Examining the Contribution of Critical Visualisation to Information Security

This paper examines the use of visualisations in the field of information security and in particular focuses on the practice of information security risk assessment. We examine the current roles of information security visualisations and place these roles in the wider information visualisation discourse. We present an analytic lens which divides visualisations into three categories: journalistic, scientific and critical visualisations. We then present a case study that uses these three categories of visualisations to further support information security practice. Two significant results emerge from this case study: (1) visualisations that promote critical thinking and reflection (a form of critical visualisation) support the multi-stakeholder nature of risk assessment and (2) a preparatory stage in risk assessment is sometimes needed by service designers in order to establish the service design before conducting a formal risk assessment. The reader is invited to explore the images in the digital version of this paper where they can zoom in to particular aspects of the images and view the images in colour.

[1]  D. Rader Social Semiotics , 2013 .

[2]  Jeffrey Heer,et al.  Narrative Visualization: Telling Stories with Data , 2010, IEEE Transactions on Visualization and Computer Graphics.

[3]  M. Douglas,et al.  Risk and Culture: An Essay on the Selection of Technological and Environmental Dangers , 1983 .

[4]  J. Llewelyn Beyond Objectivism and Relativism: Science, Hermeneutics, and Praxis , 1985 .

[5]  Sybilla Nikolow "Words divide, pictures unite". Otto Neurath's pictorial statistics in historical context , 2011 .

[6]  Antony J. Williams,et al.  Beautiful Data: The Stories Behind Elegant Data Solutions , 2009 .

[7]  Angus Cameron,et al.  Ground zero – the semiotics of the boundary line , 2011 .

[8]  Paul Dourish,et al.  Security in the wild: user strategies for managing security as an everyday, practical problem , 2004, Personal and Ubiquitous Computing.

[9]  Johanna Drucker SpecLab: Digital Aesthetics and Projects in Speculative Computing , 2009 .

[10]  Jeremy W. Crampton,et al.  Mapping: A Critical Introduction to Cartography and GIS , 2010 .

[11]  R. Chambers Whose Reality Counts?: Putting the First Last , 1997 .

[12]  Henk Jonkers,et al.  The Architecture of the ArchiMate Language , 2009, BMMDS/EMMSAD.

[13]  A. Robinson Early Thematic Mapping in the History of Cartography , 1982 .

[14]  Sarah Rothstein,et al.  Mapping A Critical Introduction To Cartography And Gis , 2016 .

[15]  Gregory Gutin,et al.  On the Parameterized Complexity and Kernelization of the Workflow Satisfiability Problem , 2013, TSEC.

[16]  Ben Shneiderman,et al.  Designing the User Interface: Strategies for Effective Human-Computer Interaction , 1998 .

[17]  Paul Dourish,et al.  What we talk about when we talk about context , 2004, Personal and Ubiquitous Computing.

[18]  Pelle Ehn,et al.  Participation in design things , 2008, PDC.

[19]  Jacques Bertin,et al.  Semiology of Graphics - Diagrams, Networks, Maps , 2010 .

[20]  D. Rosenberg Cartographies of Time: A History of the Timeline , 2010 .

[21]  Daniel A. McFarland,et al.  Dynamic Network Visualization1 , 2005, American Journal of Sociology.

[22]  M. Korstanje The Risk Society: Towards a new modernity , 2009 .

[23]  J. Krygier,et al.  Rethinking the Power of Maps , 2010 .

[24]  Edward R. Tufte,et al.  The Visual Display of Quantitative Information , 1986 .

[25]  John J. Bertin,et al.  The semiology of graphics , 1983 .

[26]  T. Kuhn,et al.  The Structure of Scientific Revolutions. , 1964 .

[27]  Linton C. Freeman,et al.  Carnegie Mellon: Journal of Social Structure: Visualizing Social Networks Visualizing Social Networks , 2022 .

[28]  Chandler Stolp,et al.  The Visual Display of Quantitative Information , 1983 .

[29]  Raffael Marty,et al.  Applied Security Visualization , 2008 .

[30]  B. Latour A Cautious Prometheus ? A Few Steps Toward a Philosophy of Design , 2009 .

[31]  Peter Hall,et al.  Logical Lego? Co-Constructed Perspectives on Service Design , 2014 .

[32]  Ezio Manzini,et al.  Relational Services , 2009 .

[33]  W. Boyd,et al.  Risk Society: Towards a New Modernity@@@Risk and Rationality: Philosophical; Foundations for Populist Reforms , 1993 .