Security through usability: a user-centered approach for balanced security policy requirements.

Faily, Shamal; Fl�chais, Ivan

Explainability through transparency and user control: a case-based recommender for engineering workers. (2018)
Presentation / Conference
MARTIN, K., LIRET, A., WIRATUNGA, N., OWUSU, G. and KERN, M. 2018. Explainability through transparency and user control: a case-based recommender for engineering workers. In Minor, M. (ed.) Workshop proceedings for the 26th International conference on case-based reasoning (ICCBR 2018), 9-12 July 2018, Stockholm, Sweden. Stockholm: ICCBR [online], pages 22-31. Available from: http://iccbr18.com/wp-content/uploads/ICCBR-2018-V3.pdf#page=22

Within the service providing industries, field engineers can struggle to access tasks which are suited to their individual skills and experience. There is potential for a recommender system to improve access to information while being on site. Howeve... Read More about Explainability through transparency and user control: a case-based recommender for engineering workers..

Study of similarity metrics for matching network-based personalised human activity recognition. (2018)
Presentation / Conference
SANI, S., WIRATUNGA, N., MASSIE, S. and COOPER, K. 2018. Study of similarity metrics for matching network-based personalised human activity recognition. In Minor, M. (ed.) Workshop proceedings for the 26th International conference on case-based reasoning (ICCBR 2018), 9-12 July 2018, Stockholm, Sweden, pages 91-95. Available from: http://iccbr18.com/wp-content/uploads/ICCBR-2018-V3.pdf#page=91

Personalised Human Activity Recognition (HAR) models trained using data from the target user (subject-dependent) have been shown to be superior to non personalised models that are trained on data from a general population (subject-independent). Howev... Read More about Study of similarity metrics for matching network-based personalised human activity recognition..

Accuracy of physical activity recognition from a wrist-worn sensor. (2017)
Presentation / Conference
COOPER, K., SANI, S., CORRIGAN, L., MACDONALD, H., PRENTICE, C., VARETA, R., MASSIE, S. and WIRATUNGA, N. 2017. Accuracy of physical activity recognition from a wrist-worn sensor. Presented at the 2017 Physiotherapy UK conference and trade exhibition: transform lives, maximise independence and empower populations, 10-11 November 2017, Birmingham, UK.

The EU-funded project 'selfBACK' (http://www.selfback.eu) will utilise continuous objective monitoring of physical activity (PA) by a wrist-mounted wearable, combined with self-monitoring of symptoms and case-based reasoning. Together these will prov... Read More about Accuracy of physical activity recognition from a wrist-worn sensor..

Effective dependency rule-based aspect extraction for social recommender systems. (2017)
Presentation / Conference
CHEN, Y.Y., WIRATUNGA, N. and LOTHIAN, R. 2017. Effective dependency rule-based aspect extraction for social recommender systems. In Proceedings of the 21st Pacific Asia conference on information systems 2017 (PACIS 2017), 16-20 July 2017, Langkawi, Malaysia. Atlanta: Association for Information Systems [online], article ID 263. Available from: http://aisel.aisnet.org/pacis2017/263

Social recommender systems capitalise on product reviews to generate recommendations that are both guided by experiential knowledge and are explained by user opinions centred on important product aspects. Therefore, having an effective aspect extract... Read More about Effective dependency rule-based aspect extraction for social recommender systems..

Folk risk analysis: factors influencing security analysts' interpretation of risk. (2017)
Presentation / Conference
M'MANGA, A., FAILY, S., MCALANEY, J. and WILLIAMS, C. 2017. Folk risk analysis: factors influencing security analysts' interpretation of risk. Presented at the 3rd Workshop on security information workers (WSIW 2017), part of the 13th Symposium on usable privacy and security (SOUPS 2017), co-located with the 2017 USENIX annual technical conference (USENIX ATC 2017), 12-14 July 2017, Santa Clara, USA. Hosted on the USENIX website [online]. Available from: https://www.usenix.org/conference/soups2017/workshop-program/wsiw2017/mmanga

There are several standard approaches to risk analysis recommended for use in information security, however, the actual application of risk analysis by security analysts follows an opaque mix of standard risk analysis procedures and adaptations based... Read More about Folk risk analysis: factors influencing security analysts' interpretation of risk..

mHealth optimisation for education and physical activity in Type 1 diabetes: MEDPAT1. (2017)
Presentation / Conference
HALL, J., STEPHEN, K., CROALL, A., MACMILLAN, J., MURRAY, L., WIRATUNGA, N., MASSIE, S. and MACRURY, S. 2017. mHealth optimisation for education and physical activity in Type 1 diabetes: MEDPAT1. Presented at the 2017 Diabetes UK professional conference, 8-10 March 2017, Manchester, UK.

Aims: To develop and evaluate usability of prototype personalised prediction algorithms for people with Type 1 diabetes to optimise blood glucose control associated with physical activity using smart phone technology. To explore the potential to buil... Read More about mHealth optimisation for education and physical activity in Type 1 diabetes: MEDPAT1..

Human aspects of digital rights management: the perspective of content developers. [Conference Paper] (2015)
Presentation / Conference
FAVALE, M., MCDONALD, N., FAILY, S. and GATZIDIS, C. 2015. Human aspects of digital rights management: the perspective of content developers. Presented at the 4th International workshop on artificial intelligence and IP law (AIIP 2015): the story(s) of copyright, 9 December 2015, Braga, Portugal.

Legal norms and social behaviours are some of the human aspects surrounding the effectiveness and future of DRM security. Further exploration of these aspects would help unravel the complexities of the interaction between rights protection security a... Read More about Human aspects of digital rights management: the perspective of content developers. [Conference Paper].

Virtual coaches for mission-based gamified smart communities. (2015)
Presentation / Conference
PIRAS, L., MARCONI, A., VALETTO, G. and PISTORE, M. 2015. Virtual coaches for mission-based gamified smart communities. Presented at Personalization in serious and persuasive games and gamified interactions workshop held at 2nd Computer-human interaction in play symposium 2015 (CHI PLAY 2015), 5-7 October 2015, London, UK [online], paper 10. Available from: http://personalizedgames.tech-experience.at/wp-content/uploads/2015/10/10_Piras-et-al1.pdf

We propose a Virtual Coach for the gamification of participatory applications in complex socio-technical systems like Smart Cities and Smart Communities. In such participatory applications, the user community is an active and essential component. Use... Read More about Virtual coaches for mission-based gamified smart communities..

The mystery of security design. (2015)
Presentation / Conference
VALLINDRAS, A. and FAILY, S. 2015. The mystery of security design. Presented at the 29th British human computer interaction conference (British HCI 2015), 13-17 July 2015, Lincoln, UK.

Designing for security is hard without security getting in the way of design. Unfortunately, security is often promoted through fear, uncertainty, and doubt (FUD). As a result, the scale of FUD has now become so great that it hinders people's ability... Read More about The mystery of security design..

Embedding professional practice into the cybersecurity curriculum using ethics. (2015)
Presentation / Conference
FAILY, S. and JONES, M. 2015. Embedding professional practice into the cybersecurity curriculum using ethics. Presented at the UK workshop on cybersecurity training and education, 11 June 2015, Liverpool, UK.

Cybersecurity graduates are ready to tackle the technical problems they might face, but employability needs to be incorporated into the curriculum should they wish to tackle ill-defined professional challenges as well. We describe how employability w... Read More about Embedding professional practice into the cybersecurity curriculum using ethics..

Security lessons learned building concept apps for webinos. (2013)
Presentation / Conference
FAILY, S. and LYLE, J. 2013. Security lessons learned building concept apps for webinos. Presented at the Human aspects in mobile apps engineering workshop (HAMAE 2013), part of the 27th International BCS human computer interaction conference (HCI 2013): the Internet of Things, 9 September 2013, London, UK.

Concept applications provide a means for tackling security infrastructure problems. Not only do they provide feedback to infrastructure design, they can also inform subsequent research activities. However, to directly influence the architectural desi... Read More about Security lessons learned building concept apps for webinos..

Formal evaluation of persona trustworthiness with EUSTACE. (2013)
Presentation / Conference
FAILY, S., POWER, D., ARMSTRONG, P. and FLÉCHAIS, I. 2013. Formal evaluation of persona trustworthiness with EUSTACE. Presented at the 6th International conference on trust and trustworthy computing (TRUST 2013), 17-19 June 2013, London, UK.

Personas are useful for considering how users of a system might behave, but problematic when accounting for hidden behaviours not obvious from their descriptions alone. Formal methods can potentially identify such subtleties in interactive systems, b... Read More about Formal evaluation of persona trustworthiness with EUSTACE..

Cold-start music recommendation using a hybrid representation. (2012)
Presentation / Conference
HORSBURGH, B., CRAW, S. and MASSIE, S. 2012. Cold-start music recommendation using a hybrid representation. Presented at the 3rd Annual digital economy 'all hands' conference (Digital Futures 2012), 23-25 October 2012, Aberdeen, UK.

Digital music systems are a new and exciting way to dis- cover, share, and listen to new music. Their success is so great, that digital downloads are now included alongside tra- ditional record sales in many o cial music charts [10]. In the past list... Read More about Cold-start music recommendation using a hybrid representation..

Analysing chindōgu: applying defamiliarisation to security design. (2012)
Presentation / Conference
FAILY, S. 2012. Analysing chindōgu: applying defamiliarisation to security design. Presented at the Workshop on defamiliarization in innovation and usability, part of the 30th ACM SIGCHI conference on human factors in computing systems (CHI 2012), 5 May 2012, Austin, Texas.

Envisaging how secure systems might be attacked is difficult without adequate attacker models or relying on stereotypes. Defamiliarisation removes this need for a priori domain knowledge and encourages designers to think critically about system prope... Read More about Analysing chindōgu: applying defamiliarisation to security design..

Artificial reaction networks. (2011)
Presentation / Conference
GERRARD, C.E., MCCALL, J., COGHILL, G.M. and MACLEOD, C. 2011. Artificial reaction networks. Presented at the 11th UK workshop on computational intelligence (UKCI 2011), 7-9 September 2011, Manchester, UK.

In this paper we present a novel method of simulating cellular intelligence, the Artificial Reaction Network (ARN). The ARN can be described as a modular S-System, with some properties in common with other Systems Biology and AI techniques, including... Read More about Artificial reaction networks..

Eliciting usable security requirements with misusability cases. (2011)
Presentation / Conference
FAILY, S. and FLÉCHAIS, I. 2011. Eliciting usable security requirements with misusability cases. Presented at the 19th IEEE international requirements engineering conference (RE 2011), 29 August - 2 September 2011, Trento, Italy.

Although widely used for both security and usability concerns, scenarios used in security design may not necessarily inform the design of usability, and vice-versa. One way of using scenarios to bridge security and usability involves explicitly descr... Read More about Eliciting usable security requirements with misusability cases..

Do we know each other or is it just our devices? A federated context model for describing social activity across devices. (2011)
Presentation / Conference
GIONIS, G., DESRUELLE, H., BLOMME, D., LYLE, J., FAILY, S. and BASSBOUSS, L. 2011. Do we know each other or is it just our devices? A federated context model for describing social activity across devices. Presented at the Federated social web Europe conference, 3-5 June 2011, Berlin, Germany.

The availability of connected devices is rapidly growing. In our everyday life, we already use a multitude of personal devices that are connected to the Internet. The number of shipped smart-phones at the end of 2010 even surpassed the traditional co... Read More about Do we know each other or is it just our devices? A federated context model for describing social activity across devices..

Security goes to ground: on the applicability of security entrepreneurship to grassroot activism. (2011)
Presentation / Conference
FAILY, S. 2011. Security goes to ground: on the applicability of security entrepreneurship to grassroot activism. Presented at the Workshop on HCI, politics and the city, part of the 29th Annual CHI conference on human factors in computing systems (CHI 2011), 7-8 May 2011, Vancouver, Canada.

Designing security for grassroot movements raises several challenges not particular to the organisations that are catered to by conventional approaches to security design. Drawing on analogies between Social Entrepreneurship and Grassroot Activism, a... Read More about Security goes to ground: on the applicability of security entrepreneurship to grassroot activism..

Two requirements for usable and secure software engineering. (2011)
Presentation / Conference
FAILY, S. 2011. Two requirements for usable and secure software engineering. Presented at the 1st Software and usable security aligned for good engineering workshop (SAUSAGE 2011), 5-6 April 2011, Gaithersburg, USA.

Despite the acknowledged need for systems to be both usable and secure, we lack guidance on how developers might build such systems. Based on recent research, we believe evidence exists that blending techniques from Security, Usability, and Software... Read More about Two requirements for usable and secure software engineering..

Security through usability: a user-centered approach for balanced security policy requirements. (2010)
Presentation / Conference
FAILY, S. and FLÉCHAIS, I. 2010. Security through usability: a user-centered approach for balanced security policy requirements. Presented at the 26th Annual computer security applications conference (ACSAC 2010), 6-10 December 2010, Austin, USA.

Security policy authors face a dilemma. On one hand, policies need to respond to a constantly evolving, well reported threat landscape, the consequences of which have heightened the security awareness of senior managers. On the other hand, the impact... Read More about Security through usability: a user-centered approach for balanced security policy requirements..

All Outputs (53)