Search Icon
Submissions

Why Do Programmers Do What They Do? A Theory of Influences on Security Practices

Lavanya Sajwan, James Noble, Craig Anslow (Victoria University of Wellington), Robert Biddle (Carleton University)

Technologies are continually adapting to match ever-changing trends. As this occurs, new vulnerabilities are exploited by malicious attackers and can cause significant economic damage to companies. Programmers must continually expand their knowledge and skills to protect software. Programmers make mistakes, and this is why we must interpret how they implement and adopt security practices. This paper reports on a study to understand programmer adoption of security practices. We identified a theory of inter-related influences involving programmer culture, organizational factors, and industry trends. Understanding these decisions can help inform organizational culture and education to improve software security.

Paper

View More Papers

Obfuscated Access and Search Patterns in Searchable Encryption

Zhiwei Shang (University of Waterloo), Simon Oya (University of Waterloo), Andreas Peter (University of Twente), Florian Kerschbaum (University of Waterloo)

Read More

Shadow Attacks: Hiding and Replacing Content in Signed PDFs

Christian Mainka (Ruhr University Bochum), Vladislav Mladenov (Ruhr University Bochum), Simon Rohlmann (Ruhr University Bochum)

Read More

Modeling End-User Affective Discomfort With Mobile App Permissions Across...

Yuxi Wu (Georgia Institute of Technology and Northeastern University), Jacob Logas (Georgia Institute of Technology), Devansh Ponda (Georgia Institute of Technology), Julia Haines (Google), Jiaming Li (Google), Jeffrey Nichols (Apple), W. Keith Edwards (Georgia Institute of Technology), Sauvik Das (Carnegie Mellon University)

Read More

No Port 53, Who Dis?; a year of DNS...

Alec Muffett

Read More