Skip to main content

Research Repository

Advanced Search

All Outputs (113)

Embedding professional practice into the cybersecurity curriculum using ethics.
Presentation / Conference Contribution
FAILY, S. and JONES, M. 2015. Embedding professional practice into the cybersecurity curriculum using ethics. Presented at the UK workshop on cybersecurity training and education, 11 June 2015, Liverpool, UK.

Cybersecurity graduates are ready to tackle the technical problems they might face, but employability needs to be incorporated into the curriculum should they wish to tackle ill-defined professional challenges as well. We describe how employability w... Read More about Embedding professional practice into the cybersecurity curriculum using ethics..

Human aspects of digital rights management: the perspective of content developers. [Conference Paper]
Presentation / Conference Contribution
FAVALE, M., MCDONALD, N., FAILY, S. and GATZIDIS, C. 2015. Human aspects of digital rights management: the perspective of content developers. Presented at the 4th International workshop on artificial intelligence and IP law (AIIP 2015): the story(s) of copyright, 9 December 2015, Braga, Portugal.

Legal norms and social behaviours are some of the human aspects surrounding the effectiveness and future of DRM security. Further exploration of these aspects would help unravel the complexities of the interaction between rights protection security a... Read More about Human aspects of digital rights management: the perspective of content developers. [Conference Paper].

Translating contextual integrity into practice using CLIFOD.
Presentation / Conference Contribution
HENRIKSEN-BULMER, J., FAILY, S. and KATOS, V. 2018. Translating contextual integrity into practice using CLIFOD. Presented at the 2018 Networked privacy workshop: privacy in context: critically engaging with theory to guide privacy research and design, part of the 21st ACM conference on computer-supported cooperative work and social computing (CSCW 2018), 3 November 2018, Jersey City, USA.

Public open data increases transparency, but raises questions about the privacy implications of affected individuals. We present a case for using CLIFOD (ContextuaL Integrity for Open Data), a step-by-step privacy decision framework derived from cont... Read More about Translating contextual integrity into practice using CLIFOD..

Folk risk analysis: factors influencing security analysts' interpretation of risk.
Presentation / Conference Contribution
M'MANGA, A., FAILY, S., MCALANEY, J. and WILLIAMS, C. 2017. Folk risk analysis: factors influencing security analysts' interpretation of risk. Presented at the 3rd Workshop on security information workers (WSIW 2017), part of the 13th Symposium on usable privacy and security (SOUPS 2017), co-located with the 2017 USENIX annual technical conference (USENIX ATC 2017), 12-14 July 2017, Santa Clara, USA. Hosted on the USENIX website [online]. Available from: https://www.usenix.org/conference/soups2017/workshop-program/wsiw2017/mmanga

There are several standard approaches to risk analysis recommended for use in information security, however, the actual application of risk analysis by security analysts follows an opaque mix of standard risk analysis procedures and adaptations based... Read More about Folk risk analysis: factors influencing security analysts' interpretation of risk..

The mystery of security design.
Presentation / Conference Contribution
VALLINDRAS, A. and FAILY, S. 2015. The mystery of security design. Presented at the 29th British human computer interaction conference (British HCI 2015), 13-17 July 2015, Lincoln, UK.

Designing for security is hard without security getting in the way of design. Unfortunately, security is often promoted through fear, uncertainty, and doubt (FUD). As a result, the scale of FUD has now become so great that it hinders people's ability... Read More about The mystery of security design..

Formal evaluation of persona trustworthiness with EUSTACE.
Presentation / Conference Contribution
FAILY, S., POWER, D., ARMSTRONG, P. and FLÉCHAIS, I. 2013. Formal evaluation of persona trustworthiness with EUSTACE. Presented at the 6th International conference on trust and trustworthy computing (TRUST 2013), 17-19 June 2013, London, UK.

Personas are useful for considering how users of a system might behave, but problematic when accounting for hidden behaviours not obvious from their descriptions alone. Formal methods can potentially identify such subtleties in interactive systems, b... Read More about Formal evaluation of persona trustworthiness with EUSTACE..

Context-sensitive requirements and risk analysis.
Presentation / Conference Contribution
FAILY, S. 2009. Context-sensitive requirements and risk analysis. Presented at the Doctoral symposium of the 17th IEEE international requirements engineering conference (RE2009), 1 September 2009, Atlanta, USA.

When a system's context of use changes, the security impact may be felt in other contexts. Risks mitigated for one operational context may continue to pose a danger in others due to contextual differences in assets, threats and vulnerabilities. The r... Read More about Context-sensitive requirements and risk analysis..

Two requirements for usable and secure software engineering.
Presentation / Conference Contribution
FAILY, S. 2011. Two requirements for usable and secure software engineering. Presented at the 1st Software and usable security aligned for good engineering workshop (SAUSAGE 2011), 5-6 April 2011, Gaithersburg, USA.

Despite the acknowledged need for systems to be both usable and secure, we lack guidance on how developers might build such systems. Based on recent research, we believe evidence exists that blending techniques from Security, Usability, and Software... Read More about Two requirements for usable and secure software engineering..

Security goes to ground: on the applicability of security entrepreneurship to grassroot activism.
Presentation / Conference Contribution
FAILY, S. 2011. Security goes to ground: on the applicability of security entrepreneurship to grassroot activism. Presented at the Workshop on HCI, politics and the city, part of the 29th Annual CHI conference on human factors in computing systems (CHI 2011), 7-8 May 2011, Vancouver, Canada.

Designing security for grassroot movements raises several challenges not particular to the organisations that are catered to by conventional approaches to security design. Drawing on analogies between Social Entrepreneurship and Grassroot Activism, a... Read More about Security goes to ground: on the applicability of security entrepreneurship to grassroot activism..

Security and usability: searching for the philosopher's stone.
Presentation / Conference Contribution
FLÉCHAIS, I. and FAILY, S. 2010. Security and usability: searching for the philosopher's stone. Presented at the Workshop on the development of EuroSOUPS, 24 November 2010, Newcastle, UK. Hosted on CoCoLab.org [online]. Available from: https://www.cocolab.org/soups/eurosoups

This paper describes the unique challenges facing usable security research and design, and introduces three proposals for addressing these. For all intents and purposes security design is currently a craft, where quality is dependent on individuals a... Read More about Security and usability: searching for the philosopher's stone..

Living with flight dynamics: proposals and possible pitfalls for harmonising flight dynamics systems with EGOS.
Presentation / Conference Contribution
FAILY, S. 2007. Living with flight dynamics: proposals and possible pitfalls for harmonising flight dynamics systems with EGOS. Presented at the 2nd European ground system architecture workshop (ESAW 2007), 12-13 June 2007, Darmstadt, Germany.

This presentation advocates for harmonisation of flight dynamics systems, while addressing the possible challenges that might be encountered. Specifically, the presentation makes four proposals for harmonisation: telemetry monitoring software; low le... Read More about Living with flight dynamics: proposals and possible pitfalls for harmonising flight dynamics systems with EGOS..

Improving secure systems design with security culture.
Presentation / Conference Contribution
FAILY, S. and FLÉCHAIS, I. 2010. Improving secure systems design with security culture. Presented at the Human factors in information security conference (HFIS 2010), 22-24 February 2010, London, UK.

This poster summarises how the concept of security culture can be used to improve systems security and secure systems design. It highlights: the use of personas and user-centred design; environment modeling and understanding a system's context; and t... Read More about Improving secure systems design with security culture..

Automation and cyber security risks on the railways: the human factors implications.
Presentation / Conference Contribution
THON, E. and FAILY, S. 2022. Automation and cyber security risks on the railways: the human factors implications. Presented at the 2022 International conference on ergonomics and human factors, part one (EHF2022 Online), 11-12 April 2022, [virtual event].

Automation improves rail passenger experience, but may reduce cyber resilience because it fails to adequately account for human factors. Preliminary results from a study on signallers and automation confirms this, but judicious use of modelling tools... Read More about Automation and cyber security risks on the railways: the human factors implications..