Shamal Faily
To boldly go where invention isn't secure: applying security entrepreneurship to secure systems design.
Faily, Shamal; Fl�chais, Ivan
Authors
Ivan Fl�chais
Abstract
When designing secure systems, we are inundated with an eclectic mix of security and non-security requirements; this makes predicting a successful outcome from the universe of possible security design decisions a difficult problem. We propose augmenting the process of security design with the paradigm of Security Entrepreneurship: the application of innovation models and principles to organise, create, and manage security design elements to bring about improved system security. We propose three initial Security Entrepreneurship techniques as examples of this paradigm, describe how their underlying models align with secure systems design, and help predict the social and technical impact of possible design decisions. We also pose a number of thought experiments, and suggest possible research agendas for Security Entrepreneurship.
Citation
FAILY, S. and FLÉCHAIS, I. 2010. To boldly go where invention isn't secure: applying security entrepreneurship to secure systems design. In Proceedings of the 2010 New security paradigms workshop (NSPW 2010), 21-23 September 2010, Concord, USA. New York: ACM [online], pages 73-84. Available from: https://doi.org/10.1145/1900546.1900557
| Presentation Conference Type | Conference Paper (published) |
|---|---|
| Conference Name | 2010 New security paradigms workshop (NSPW 2010) |
| Start Date | Sep 21, 2010 |
| End Date | Sep 23, 2010 |
| Acceptance Date | Sep 21, 2010 |
| Online Publication Date | Sep 30, 2010 |
| Publication Date | Dec 31, 2010 |
| Deposit Date | Dec 15, 2021 |
| Publicly Available Date | Dec 15, 2021 |
| Publisher | Association for Computing Machinery (ACM) |
| Peer Reviewed | Peer Reviewed |
| Pages | 73-84 |
| ISBN | 9781450304153 |
| DOI | https://doi.org/10.1145/1900546.1900557 |
| Keywords | Systems security; Security risk analysis; Requirements engineering; Software engineering; Entrepreneurship |
| Public URL | https://rgu-repository.worktribe.com/output/1427813 |
Files
FAILY 2010 To boldly go where invention
(720 Kb)
PDF
You might also like
Privacy goals for the data lifecycle.
(2022)
Journal Article
Assessing system of systems information security risk with OASoSIS.
(2022)
Journal Article
Visualising personas as goal models to find security tensions.
(2021)
Journal Article
Evaluating privacy: determining user privacy expectations on the web.
(2021)
Journal Article
DPIA in context: applying DPIA to assess privacy risks of cyber physical systems.
(2020)
Journal Article
Downloadable Citations
About OpenAIR@RGU
Administrator e-mail: publications@rgu.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search