Surface applications for security analysis

Abstract

This chapter relates to human factors in computer security, and how surface technology might support security analysis. This specific domain allowed us to investigate surface application design and development in an established context, and thus learn how the real needs of the domainmight best be supported. Throughout, we were fortunate to have partners in industry and government working in the domain who were able to give us advice and feedback. A number of projects were conducted over the span of our research program, each one offering findings that informed later projects. In this chapter, we provide an outline of our work, summarizing each of the main projects and their findings. We cover: (1) a literature review. (2) Ethnographic studies of firstly operators and technicians in seven operations centres, and secondly a team of ten professional analysts working in the security domain; (3) ACH Walkthrough, a collaborative web-based decision-making tool; (4) Ra, a tool that supports rollback, playback and other explorative actions when using web applications like ACH Walkthrough; and (5) Strata, a tool that allows for the annotation of web applications, enabling the work of collaborative teams.