The secret lives of assumptions: Developing and refining assumption personas for secure system design
This data was imported from DBLP:
Authors: Faily, S. and Flechais, I.
Editors: Bernhaupt, R., Forbrig, P., Gulliksen, J. and Lárusdóttir, M.
This data was imported from Scopus:
Authors: Faily, S. and Fléchais, I.
Journal: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume: 6409 LNCS
Personas are useful for obtaining an empirically grounded understanding of a secure system's user population, its contexts of use, and possible vulnerabilities and threats endangering it. Often, however, personas need to be partly derived from assumptions; these may be embedded in a variety of different representations. Assumption Personas have been proposed as boundary objects for articulating assumptions about a user population, but no methods or tools currently exist for developing and refining these within the context of secure and usable design. This paper presents an approach for developing and refining assumption personas before and during the design of secure systems. We present a model for structuring the contribution of assumptions to assumption personas, together with a process for developing assumption personas founded on this model. We also present some preliminary results based on an application of this approach in a recent case study. © 2010 IFIP International Federation for Information Processing.