Shamal Faily
Barry is not the weakest link: eliciting secure system requirements with personas.
Faily, Shamal; Fl�chais, Ivan
Authors
Ivan Fl�chais
Abstract
Building secure and usable systems means specifying systems for the people using it and the tasks they carry out, rather than vice-versa. User-centred design approaches encourage an early focus on users and their contexts of use, but these need to be integrated with approaches for engineering secure systems. This paper describes how personas can augment a process for eliciting and specifying requirements for secure and usable systems. Our results suggest that personas increase stakeholder empathy towards users represented by personas, and the empirical data used to build personas can also be used to obtain a better understanding of prospective attackers and their motivations.
Citation
FAILY, S. and FLÉCHAIS, I. 2010. Barry is not the weakest link: eliciting secure system requirements with personas. In Proceedings of the 24th International BCS human computer interaction conference (HCI 2010): games are a serious business, 6-10 September 2010, Dundee, UK. Swindon: BCS, pages 124-132. Hosted on ScienceOpen [online]. Available from: https://doi.org/10.14236/ewic/HCI2010.17
Conference Name | 24th International BCS human computer interaction conference (HCI 2010): games are a serious business |
---|---|
Conference Location | Dundee, UK |
Start Date | Sep 6, 2010 |
End Date | Sep 10, 2010 |
Acceptance Date | Sep 6, 2010 |
Online Publication Date | Sep 30, 2010 |
Publication Date | Sep 30, 2010 |
Deposit Date | Dec 2, 2021 |
Publicly Available Date | Dec 2, 2021 |
Publisher | BCS, The Chartered Institute for IT |
Pages | 124-132 |
Series Title | Electronic workshops in computing |
Series ISSN | 1477-9358 |
DOI | https://doi.org/10.14236/ewic/HCI2010.17 |
Keywords | Human-computer interaction (HCI); Systems security; User-centred design; Software engineering |
Public URL | https://rgu-repository.worktribe.com/output/1427790 |
Files
FAILY 2010 Barry is not the weakest link
(878 Kb)
PDF
Publisher Licence URL
https://creativecommons.org/licenses/by/4.0/
You might also like
Programming language evaluation criteria for safety-critical software in the air domain.
(2022)
Conference Proceeding
Privacy goals for the data lifecycle.
(2022)
Journal Article
Automation and cyber security risks on the railways: the human factors implications.
(2022)
Presentation / Conference
Assessing system of systems information security risk with OASoSIS.
(2022)
Journal Article
Integrated design framework for facilitating systems-theoretic process analysis.
(2022)
Conference Proceeding
Downloadable Citations
About OpenAIR@RGU
Administrator e-mail: publications@rgu.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search