Skip to main content

Research Repository

Advanced Search

Requirements sensemaking using concept maps. (2012)
Conference Proceeding
FAILY, S., LYLE, J., PAUL, A., ATZENI, A., BLOMME, D., DESRUELLE, H. and BANGALORE, K. 2012. Requirements sensemaking using concept maps. In Winckler, M., Forbrig, P. and Bernhaupt, R. (eds.) Human-centered software engineering: proceedings of the 4th International conference on human-centered software engineering (HCSE 2012), 29-31 October 2012, Toulouse, France. Lecture notes in computer science, 7623. Heidelberg: Springer [online], pages 217-232. Available from: https://doi.org/10.1007/978-3-642-34347-6_13

Requirements play an important role in software engineering, but their perceived usefulness means that they often fail to be properly maintained. Traceability is often considered a means for motivating and maintaining requirements, but this is diffic... Read More about Requirements sensemaking using concept maps..

On the design and development of webinos: a distributed mobile application middleware. (2012)
Conference Proceeding
LYLE, J., FAILY, S., FLÉCHAIS, I., PAUL, A., GÖKER, A., MYRHAUG, H., DESRUELLE, H. and MARTIN, A. 2012. On the design and development of webinos: a distributed mobile application middleware. In Göschka, K.M. and Haridi, S. (eds.) Distributed applications and interoperable systems: proceedings of the 12th International Federation for Information Processing (IFIP) Working Group 6.1 international conference on distributed applications and interoperable systems (DAIS 2012), 13-16 June 2012, Stockholm, Sweden. Lecture notes in computer science, 7272. Heidelberg: Springer [online], pages 140-147. Available from: https://doi.org/10.1007/978-3-642-30823-9_12

As personal devices become smarter, opportunities arise for sharing services, applications and data between them. While web technologies hold the promise of being a unifying layer, browsers lack functionality for supporting inter-device communication... Read More about On the design and development of webinos: a distributed mobile application middleware..

Model-driven architectural risk analysis using architectural and contextualised attack patterns. (2012)
Conference Proceeding
FAILY, S., LYLE, J., NAMILUKO, C., ATZENI, A. and CAMERONI, C. 2012. Model-driven architectural risk analysis using architectural and contextualised attack patterns. In Proceedings of the 1st Model-driven security workshop (MDsec 2012), co-located with the 15th International conference on model-driven engineering languages and systems (MoDELS 2012), 1-5 October 2012, Innsbruck, Austria. New York: ACM [online], article number 3. Available from: https://doi.org/10.1145/2422498.2422501

A secure system architecture is often based on a variety of design and security model elements. Without some way of evaluating the impact of these individual design elements in the face of possible attacks, design flaws may weaken a software architec... Read More about Model-driven architectural risk analysis using architectural and contextualised attack patterns..

Proceedings of the Designing interactive secure systems workshop (DISS 2012). (2012)
Conference Proceeding
FAILY, S., FLÉCHAIS, I. and COLES-KEMP, L. (eds.) 2012. Proceedings of the Designing interactive secure systems workshop (DISS 2012), part of the 26th International BCS human computer interaction conference (HCI 2012): people and computers, 11 September 2012, Birmingham, UK. Swindon: BCS [online], article numbers 62-70. Preface available from: https://doi.org/10.14236/ewic/HCI2012.70

In recent years, the field of usable security has attracted researchers from HCI and Information Security, and led to a better understanding of the interplay between human factors and security mechanisms. Despite these advances, designing systems whi... Read More about Proceedings of the Designing interactive secure systems workshop (DISS 2012)..

Secure system? Challenge accepted: finding and resolving security failures using security premortems. (2012)
Conference Proceeding
FAILY, S., PARKIN, S. and LYLE, J. 2012. Secure system? Challenge accepted: finding and resolving security failures using security premortems. In Faily, S., Fléchais, I. and Coles-Kemp, L. (eds.) Proceedings of the Designing interactive secure systems workshop (DISS 2012), part of the 26th International BCS human computer interaction conference (HCI 2012): people and computers, 11 September 2012, Birmingham, UK. Swindon: BCS [online], article number 66. Available from: https://doi.org/10.14236/ewic/HCI2012.66

Risk-driven approaches are dominant in secure systems design; these aim to elicit and treat vulnerabilities and the threats exploiting them. Such approaches, however, are so focused on driving risks out of system design, they fail to recognise the us... Read More about Secure system? Challenge accepted: finding and resolving security failures using security premortems..

Software for interactive secure systems design: lessons learned developing and applying CAIRIS. (2012)
Conference Proceeding
FAILY, S. and FLÉCHAIS, I. 2012. Software for interactive secure systems design: lessons learned developing and applying CAIRIS. In Faily, S., Fléchais, I. and Coles-Kemp, L. (eds.) Proceedings of the Designing interactive secure systems workshop (DISS 2012), part of the 26th International BCS human computer interaction conference (HCI 2012): people and computers, 11 September 2012, Birmingham, UK. Swindon: BCS [online], article number 64. Available from: https://doi.org/10.14236/ewic/HCI2012.64

As systems become more complex, the potential for security vulnerabilities being introduced increases. If we are to provide assurances about systems we design then we need the means of analysing, managing, and generally making sense of the data that... Read More about Software for interactive secure systems design: lessons learned developing and applying CAIRIS..

Cross-platform access control for mobile web applications. (2012)
Conference Proceeding
LYLE, J., MONTELEONE, S., FAILY, S., PATTI, D. and RICCIATO, F. 2012. Cross-platform access control for mobile web applications. In Proceedings of the 2012 IEEE international symposium on policies for distributed systems and networks (POLICY 2012), 16-18 July 2012, Chapel Hill, USA. Los Alamitos: IEEE Computer Society [online], pages 37-44. Available from: https://doi.org/10.1109/POLICY.2012.9

Web browsers are a common platform for delivering cross-platform applications. However, they currently fail to provide consistent access control for security and privacy sensitive JavaScript APIs, such as geolocation and local storage. This problem i... Read More about Cross-platform access control for mobile web applications..

Tool-supported premortems with attack and security patterns. (2012)
Conference Proceeding
FAILY, S., LYLE, J. and PARKIN, S. 2012. Tool-supported premortems with attack and security patterns. In Proceedings of the 1st International workshop on cyberpatterns (Cyberpatterns 2012): unifying design patterns with security, attack and forensic patterns, 9-10 July 2012, Abingdon, UK. Oxford: Oxford Brookes University, pages 10-11.

Security patterns are a useful technique for packaging and applying security knowledge. However, because patterns represent partial knowledge of a problem and solution space, there is little certainty that addressing the consequences of one problem w... Read More about Tool-supported premortems with attack and security patterns..

Analysing chind?gu: applying defamiliarisation to security design. (2012)
Presentation / Conference
FAILY, S. 2012. Analysing chind?gu: applying defamiliarisation to security design. Presented at the Workshop on defamiliarization in innovation and usability, part of the 30th ACM SIGCHI conference on human factors in computing systems (CHI 2012), 5 May 2012, Austin, Texas.

Envisaging how secure systems might be attacked is difficult without adequate attacker models or relying on stereotypes. Defamiliarisation removes this need for a priori domain knowledge and encourages designers to think critically about system prope... Read More about Analysing chind?gu: applying defamiliarisation to security design..

The webinos project. (2012)
Conference Proceeding
FUHRHOP, C., LYLE, J. and FAILY, S. 2012. The webinos project. In Proceedings of the 21st Annual conference on World Wide Web companion (WWW 2012 Companion), 16-20 April 2012, Lyon, France. New York: ACM [online], pages 263-266. Available from: https://doi.org/10.1145/2187980.2188024

This poster paper describes the webinos project and presents the architecture and security features developed in webinos. It highlights the main objectives and concepts of the project and describes the architecture derived to achive the objectives.