publication . Conference object . Part of book or chapter of book . 2010

The secret lives of assumptions: developing and refining assumption personas for secure system design

Faily, Shamal; Fléchais, Ivan;
Open Access
  • Published: 14 Oct 2010
  • Country: United Kingdom
International audience; Personas are useful for obtaining an empirically grounded understanding of a secure system's user population, its contexts of use, and possible vulnerabilities and threats endangering it. Often, however, personas need to be partly derived from assumptions; these may be embedded in a variety of different representations. Assumption Personas have been proposed as boundary objects for articulating assumptions about a user population, but no methods or tools currently exist for developing and refining these within the context of secure and usable design. This paper presents an approach for developing and refining assumption personas before an...
free text keywords: [INFO.INFO-DL]Computer Science [cs]/Digital Libraries [cs.DL]

1. CAIRIS web site.

2. Alexander, I., Beus-Dukic, L.: Discovering requirements: how to specify products and services. Wiley, Chichester, West Sussex, England (2009)

3. Burge, J.E., Carroll, J.M., McCall, R., Mistrik, I.: Rationale-Based Software Engineering. Springer (2008)

4. Castro, J., Acua, S., Juristo, N.: Integrating the personas technique into the requirements analysis activity. In: Computer Science, 2008. ENC '08. Mexican International Conference on. pp. 104-112 (Oct 2008)

5. Chapman, C.N., Milham, R.P.: The persona's new clothes: Methodological and practical arguments against a popular method. Proceedings of the Human Factors and Ergonomics Society 50th Annual Meeting (2006)

6. Cooper, A.: The Inmates Are Running the Asylum: Why High Tech Products Drive Us Crazy and How to Restore the Sanity (2nd Edition). Pearson Higher Education (1999)

7. Cooper, A., Reimann, R., Cronin, D.: About Face 3: The Essentials of Interaction Design. Wiley (2007)

8. Faily, S., Fl´echais, I.: A Meta-Model for Usable Secure Requirements Engineering. In: Software Engineering for Secure Systems, 2010. SESS '10. ICSE Workshop on. pp. 126-135. IEEE Computer Society Press (May 2010)

9. Faily, S., Fl´echais, I.: Analysing and Visualising Security and Usability in IRIS. In: Availability, Reliability and Security, 2010. ARES 10. Fifth International Conference on (2010) [OpenAIRE]

10. Faily, S., Fl´echais, I.: Barry is not the weakest link: Eliciting Secure System Requirements with Personas. In: BCS HCI '10: Proceedings of the 2010 British Computer Society Conference on Human-Computer Interaction (2010), to Appear

11. Haley, C.B., Laney, R., Moffett, J.D., Nuseibeh, B.: Arguing satisfaction of security requirements. In: Mouratidis, H., Giorgini, P. (eds.) Integrating Security and Software Engineering, chap. 2, pp. 16-43. Idea Group (2007)

12. van Lamsweerde, A., Letier, E.: Handling obstacles in goal-oriented requirements engineering. Software Engineering, IEEE Transactions on 26(10), 978-1005 (2000)

13. Nuseibeh, B., Haley, C., Foster, C.: Securing the skies: In requirements we trust. Computer 42(9), 64 -72 (Sept 2009)

14. Pruitt, J., Adlin, T.: The persona lifecycle: keeping people in mind throughout product design. Elsevier, Amsterdam (2006)

15. Toulmin, S.: The uses of argument. Cambridge University Press, updated edn. (2003)

Powered by OpenAIRE Research Graph
Any information missing or wrong?Report an Issue