Engaging stakeholders during late stage security design with assumption personas
Authors: Faily, S.
Journal: INFORMATION AND COMPUTER SECURITY
Volume: 23
Issue: 4
Pages: 435-446
ISSN: 2056-4961
DOI: 10.1108/ICS-10-2014-0066
https://eprints.bournemouth.ac.uk/22704/
Source: Web of Science (Lite)
Engaging Stakeholders during Late Stage Security Design with Assumption Personas
Authors: Faily, S.
Editors: Furnell, S.
Journal: Information and Computer Security
Volume: 23
Issue: 4
Pages: 435-446
Publisher: Emerald
https://eprints.bournemouth.ac.uk/22704/
Source: Manual
Engaging stakeholders during late stage security design with assumption personas.
Authors: Faily, S.
Journal: Inf. Comput. Secur.
Volume: 23
Pages: 435-446
https://eprints.bournemouth.ac.uk/22704/
Source: DBLP
Engaging Stakeholders during Late Stage Security Design with Assumption Personas
Authors: Faily, S.
Journal: Information and Computer Security
Volume: 23
Issue: 4
Pages: 435-446
ISSN: 2056-4961
Abstract:Purpose – This paper aims to present an approach where assumption personas are used to engage stakeholders in the elicitation and specification of security requirements at a late stage of a system’s design.
Design/methodology/approach – The author has devised an approach for developing assumption personas for use in participatory design sessions during the later stages of a system’s design. The author validates this approach using a case study in the e-Science domain.
Findings – Engagement follows by focusing on the indirect, rather than direct, implications of security. More design approaches are needed for treating security at a comparatively late stage. Security design techniques should scale to working with sub-optimal input data.
Originality/value – This paper contributes an approach where assumption personas engage project team members when eliciting and specifying security requirements at the late stages of a project.
https://eprints.bournemouth.ac.uk/22704/
Source: BURO EPrints