Security but not for security's sake

Irum Rauf, Dirk van der Linden, Mark Levine, John Towse, Bashar Nuseibeh, Awais Rashid
2020 Proceedings of the IEEE/ACM 42nd International Conference on Software Engineering Workshops  
We explore a dataset of app developer reasoning to better understand the reasons that may inadvertently promote or demote app developers' prioritization of security. We identify a number of reasons: caring vs. fear of users, the impact of norms, and notions of 'otherness' and 'self' in terms of belonging to groups. Based on our preliminary ndings, we propose an interdisciplinary research agenda to explore the impact of social identity (a psychological theory) on developers' security rationales,
more » ... and how this could be leveraged to guide developers towards making more secure choices.
doi:10.1145/3387940.3392230 dblp:conf/icse/RaufLLTNR20 fatcat:vfaifwrfnnfv5gdx3tvuu3w5hq