Skip to main content

Research Repository

Advanced Search

All Outputs (69)

Persona cases: a technique for grounding personas. (2011)
Conference Proceeding
FAILY, S. and FLÉCHAIS, I. 2011. Persona cases: a technique for grounding personas. In Proceedings of the 29th Annual CHI conference on human factors in computing systems (CHI 2011), 7-12 May 2011, Vancouver, Canada. New York: ACM [online], pages 2267-2270. Available from: https://doi.org/10.1145/1978942.1979274

Personas are a popular technique in User-Centered Design, however their validity can be called into question. While the techniques used to developed personas and their integration with other design activities provide some measure of validity, a perso... Read More about Persona cases: a technique for grounding personas..

A model of security culture for e-science. (2011)
Conference Proceeding
FAILY, S. and FLÉCHAIS, I. 2011. A model of security culture for e-science. In Clarke, N., Furnell, S. and Von Solms, R. (eds.) Proceedings of the South African information security multi-conference (SAISMC 2010), 17-18 May 2010, Port Elizabeth, South Africa. Plymouth: University of Plymouth, pages 154-164.

There is a need to understand the cultural issues affecting security in large, distributed and heterogeneous systems; such systems are typified by e-Science projects. We present a model of security culture for e-Science, grounded both in the security... Read More about A model of security culture for e-science..

The secret lives of assumptions: developing and refining assumption personas for secure system design. (2010)
Conference Proceeding
FAILY, S. and FLÉCHAIS, I. 2010. The secret lives of assumptions: developing and refining assumption personas for secure system design. In Bernhaupt, R., Forbrig, P., Gulliksen, J. and Lárusdóttir, M. (eds.) Human-centred software engineering: proceedings of the 3rd International conference on human-centred software engineering (HCSE 2010), 14-15 October 2010, Reykjavik, Iceland. Lecture notes in computer science, 6409. Berlin: Springer [online], pages 111-118. Available from: https://doi.org/10.1007/978-3-642-16488-0_9

Personas are useful for obtaining an empirically grounded understanding of a secure system's user population, its contexts of use, and possible vulnerabilities and threats endangering it. Often, however, personas need to be partly derived from assump... Read More about The secret lives of assumptions: developing and refining assumption personas for secure system design..

To boldly go where invention isn't secure: applying security entrepreneurship to secure systems design. (2010)
Conference Proceeding
FAILY, S. and FLÉCHAIS, I. 2010. To boldly go where invention isn't secure: applying security entrepreneurship to secure systems design. In Proceedings of the 2010 New security paradigms workshop (NSPW 2010), 21-23 September 2010, Concord, USA. New York: ACM [online], pages 73-84. Available from: https://doi.org/10.1145/1900546.1900557

When designing secure systems, we are inundated with an eclectic mix of security and non-security requirements; this makes predicting a successful outcome from the universe of possible security design decisions a difficult problem. We propose augment... Read More about To boldly go where invention isn't secure: applying security entrepreneurship to secure systems design..

Barry is not the weakest link: eliciting secure system requirements with personas. (2010)
Conference Proceeding
FAILY, S. and FLÉCHAIS, I. 2010. Barry is not the weakest link: eliciting secure system requirements with personas. In Proceedings of the 24th International BCS human computer interaction conference (HCI 2010): games are a serious business, 6-10 September 2010, Dundee, UK. Swindon: BCS, pages 124-132. Hosted on ScienceOpen [online]. Available from: https://doi.org/10.14236/ewic/HCI2010.17

Building secure and usable systems means specifying systems for the people using it and the tasks they carry out, rather than vice-versa. User-centred design approaches encourage an early focus on users and their contexts of use, but these need to be... Read More about Barry is not the weakest link: eliciting secure system requirements with personas..

A meta-model for usable secure requirements engineering. (2010)
Conference Proceeding
FAILY, S. and FLÉCHAIS, I. 2010. A meta-model for usable secure requirements engineering. In Proceedings of the 2010 ICSE workshop on software engineering for secure systems (SESS '10): co-located with the 32nd ACM/IEEE international conference on software engineering (ICSE 2010), 2-8 May 2010, Cape Town, South Africa. New York: ACM [online], pages 29-35. Available from: https://doi.org/10.1145/1809100.1809105

There is a growing recognition of the need for secure software engineering approaches addressing both technical and human factors. Existing approaches to secure software engineering focus on the need for technical security to the detriment of usabili... Read More about A meta-model for usable secure requirements engineering..

Analysing and visualising security and usability in IRIS. (2010)
Conference Proceeding
FAILY, S. and FLÉCHAIS, I. 2010. Analysing and visualising security and usability in IRIS. In Proceedings of the 5th International conference on availability, reliability and security (ARES 2010), 15-18 February 2010, Krakow, Poland. Los Alamitos: IEEE Computer Society [online], pages 543-548. Available from: https://doi.org/10.1109/ares.2010.28

Despite a long-standing need to incorporate human factors into security risk analysis, taking a balanced approach to analysing security and usability concerns remains a challenge. Balancing security and usability is difficult due to human biases in s... Read More about Analysing and visualising security and usability in IRIS..

Towards requirements engineering practice for professional end user developers: a case study. (2008)
Conference Proceeding
FAILY, S. 2008. Towards requirements engineering practice for professional end user developers: a case study. In Proceedings of the 2008 Requirements engineering education and training conference (REET 2008), 8 September 2008, Barcelona, Spain. Washington, D.C.: IEEE Computer Society [online], pages 38-44. Available from: https://doi.org/10.1109/REET.2008.8

End-user development has received a lot of attention in the research community. Despite the importance of requirements engineering in the software development life-cycle, comparatively little exists in the way of prescriptive advice or case studies o... Read More about Towards requirements engineering practice for professional end user developers: a case study..

Proceedings of the 2008 Oxford University Computing Laboratory student conference. (2008)
Conference Proceeding
FAILY, S. and ŽIVNÝ, S. (eds.) Proceedings of the 2008 Oxford University Computing Laboratory student conference, October 2008, Oxford, UK. Oxford: Oxford University Computing Laboratory [online]. Available from: https://www.cs.ox.ac.uk/files/1328/RR-08-10.pdf

This conference serves two purposes. First, the event is a useful pedagogical exercise for all participants, from the conference committee and referees, to the presenters and the audience. For some presenters, the conference may be the first time the... Read More about Proceedings of the 2008 Oxford University Computing Laboratory student conference..