Skip to main content

Research Repository

Advanced Search

Here's Johnny: a methodology for developing attacker personas. (2011)
Conference Proceeding
ATZENI, A., CAMERONI, C., FAILY, S., LYLE, J. and FLÉCHAIS, I. 2011. Here's Johnny: a methodology for developing attacker personas. In Proceedings of the 6th International conference on availability, reliability and security (ARES 2011), 22-26 Aug 2011, Vienna, Austria. Los Alamitos: IEEE Computer Society [online], pages 722-727. Available from: https://doi.org/10.1109/ARES.2011.115

The adversarial element is an intrinsic part of the design of secure systems, but our assumptions about attackers and threat is often limited or stereotypical. Although there has been previous work on applying User-Centered Design on Persona developm... Read More about Here's Johnny: a methodology for developing attacker personas..

User-centered information security policy development in a post-Stuxnet world. (2011)
Conference Proceeding
FAILY, S. and FLÉCHAIS, I. 2011. User-centered information security policy development in a post-Stuxnet world. In Proceedings of the 5th International workshop on secure software engineering (SecSE 2011), part of the 6th International conference on availability, reliability and security (ARES 2011), 22-26 Aug 2011, Vienna, Austria. Los Alamitos: IEEE Computer Society [online], pages 716-721. Available from: https://doi.org/10.1109/ARES.2011.111

A balanced approach is needed for developing information security policies in Critical National Infrastructure (CNI) contexts. Requirements Engineering methods can facilitate such an approach, but these tend to focus on either security at the expense... Read More about User-centered information security policy development in a post-Stuxnet world..

Bridging user-centered design and requirements engineering with GRL and persona cases. (2011)
Conference Proceeding
FAILY, S. 2011. Bridging user-centered design and requirements engineering with GRL and persona cases. In Castro, J., Franch, X., Mylopoulos, J. and Yu, E. (eds.) Proceedings of the 5th International i* workshop (iStar 2011), 28-29 August 2011, Trento, Italy. CEUR workshop proceedings, 766. Aachen: CEUR-WS [online], pages 114-119. Available from: http://ceur-ws.org/Vol-766/paper20.pdf

Despite the large body of i* research, there has been comparatively little work on how goal-modelling techniques can help identify usability concerns. Recent work has considered how goal models might better integrate with User-Centered Design. This p... Read More about Bridging user-centered design and requirements engineering with GRL and persona cases..

Persona cases: a technique for grounding personas. (2011)
Conference Proceeding
FAILY, S. and FLÉCHAIS, I. 2011. Persona cases: a technique for grounding personas. In Proceedings of the 29th Annual CHI conference on human factors in computing systems (CHI 2011), 7-12 May 2011, Vancouver, Canada. New York: ACM [online], pages 2267-2270. Available from: https://doi.org/10.1145/1978942.1979274

Personas are a popular technique in User-Centered Design, however their validity can be called into question. While the techniques used to developed personas and their integration with other design activities provide some measure of validity, a perso... Read More about Persona cases: a technique for grounding personas..

A model of security culture for e-science. (2011)
Conference Proceeding
FAILY, S. and FLÉCHAIS, I. 2011. A model of security culture for e-science. In Clarke, N., Furnell, S. and Von Solms, R. (eds.) Proceedings of the South African information security multi-conference (SAISMC 2010), 17-18 May 2010, Port Elizabeth, South Africa. Plymouth: University of Plymouth, pages 154-164.

There is a need to understand the cultural issues affecting security in large, distributed and heterogeneous systems; such systems are typified by e-Science projects. We present a model of security culture for e-Science, grounded both in the security... Read More about A model of security culture for e-science..