliminary results validating the hazards and safeguards.
|Item Type:||Conference or Workshop Item (Paper)|
|Uncontrolled Keywords:||Penetration testing; ethics; Grounded Theory; personas; goal model; CAIRIS; GRL|
|Group:||Faculty of Science & Technology|
|Deposited By:||Unnamed user with email symplectic@symplectic|
|Deposited On:||10 Jun 2016 10:52|
|Last Modified:||19 Jul 2016 14:13|
Downloads per month over past year
|Repository Staff Only -|