Faily, S., Iacob, C. and Field, S, 2016. Ethical Hazards and Safeguards in Penetration Testing. In: 30th British HCI Group Annual Conference on People and Computers: Fusion, 11-15 July 2016, Bournemouth, UK.
Full text available as:
| Preview | PDF faif16.pdf - Accepted Version Available under License Creative Commons Attribution Non-commercial No Derivatives. 578kB | 
| Copyright to original material in this document is with the original owner(s). Access to this content through BURO is granted on condition that you use it only for research, scholarly or other non-commercial purposes. If you wish to use it for any other purposes, you must contact BU via BURO@bournemouth.ac.uk. Any third party copyright material in this document remains the property of its respective owner(s). BU grants no licence for further use of that third party material. | 
Official URL: http://hci2016.bcs.org/
Abstract
Penetration testing entails attacking a system to identify and report insecurity, but doing so without harming the system nor encroaching on the dignity of those affected by it. To improve the interaction between penetration testers and their processes and technology, we need to understand the factors that affect decisions they make with ethical import. This paper presents four ethical hazards faced by penetration testers, and three safeguards that address them. We also present preliminary results validating the hazards and safeguards.
| Item Type: | Conference or Workshop Item (Paper) | 
|---|---|
| Uncontrolled Keywords: | Penetration testing; ethics; Grounded Theory; personas; goal model; CAIRIS; GRL | 
| Group: | Faculty of Science & Technology | 
| ID Code: | 23804 | 
| Deposited By: | Symplectic RT2 | 
| Deposited On: | 10 Jun 2016 10:52 | 
| Last Modified: | 14 Mar 2022 13:56 | 
Downloads
Downloads per month over past year
| Repository Staff Only - | 
 Tools
 Tools Tools
 Tools