Security but not for security’s sake: The impact of social considerations on app developers’ choices

Rauf, Irum; van der Linden, Dirk; Levine, Mark; Towse, John; Nuseibeh, Bashar and Rashid, Awais Security but not for security’s sake: The impact of social considerations on app developers’ choices. In: IEEE/ACM 42nd International Conference on Software Engineering Workshops (ICSEW'20), May 23--29, 2020, Seoul, Republic of Korea, IEEE/ACM.

DOI: https://doi.org/10.1145/3387940.3392230

URL: https://conf.researchr.org/home/icse-2020

Abstract

We explore a dataset of app developer reasoning to better understand the reasons that may inadvertently promote or demote app developers' prioritization of security. We identify a number of reasons: caring vs. fear of users, the impact of norms, and notions of 'otherness' and 'self' in terms of belonging to groups. Based on our preliminary findings, we propose an interdisciplinary research agenda to explore the impact of 'social identity (a psychological theory) on developers’ security rationales, and how this could be leveraged to guide developers towards making more secure choices.

Viewing alternatives

Metrics

Item Actions

Export

You can export this page using these formats Digital Object Identifier - DOI

About

• Item ORO ID
• 70087
• Item Type
• Conference or Workshop Item
• Project Funding Details

• Funded Project Name	Project ID	Funding Body
  Why Johnny doesn’t write secure software? Secure Software Development by the Masses	Not Set	EPSRC (Engineering and Physical Sciences Research Council)

• Keywords
• software development; developer; rationale; security
• Academic Unit or School
• Faculty of Science, Technology, Engineering and Mathematics (STEM) > Computing and Communications
  Faculty of Science, Technology, Engineering and Mathematics (STEM)
• Research Group
• Software Engineering and Design (SEAD)
• Depositing User
• Irum Rauf