A model of security culture for e-science.

Faily, Shamal; Fl�chais, Ivan

Proceedings of the Designing interactive secure systems workshop (DISS 2012). (2012)
Conference Proceeding
FAILY, S., FLÉCHAIS, I. and COLES-KEMP, L. (eds.) 2012. Proceedings of the Designing interactive secure systems workshop (DISS 2012), part of the 26th International BCS human computer interaction conference (HCI 2012): people and computers, 11 September 2012, Birmingham, UK. Swindon: BCS [online], article numbers 62-70. Preface available from: https://doi.org/10.14236/ewic/HCI2012.70

In recent years, the field of usable security has attracted researchers from HCI and Information Security, and led to a better understanding of the interplay between human factors and security mechanisms. Despite these advances, designing systems whi... Read More about Proceedings of the Designing interactive secure systems workshop (DISS 2012)..

Software for interactive secure systems design: lessons learned developing and applying CAIRIS. (2012)
Conference Proceeding
FAILY, S. and FLÉCHAIS, I. 2012. Software for interactive secure systems design: lessons learned developing and applying CAIRIS. In Faily, S., Fléchais, I. and Coles-Kemp, L. (eds.) Proceedings of the Designing interactive secure systems workshop (DISS 2012), part of the 26th International BCS human computer interaction conference (HCI 2012): people and computers, 11 September 2012, Birmingham, UK. Swindon: BCS [online], article number 64. Available from: https://doi.org/10.14236/ewic/HCI2012.64

As systems become more complex, the potential for security vulnerabilities being introduced increases. If we are to provide assurances about systems we design then we need the means of analysing, managing, and generally making sense of the data that... Read More about Software for interactive secure systems design: lessons learned developing and applying CAIRIS..

Secure system? Challenge accepted: finding and resolving security failures using security premortems. (2012)
Conference Proceeding
FAILY, S., PARKIN, S. and LYLE, J. 2012. Secure system? Challenge accepted: finding and resolving security failures using security premortems. In Faily, S., Fléchais, I. and Coles-Kemp, L. (eds.) Proceedings of the Designing interactive secure systems workshop (DISS 2012), part of the 26th International BCS human computer interaction conference (HCI 2012): people and computers, 11 September 2012, Birmingham, UK. Swindon: BCS [online], article number 66. Available from: https://doi.org/10.14236/ewic/HCI2012.66

Risk-driven approaches are dominant in secure systems design; these aim to elicit and treat vulnerabilities and the threats exploiting them. Such approaches, however, are so focused on driving risks out of system design, they fail to recognise the us... Read More about Secure system? Challenge accepted: finding and resolving security failures using security premortems..

Looking for genre: the use of structural features during search tasks with Wikipedia. (2012)
Conference Proceeding
CLARK, M., RUTHVEN, I., O'BRIAN HOLT, P. and SONG, D. 2012. Looking for genre: the use of structural features during search tasks with Wikipedia. In Proceedings of the 4th Information interaction in context symposium (IIIX'12), 21-24 August 2012, Nijmegen, Netherlands. New York: ACM [online], pages 145-154. Available from: https://doi.org/10.1145/2362724.2362751

This paper reports on our task-based observational, logged, questionnaire study and analysis of ocular behavior pertaining to the interaction of structural features of text in Wikipedia using eye tracking. We set natural and realistic tasks searching... Read More about Looking for genre: the use of structural features during search tasks with Wikipedia..

Cross-platform access control for mobile web applications. (2012)
Conference Proceeding
LYLE, J., MONTELEONE, S., FAILY, S., PATTI, D. and RICCIATO, F. 2012. Cross-platform access control for mobile web applications. In Proceedings of the 2012 IEEE international symposium on policies for distributed systems and networks (POLICY 2012), 16-18 July 2012, Chapel Hill, USA. Los Alamitos: IEEE Computer Society [online], pages 37-44. Available from: https://doi.org/10.1109/POLICY.2012.9

Web browsers are a common platform for delivering cross-platform applications. However, they currently fail to provide consistent access control for security and privacy sensitive JavaScript APIs, such as geolocation and local storage. This problem i... Read More about Cross-platform access control for mobile web applications..

Music-inspired texture representation. (2012)
Conference Proceeding
HORSBURGH, B., CRAW, S. and MASSIE, S. 2012. Music-inspired texture representation. In Proceedings of the 26th Association for the Advancement of Artificial Intelligence conference on artificial intelligence (AAAI-12), co-located with the 2012 Symposium on educational advances in artificial intelligence (EAAI-12), 22-26 July 2012, Toronto, Canada. Palo Alto: AAAI Press [online], pages 52-58. Available from: https://www.aaai.org/ocs/index.php/AAAI/AAAI12/paper/view/5041

Techniques for music recommendation are increasingly relying on hybrid representations to retrieve new and exciting music. A key component of these representations is musical content, with texture being the most widely used feature. Current technique... Read More about Music-inspired texture representation..

Tool-supported premortems with attack and security patterns. (2012)
Conference Proceeding
FAILY, S., LYLE, J. and PARKIN, S. 2012. Tool-supported premortems with attack and security patterns. In Proceedings of the 1st International workshop on cyberpatterns (Cyberpatterns 2012): unifying design patterns with security, attack and forensic patterns, 9-10 July 2012, Abingdon, UK. Oxford: Oxford Brookes University, pages 10-11.

Security patterns are a useful technique for packaging and applying security knowledge. However, because patterns represent partial knowledge of a problem and solution space, there is little certainty that addressing the consequences of one problem w... Read More about Tool-supported premortems with attack and security patterns..

The webinos project. (2012)
Conference Proceeding
FUHRHOP, C., LYLE, J. and FAILY, S. 2012. The webinos project. In Proceedings of the 21st Annual conference on World Wide Web companion (WWW 2012 Companion), 16-20 April 2012, Lyon, France. New York: ACM [online], pages 263-266. Available from: https://doi.org/10.1145/2187980.2188024

This poster paper describes the webinos project and presents the architecture and security features developed in webinos. It highlights the main objectives and concepts of the project and describes the architecture derived to achive the objectives.

Case-based situation awareness. (2012)
Conference Proceeding
NWIABU, N., ALLISON, I., HOLT, P., LOWIT, P. and OYENEYIN, B. 2012. Case-based situation awareness. In Proceedings of the 2012 IEEE international multi-disciplinary conference on cognitive methods in situation awareness and decision support (CogSIMA 2012), 6-8 March 2012, New Orleans, USA. New York: IEEE [online], article number 6188388, pages 22-29. Available from: https://doi.org/10.1109/CogSIMA.2012.6188388

Situation-aware case-based decision support (SACBDS) systems comprise two distinct parts: situation awareness (SA) and case-based reasoning (CBR). The SA part keeps a finite history of the time space information of the domain and uses rules to interp... Read More about Case-based situation awareness..

User interface design for situation-aware decision support systems. (2012)
Conference Proceeding
NWIABU, N., ALLISON, I., HOLT, P., LOWIT, P. and OYENEYIN, B. 2012. User interface design for situation-aware decision support systems. In Proceedings of the 2012 IEEE international multi-disciplinary conference on cognitive methods in situation awareness and decision support (CogSIMA 2012), 6-8 March 2012, New Orleans, USA. New York: IEEE [online], article number 6188405, pages 332-339. Available from: https://doi.org/10.1109/CogSIMA.2012.6188405

Information recall about general situations incurs memory and cognitive loads on operators. Recognition of information for specific situations identified with users context and the state of the world is helpful to operators in performing tasks in com... Read More about User interface design for situation-aware decision support systems..

Influences on agile practice tailoring in enterprise software development. (2012)
Conference Proceeding
BASS, J.M. 2012. Influences on agile practice tailoring in enterprise software development. In Proceedings of Agile India 2012, 17-19 February 2012, Bengaluru, India. Los Alamitos: IEEE Computer Society [online], article number 6170020, pages 1-9. Available from: https://doi.org/10.1109/AgileIndia.2012.15

Agile development projects have become a reality in large enterprises using offshore development models. A case study involving seven international companies with offices in Bangalore, India, and London, UK was conducted, including interviews with 19... Read More about Influences on agile practice tailoring in enterprise software development..

Finding the hidden gems: recommending untagged music. (2011)
Conference Proceeding
HORSBURGH, B., CRAW, S., MASSIE, S. and BOSWELL, R. 2011. Finding the hidden gems: recommending untagged music. In Proceedings of the 22nd International joint conference on artificial intelligence (IJCAI-11), 16-22 July 2011, Barcelona, Spain. Palo Alto: AAAI Press [online], pages 2256-2261. Available from: https://doi.org/10.5591/978-1-57735-516-8/IJCAI11-376

We have developed a novel hybrid representation for Music Information Retrieval. Our representation is built by incorporating audio content into the tag space in a tag-track matrix, and then learning hybrid concepts using latent semantic analysis. We... Read More about Finding the hidden gems: recommending untagged music..

Here's Johnny: a methodology for developing attacker personas. (2011)
Conference Proceeding
ATZENI, A., CAMERONI, C., FAILY, S., LYLE, J. and FLÉCHAIS, I. 2011. Here's Johnny: a methodology for developing attacker personas. In Proceedings of the 6th International conference on availability, reliability and security (ARES 2011), 22-26 Aug 2011, Vienna, Austria. Los Alamitos: IEEE Computer Society [online], pages 722-727. Available from: https://doi.org/10.1109/ARES.2011.115

The adversarial element is an intrinsic part of the design of secure systems, but our assumptions about attackers and threat is often limited or stereotypical. Although there has been previous work on applying User-Centered Design on Persona developm... Read More about Here's Johnny: a methodology for developing attacker personas..

User-centered information security policy development in a post-Stuxnet world. (2011)
Conference Proceeding
FAILY, S. and FLÉCHAIS, I. 2011. User-centered information security policy development in a post-Stuxnet world. In Proceedings of the 5th International workshop on secure software engineering (SecSE 2011), part of the 6th International conference on availability, reliability and security (ARES 2011), 22-26 Aug 2011, Vienna, Austria. Los Alamitos: IEEE Computer Society [online], pages 716-721. Available from: https://doi.org/10.1109/ARES.2011.111

A balanced approach is needed for developing information security policies in Critical National Infrastructure (CNI) contexts. Requirements Engineering methods can facilitate such an approach, but these tend to focus on either security at the expense... Read More about User-centered information security policy development in a post-Stuxnet world..

Bridging user-centered design and requirements engineering with GRL and persona cases. (2011)
Conference Proceeding
FAILY, S. 2011. Bridging user-centered design and requirements engineering with GRL and persona cases. In Castro, J., Franch, X., Mylopoulos, J. and Yu, E. (eds.) Proceedings of the 5th International i* workshop (iStar 2011), 28-29 August 2011, Trento, Italy. CEUR workshop proceedings, 766. Aachen: CEUR-WS [online], pages 114-119. Available from: http://ceur-ws.org/Vol-766/paper20.pdf

Despite the large body of i* research, there has been comparatively little work on how goal-modelling techniques can help identify usability concerns. Recent work has considered how goal models might better integrate with User-Centered Design. This p... Read More about Bridging user-centered design and requirements engineering with GRL and persona cases..

Plan recommendation for well engineering. (2011)
Conference Proceeding
THOMSON, R., MASSIE, S., CRAW, S., AHRIZ, H. and MILLS, I. 2011. Plan recommendation for well engineering. In Mehrotra, K.G., Mohan, C.K., Oh, J.C., Varshney, P.K. and Ali, M. (eds.) Modern approaches in applied intelligence: proceedings of the 24th International conference on industrial, engineering and other applications of applied intelligent systems (IEA/AIE 2011), 28 June - 1 July 2011, Syracuse, USA. Lecture notes in computer science, 6704. Berlin: Springer [online], part II, pages 436-445. Available from: https://doi.org/10.1007/978-3-642-21827-9_45

Good project planning provides the basis for successful offshore well drilling projects. In this domain, planning occurs in two phases: an onshore phase develops a project plan; and an offshore phase implements the plan and tracks progress. The Perfo... Read More about Plan recommendation for well engineering..

Motivating all our students? (2011)
Conference Proceeding
BOUVIER, D., CARTER, J., CARDELL-OLIVER, R., HAMILTON, M., KURKOVSKY, S., MARKHAM, S., MCCLUNG, O.W., MCDERMOTT, R., RIEDESEL, C., SHI, J. and WHITE, S. 2011. Motivating all our students? In Proceedings of the 16th Innovation and technology in computer science education annual conference: working group reports (ITiCSE-WGR '11), 27-29 June 2011, Darmstadt, Germany. New York: ACM [online], pages 1-18. Available from: https://doi.org/10.1145/2078856.2078858

Academics expend a large amount of time and effort to sustain and enhance the motivation of undergraduate students. Typically based on a desire to ensure that all students achieve their full potential, approaches are based on an understanding that st... Read More about Motivating all our students?.

Persona cases: a technique for grounding personas. (2011)
Conference Proceeding
FAILY, S. and FLÉCHAIS, I. 2011. Persona cases: a technique for grounding personas. In Proceedings of the 29th Annual CHI conference on human factors in computing systems (CHI 2011), 7-12 May 2011, Vancouver, Canada. New York: ACM [online], pages 2267-2270. Available from: https://doi.org/10.1145/1978942.1979274

Personas are a popular technique in User-Centered Design, however their validity can be called into question. While the techniques used to developed personas and their integration with other design activities provide some measure of validity, a perso... Read More about Persona cases: a technique for grounding personas..

Situation awareness in context-aware case-based decision support. (2011)
Conference Proceeding
NWIABU, N., ALLISON, I., HOLT, P., LOWIT, P. and OYENEYIN, B. 2011. Situation awareness in context-aware case-based decision support. In Proceedings of the 2011 IEEE international multi-disciplinary conference on cognitive methods in situation awareness and decision support (CogSIMA 2011), 22-24 February 2011, Miami, USA. New York: IEEE [online], article number 5753761, pages 9-16. Available from: https://doi.org/10.1109/COGSIMA.2011.5753761

Humans naturally reuse recalled knowledge to solve problems and this includes understanding the context i.e. the information that identifies or characterizes these problems. For problems in complex and dynamic environments, providing effective soluti... Read More about Situation awareness in context-aware case-based decision support..

A model of security culture for e-science. (2011)
Conference Proceeding
FAILY, S. and FLÉCHAIS, I. 2011. A model of security culture for e-science. In Clarke, N., Furnell, S. and Von Solms, R. (eds.) Proceedings of the South African information security multi-conference (SAISMC 2010), 17-18 May 2010, Port Elizabeth, South Africa. Plymouth: University of Plymouth, pages 154-164.

There is a need to understand the cultural issues affecting security in large, distributed and heterogeneous systems; such systems are typified by e-Science projects. We present a model of security culture for e-Science, grounded both in the security... Read More about A model of security culture for e-science..

All Outputs (517)