Shamal Faily
Engaging stakeholders during late stage security design with assumption personas.
Faily, Shamal
Authors
Abstract
This paper aims to present an approach where assumption personas are used to engage stakeholders in the elicitation and specification of security requirements at a late stage of a system's design. The author has devised an approach for developing assumption personas for use in participatory design sessions during the later stages of a system's design. The author validates this approach using a case study in the e-Science domain. Engagement follows by focusing on the indirect, rather than direct, implications of security. More design approaches are needed for treating security at a comparatively late stage. Security design techniques should scale to working with sub-optimal input data. This paper contributes an approach where assumption personas engage project team members when eliciting and specifying security requirements at the late stages of a project.
Citation
FAILY, S. 2015. Engaging stakeholders during late stage security design with assumption personas. Information and computer security [online], 23(4), pages 435-446. Available from: https://doi.org/10.1108/ICS-10-2014-0066
Journal Article Type | Article |
---|---|
Acceptance Date | Jan 12, 2015 |
Online Publication Date | Oct 12, 2015 |
Publication Date | Oct 15, 2015 |
Deposit Date | Sep 16, 2021 |
Publicly Available Date | Dec 7, 2021 |
Journal | Information and computer security |
Print ISSN | 2056-4961 |
Electronic ISSN | 2056-497X |
Publisher | Emerald |
Peer Reviewed | Peer Reviewed |
Volume | 23 |
Issue | 4 |
Pages | 435-446 |
DOI | https://doi.org/10.1108/ICS-10-2014-0066 |
Keywords | Information security; Systems security; User personas; Software engineering |
Public URL | https://rgu-repository.worktribe.com/output/1427738 |
Files
FAILY 2015 Engaging stakeholders during late
(541 Kb)
PDF
Publisher Licence URL
https://creativecommons.org/licenses/by/3.0/
You might also like
Privacy goals for the data lifecycle.
(2022)
Journal Article
Assessing system of systems information security risk with OASoSIS.
(2022)
Journal Article
Visualising personas as goal models to find security tensions.
(2021)
Journal Article
Evaluating privacy: determining user privacy expectations on the web.
(2021)
Journal Article
DPIA in context: applying DPIA to assess privacy risks of cyber physical systems.
(2020)
Journal Article
Downloadable Citations
About OpenAIR@RGU
Administrator e-mail: publications@rgu.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search