The mystery of security design.
Vallindras, Antonios; Faily, Shamal
Designing for security is hard without security getting in the way of design. Unfortunately, security is often promoted through fear, uncertainty, and doubt (FUD). As a result, the scale of FUD has now become so great that it hinders people's ability to appreciate messages that security researchers try to impart. We have created a short documentary film called "Designing security through personas". This film distils the essence of four security design papers, but does so without promoting security through fear. Instead, the film presents the practical, everyday challenges associated with designing for security, and does so by screening nothing artificial. For example, Figure 1 is taken from a scene where affinity diagramming is used to analyse data used to create personas; the summative results of this analysis are presented elsewhere. To convey the challenge of designing for security, the film's visual and audio design uses mystery as a metaphor for security, and design as synonymous with solving this mystery; this is illustrated in Figure 2, which is taken from a scene where the 'designer' imagines three personas as elements of an emergent solution. To further reinforce the idea of security design as the unraveling of a mystery, the film shows the designer observing and collecting data about forensic investigators, who are themselves collecting data for subsequent investigation.
VALLINDRAS, A. and FAILY, S. 2015. The mystery of security design. Presented at the 29th British human computer interaction conference (British HCI 2015), 13-17 July 2015, Lincoln, UK.
|Presentation Conference Type||Other|
|Conference Name||29th British human computer interaction conference (British HCI 2015)|
|Conference Location||Lincoln, UK|
|Start Date||Jul 13, 2015|
|End Date||Jul 17, 2015|
|Deposit Date||Dec 14, 2021|
|Publicly Available Date||Dec 14, 2021|
|Keywords||Systems security; Security risk analysis; User behaviour; User psychology; Fear|
|Additional Information||The file accompanying this record is just the extended abstract for this demonstration, which has also been published with the following citation: VALLINDRAS, A. and FAILY, S. 2015. The mystery of security design. In Proceedings of the 29th British human computer interaction conference (British HCI 2015), 13-17 July 2015, Lincoln, UK. New York: ACM [online], pages 316-317. Available from: https://doi.org/10.1145/2783446.2783631|
VALLINDRAS 2015 The mystery of security design (ABSTRACT)
You might also like
Privacy goals for the data lifecycle.
Automation and cyber security risks on the railways: the human factors implications.
Presentation / Conference
Assessing system of systems information security risk with OASoSIS.
Integrated design framework for facilitating systems-theoretic process analysis.
Cybersecurity user requirements analysis: the ECHO approach.