The secret lives of assumptions: Developing and refining assumption personas for secure system design

This source preferred by Shamal Faily

Authors: Faily, S. and Flechais, I.

Journal: HCSE’2010: Proceedings of the 3rd Conference on Human-Centered Software Engineering

Pages: 111-118

Publisher: Springer

This data was imported from DBLP:

Authors: Faily, S. and Flechais, I.

Editors: Bernhaupt, R., Forbrig, P., Gulliksen, J. and Lárusdóttir, M.

http://dx.doi.org/10.1007/978-3-642-16488-0

Journal: HCSE

Volume: 6409

Pages: 111-118

Publisher: Springer

ISBN: 978-3-642-16487-3

DOI: 10.1007/978-3-642-16488-0_9

This data was imported from Scopus:

Authors: Faily, S. and Fléchais, I.

Journal: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volume: 6409 LNCS

Pages: 111-118

eISSN: 1611-3349

ISSN: 0302-9743

DOI: 10.1007/978-3-642-16488-0_9

Personas are useful for obtaining an empirically grounded understanding of a secure system's user population, its contexts of use, and possible vulnerabilities and threats endangering it. Often, however, personas need to be partly derived from assumptions; these may be embedded in a variety of different representations. Assumption Personas have been proposed as boundary objects for articulating assumptions about a user population, but no methods or tools currently exist for developing and refining these within the context of secure and usable design. This paper presents an approach for developing and refining assumption personas before and during the design of secure systems. We present a model for structuring the contribution of assumptions to assumption personas, together with a process for developing assumption personas founded on this model. We also present some preliminary results based on an application of this approach in a recent case study. © 2010 IFIP International Federation for Information Processing.

The data on this page was last updated at 04:42 on November 25, 2017.