Information technology social engineering: an academic definition and study of social engineering - analyzing the human firewall
Evans, Nathaniel (2009) Information technology social engineering: an academic definition and study of social engineering - analyzing the human firewall. PhD thesis, Iowa State University.
Full text available as:
People have knowledge and people control knowledge, whether through a computer, papers or memory, people are ultimately in charge and people are a hole in security. In order to fully understand security, people must be understood, specifically people’s relationship with information technology networks. The most common attack against people on information technology networks is called ‘social engineering.’ When social engineering is explored many psychological concepts arise including Neuro-Linguistic Programming and even historical parallels with the Nazi government. Exploring these ideas with the slant of information technology networks helps define and organize the problem of social engineering. If the problem of social engineering across information technology networks can be understood, eventually solutions can exist, which increase the security of knowledge and eliminate the hole people create.
Archive Staff Only: edit this record