{"id":"https://openalex.org/W2028974852","doi":"https://doi.org/10.1145/1600176.1600182","title":"Security automation considered harmful?","display_name":"Security automation considered harmful?","publication_year":2008,"publication_date":"2008-07-15","ids":{"openalex":"https://openalex.org/W2028974852","doi":"https://doi.org/10.1145/1600176.1600182","mag":"2028974852"},"language":"en","primary_location":{"id":"doi:10.1145/1600176.1600182","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1600176.1600182","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2007 Workshop on New Security Paradigms","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5074830740","display_name":"W. Keith Edwards","orcid":"https://orcid.org/0000-0002-5209-7380"},"institutions":[{"id":"https://openalex.org/I130701444","display_name":"Georgia Institute of Technology","ror":"https://ror.org/01zkghx44","country_code":"US","type":"education","lineage":["https://openalex.org/I130701444"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"W. Keith Edwards","raw_affiliation_strings":["Georgia Institute of Technology, Atlanta, GA","Georgia Institute of Technology Atlanta, GA"],"affiliations":[{"raw_affiliation_string":"Georgia Institute of Technology, Atlanta, GA","institution_ids":["https://openalex.org/I130701444"]},{"raw_affiliation_string":"Georgia Institute of Technology Atlanta, GA","institution_ids":["https://openalex.org/I130701444"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5057909963","display_name":"Erika Shehan Poole","orcid":"https://orcid.org/0000-0003-4228-2336"},"institutions":[{"id":"https://openalex.org/I130701444","display_name":"Georgia Institute of Technology","ror":"https://ror.org/01zkghx44","country_code":"US","type":"education","lineage":["https://openalex.org/I130701444"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Erika Shehan Poole","raw_affiliation_strings":["Georgia Institute of Technology, Atlanta, GA","Georgia Institute of Technology Atlanta, GA"],"affiliations":[{"raw_affiliation_string":"Georgia Institute of Technology, Atlanta, GA","institution_ids":["https://openalex.org/I130701444"]},{"raw_affiliation_string":"Georgia Institute of Technology Atlanta, GA","institution_ids":["https://openalex.org/I130701444"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5109714871","display_name":"Jennifer Stoll","orcid":null},"institutions":[{"id":"https://openalex.org/I130701444","display_name":"Georgia Institute of Technology","ror":"https://ror.org/01zkghx44","country_code":"US","type":"education","lineage":["https://openalex.org/I130701444"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jennifer Stoll","raw_affiliation_strings":["Georgia Institute of Technology, Atlanta, GA","Georgia Institute of Technology Atlanta, GA"],"affiliations":[{"raw_affiliation_string":"Georgia Institute of Technology, Atlanta, GA","institution_ids":["https://openalex.org/I130701444"]},{"raw_affiliation_string":"Georgia Institute of Technology Atlanta, GA","institution_ids":["https://openalex.org/I130701444"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5074830740"],"corresponding_institution_ids":["https://openalex.org/I130701444"],"apc_list":null,"apc_paid":null,"fwci":16.6187,"has_fulltext":false,"cited_by_count":82,"citation_normalized_percentile":{"value":0.98821408,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"33","last_page":"42"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9937000274658203,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12607","display_name":"Personal Information Management and User Behavior","score":0.9789000153541565,"subfield":{"id":"https://openalex.org/subfields/1802","display_name":"Information Systems and Management"},"field":{"id":"https://openalex.org/fields/18","display_name":"Decision Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/automation","display_name":"Automation","score":0.6493337154388428},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6016822457313538},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.44827884435653687},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.1855466365814209}],"concepts":[{"id":"https://openalex.org/C115901376","wikidata":"https://www.wikidata.org/wiki/Q184199","display_name":"Automation","level":2,"score":0.6493337154388428},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6016822457313538},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.44827884435653687},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.1855466365814209},{"id":"https://openalex.org/C78519656","wikidata":"https://www.wikidata.org/wiki/Q101333","display_name":"Mechanical engineering","level":1,"score":0.0}],"mesh":[],"locations_count":4,"locations":[{"id":"doi:10.1145/1600176.1600182","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1600176.1600182","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2007 Workshop on New Security Paradigms","raw_type":"proceedings-article"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.129.9132","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.129.9132","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www-static.cc.gatech.edu/~keith/pubs/nspw07-security-automation.pdf","raw_type":"text"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.156.365","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.156.365","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www-static.cc.gatech.edu/~keith/pubs/nspw07-security-automation.pdf","raw_type":"text"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.228.1002","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.228.1002","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www.nspw.org/papers/2007/nspw2007-edwards.pdf","raw_type":"text"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions","score":0.7900000214576721}],"awards":[{"id":"https://openalex.org/G446373312","display_name":null,"funder_award_id":"CNS 062681","funder_id":"https://openalex.org/F4320337388","funder_display_name":"Division of Computer and Network Systems"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320309321","display_name":"Georgia Institute of Technology","ror":"https://ror.org/01zkghx44"},{"id":"https://openalex.org/F4320337388","display_name":"Division of Computer and Network Systems","ror":"https://ror.org/02rdzmk74"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":47,"referenced_works":["https://openalex.org/W54942354","https://openalex.org/W110140515","https://openalex.org/W1485200701","https://openalex.org/W1491504725","https://openalex.org/W1498112155","https://openalex.org/W1498728415","https://openalex.org/W1528027857","https://openalex.org/W1535357018","https://openalex.org/W1582830784","https://openalex.org/W1595324694","https://openalex.org/W1604662616","https://openalex.org/W1835112993","https://openalex.org/W1975307600","https://openalex.org/W2010789764","https://openalex.org/W2014831132","https://openalex.org/W2016310229","https://openalex.org/W2016902895","https://openalex.org/W2032843080","https://openalex.org/W2034609093","https://openalex.org/W2041545805","https://openalex.org/W2048465382","https://openalex.org/W2057576447","https://openalex.org/W2062424686","https://openalex.org/W2082954984","https://openalex.org/W2109382292","https://openalex.org/W2110537656","https://openalex.org/W2114887779","https://openalex.org/W2118222422","https://openalex.org/W2124065260","https://openalex.org/W2124470457","https://openalex.org/W2129835639","https://openalex.org/W2139464545","https://openalex.org/W2146657063","https://openalex.org/W2153246402","https://openalex.org/W2154765153","https://openalex.org/W2160724118","https://openalex.org/W2166903838","https://openalex.org/W2170496240","https://openalex.org/W2170560691","https://openalex.org/W2172088916","https://openalex.org/W2495214509","https://openalex.org/W2639421075","https://openalex.org/W2733981320","https://openalex.org/W2915939374","https://openalex.org/W3125841156","https://openalex.org/W3175164926","https://openalex.org/W6636170022"],"related_works":["https://openalex.org/W2748952813","https://openalex.org/W2390279801","https://openalex.org/W2358668433","https://openalex.org/W2376932109","https://openalex.org/W2001405890","https://openalex.org/W2382290278","https://openalex.org/W2478288626","https://openalex.org/W2350741829","https://openalex.org/W2530322880","https://openalex.org/W1596801655"],"abstract_inverted_index":{"End-users":[0],"are":[1,35,44,60],"often":[2],"perceived":[3],"as":[4],"the":[5,38,41,94,114,149],"weakest":[6],"link":[7],"in":[8,47,51,72,74,103],"information":[9,83],"security.":[10,29,84],"Because":[11],"of":[12,18,40,87,98,113,117,127,143,153],"this":[13,107],"perception,":[14],"a":[15,79,111,125,141],"growing":[16],"body":[17],"research":[19,144],"and":[20,43,89,96,151],"commercial":[21],"activity":[22],"is":[23,69,77],"focused":[24,146],"on":[25,147],"automated":[26,99],"approaches":[27],"to":[28,133],"With":[30],"these":[31],"approaches,":[32],"security":[33,67,101,119,136,154],"decisions":[34],"removed":[36],"from":[37],"hands":[39],"users,":[42],"placed":[45],"instead":[46],"systems":[48],"themselves,":[49],"or":[50,54],"remote":[52],"services":[53],"organizations":[55],"that":[56,59,65],"establish":[57],"policies":[58],"automatically":[61],"enforced.":[62],"We":[63,122,138],"contend":[64],"although":[66],"automation":[68],"potentially":[70],"beneficial":[71],"theory,":[73],"practice":[75],"it":[76],"not":[78],"panacea":[80],"for":[81,120,130,156],"end-user":[82,100,135],"A":[85],"number":[86],"technical":[88],"social":[90],"factors":[91],"mitigate":[92],"against":[93],"acceptance":[95,150],"efficacy":[97,152],"solutions":[102,155],"many":[104],"cases.":[105],"In":[106],"paper,":[108],"we":[109],"present":[110],"discussion":[112],"inherent":[115],"limitations":[116],"automating":[118],"end-users.":[121,157],"then":[123],"discuss":[124],"set":[126,142],"design":[128],"guidelines":[129],"choosing":[131],"whether":[132],"automate":[134],"systems.":[137],"conclude":[139],"with":[140],"directions":[145],"increasing":[148]},"counts_by_year":[{"year":2025,"cited_by_count":4},{"year":2024,"cited_by_count":2},{"year":2022,"cited_by_count":5},{"year":2021,"cited_by_count":4},{"year":2020,"cited_by_count":3},{"year":2019,"cited_by_count":7},{"year":2018,"cited_by_count":9},{"year":2017,"cited_by_count":3},{"year":2016,"cited_by_count":4},{"year":2015,"cited_by_count":1},{"year":2014,"cited_by_count":9},{"year":2013,"cited_by_count":6},{"year":2012,"cited_by_count":6}],"updated_date":"2026-04-04T16:13:02.066488","created_date":"2025-10-10T00:00:00"}