The mystery of security design.
Vallindras, Antonios; Faily, Shamal
Dr Shamal Faily email@example.com
Designing for security is hard without security getting in the way of design. Unfortunately, security is often promoted through fear, uncertainty, and doubt (FUD). As a result, the scale of FUD has now become so great that it hinders people's ability to appreciate messages that security researchers try to impart. We have created a short documentary film called "Designing security through personas". This film distils the essence of four security design papers, but does so without promoting security through fear. Instead, the film presents the practical, everyday challenges associated with designing for security, and does so by screening nothing artificial. For example, Figure 1 is taken from a scene where affinity diagramming is used to analyse data used to create personas; the summative results of this analysis are presented elsewhere. To convey the challenge of designing for security, the film's visual and audio design uses mystery as a metaphor for security, and design as synonymous with solving this mystery; this is illustrated in Figure 2, which is taken from a scene where the 'designer' imagines three personas as elements of an emergent solution. To further reinforce the idea of security design as the unraveling of a mystery, the film shows the designer observing and collecting data about forensic investigators, who are themselves collecting data for subsequent investigation.
VALLINDRAS, A. and FAILY, S. 2015. The mystery of security design. Presented at the 29th British human computer interaction conference (British HCI 2015), 13-17 July 2015, Lincoln, UK.
|Presentation Conference Type||Other|
|Conference Name||29th British human computer interaction conference (British HCI 2015)|
|Conference Location||Lincoln, UK|
|Start Date||Jul 13, 2015|
|End Date||Jul 17, 2015|
|Deposit Date||Dec 14, 2021|
|Publicly Available Date||Dec 14, 2021|
|Keywords||Systems security; Security risk analysis; User behaviour; User psychology; Fear|
|Additional Information||The file accompanying this record is just the extended abstract for this demonstration, which has also been published with the following citation: VALLINDRAS, A. and FAILY, S. 2015. The mystery of security design. In Proceedings of the 29th British human computer interaction conference (British HCI 2015), 13-17 July 2015, Lincoln, UK. New York: ACM [online], pages 316-317. Available from: https://doi.org/10.1145/2783446.2783631|
VALLINDRAS 2015 The mystery of security design (ABSTRACT)
You might also like
Use-case informed task analysis for secure and usable design solutions in rail.
Visualising personas as goal models to find security tensions.
Evaluating privacy: determining user privacy expectations on the web.
Identifying implicit vulnerabilities through personas as goal models.
Contextualisation of data flow diagrams for security analysis.