The Secret Lives of Assumptions: Developing and Refining Assumption Personas for Secure System Design
International audience Personas are useful for obtaining an empirically grounded understanding of a secure system's user population, its contexts of use, and possible vulnerabilities and threats endangering it. Often, however, personas need to be partly derived from assumptions; these may be em...
Main Authors: | , |
---|---|
Other Authors: | , , , |
Format: | Conference Object |
Language: | English |
Published: |
HAL CCSD
2010
|
Subjects: | |
Online Access: | https://hal.inria.fr/hal-01055193 https://hal.inria.fr/hal-01055193/document https://hal.inria.fr/hal-01055193/file/p9_8.pdf https://doi.org/10.1007/978-3-642-16488-0_9 |
id |
ftccsdartic:oai:HAL:hal-01055193v1 |
---|---|
record_format |
openpolar |
spelling |
ftccsdartic:oai:HAL:hal-01055193v1 2023-05-15T16:49:53+02:00 The Secret Lives of Assumptions: Developing and Refining Assumption Personas for Secure System Design Faily, Shamal Fléchais, Ivan Oxford University Computing Laboratory Computing Laboratory (OUCL) University of Oxford Oxford -University of Oxford Oxford Regina Bernhaupt; Peter Forbrig; Jan Gulliksen; Marta Lárusdóttir Reykjavik, Iceland 2010-10-14 https://hal.inria.fr/hal-01055193 https://hal.inria.fr/hal-01055193/document https://hal.inria.fr/hal-01055193/file/p9_8.pdf https://doi.org/10.1007/978-3-642-16488-0_9 en eng HAL CCSD Springer info:eu-repo/semantics/altIdentifier/doi/10.1007/978-3-642-16488-0_9 hal-01055193 https://hal.inria.fr/hal-01055193 https://hal.inria.fr/hal-01055193/document https://hal.inria.fr/hal-01055193/file/p9_8.pdf doi:10.1007/978-3-642-16488-0_9 http://creativecommons.org/licenses/by/ info:eu-repo/semantics/OpenAccess Lecture Notes in Computer Science Third IFIP WG 13.2 International Conference on Human-Centred Software Engineering (HCSE) https://hal.inria.fr/hal-01055193 Third IFIP WG 13.2 International Conference on Human-Centred Software Engineering (HCSE), Oct 2010, Reykjavik, Iceland. pp.111-118, ⟨10.1007/978-3-642-16488-0_9⟩ [INFO.INFO-DL]Computer Science [cs]/Digital Libraries [cs.DL] info:eu-repo/semantics/conferenceObject Conference papers 2010 ftccsdartic https://doi.org/10.1007/978-3-642-16488-0_9 2020-12-25T22:12:51Z International audience Personas are useful for obtaining an empirically grounded understanding of a secure system's user population, its contexts of use, and possible vulnerabilities and threats endangering it. Often, however, personas need to be partly derived from assumptions; these may be embedded in a variety of different representations. Assumption Personas have been proposed as boundary objects for articulating assumptions about a user population, but no methods or tools currently exist for developing and refining these within the context of secure and usable design. This paper presents an approach for developing and refining assumption personas before and during the design of secure systems. We present a model for structuring the contribution of assumptions to assumption personas, together with a process for developing assumption personas founded on this model. We also present some preliminary results based on an application of this approach in a recent case study. Conference Object Iceland Archive ouverte HAL (Hyper Article en Ligne, CCSD - Centre pour la Communication Scientifique Directe) 111 118 |
institution |
Open Polar |
collection |
Archive ouverte HAL (Hyper Article en Ligne, CCSD - Centre pour la Communication Scientifique Directe) |
op_collection_id |
ftccsdartic |
language |
English |
topic |
[INFO.INFO-DL]Computer Science [cs]/Digital Libraries [cs.DL] |
spellingShingle |
[INFO.INFO-DL]Computer Science [cs]/Digital Libraries [cs.DL] Faily, Shamal Fléchais, Ivan The Secret Lives of Assumptions: Developing and Refining Assumption Personas for Secure System Design |
topic_facet |
[INFO.INFO-DL]Computer Science [cs]/Digital Libraries [cs.DL] |
description |
International audience Personas are useful for obtaining an empirically grounded understanding of a secure system's user population, its contexts of use, and possible vulnerabilities and threats endangering it. Often, however, personas need to be partly derived from assumptions; these may be embedded in a variety of different representations. Assumption Personas have been proposed as boundary objects for articulating assumptions about a user population, but no methods or tools currently exist for developing and refining these within the context of secure and usable design. This paper presents an approach for developing and refining assumption personas before and during the design of secure systems. We present a model for structuring the contribution of assumptions to assumption personas, together with a process for developing assumption personas founded on this model. We also present some preliminary results based on an application of this approach in a recent case study. |
author2 |
Oxford University Computing Laboratory Computing Laboratory (OUCL) University of Oxford Oxford -University of Oxford Oxford Regina Bernhaupt; Peter Forbrig; Jan Gulliksen; Marta Lárusdóttir |
format |
Conference Object |
author |
Faily, Shamal Fléchais, Ivan |
author_facet |
Faily, Shamal Fléchais, Ivan |
author_sort |
Faily, Shamal |
title |
The Secret Lives of Assumptions: Developing and Refining Assumption Personas for Secure System Design |
title_short |
The Secret Lives of Assumptions: Developing and Refining Assumption Personas for Secure System Design |
title_full |
The Secret Lives of Assumptions: Developing and Refining Assumption Personas for Secure System Design |
title_fullStr |
The Secret Lives of Assumptions: Developing and Refining Assumption Personas for Secure System Design |
title_full_unstemmed |
The Secret Lives of Assumptions: Developing and Refining Assumption Personas for Secure System Design |
title_sort |
secret lives of assumptions: developing and refining assumption personas for secure system design |
publisher |
HAL CCSD |
publishDate |
2010 |
url |
https://hal.inria.fr/hal-01055193 https://hal.inria.fr/hal-01055193/document https://hal.inria.fr/hal-01055193/file/p9_8.pdf https://doi.org/10.1007/978-3-642-16488-0_9 |
op_coverage |
Reykjavik, Iceland |
genre |
Iceland |
genre_facet |
Iceland |
op_source |
Lecture Notes in Computer Science Third IFIP WG 13.2 International Conference on Human-Centred Software Engineering (HCSE) https://hal.inria.fr/hal-01055193 Third IFIP WG 13.2 International Conference on Human-Centred Software Engineering (HCSE), Oct 2010, Reykjavik, Iceland. pp.111-118, ⟨10.1007/978-3-642-16488-0_9⟩ |
op_relation |
info:eu-repo/semantics/altIdentifier/doi/10.1007/978-3-642-16488-0_9 hal-01055193 https://hal.inria.fr/hal-01055193 https://hal.inria.fr/hal-01055193/document https://hal.inria.fr/hal-01055193/file/p9_8.pdf doi:10.1007/978-3-642-16488-0_9 |
op_rights |
http://creativecommons.org/licenses/by/ info:eu-repo/semantics/OpenAccess |
op_doi |
https://doi.org/10.1007/978-3-642-16488-0_9 |
container_start_page |
111 |
op_container_end_page |
118 |
_version_ |
1766040061922508800 |