The Secret Lives of Assumptions: Developing and Refining Assumption Personas for Secure System Design

International audience Personas are useful for obtaining an empirically grounded understanding of a secure system's user population, its contexts of use, and possible vulnerabilities and threats endangering it. Often, however, personas need to be partly derived from assumptions; these may be em...

Full description

Bibliographic Details
Main Authors: Faily, Shamal, Fléchais, Ivan
Other Authors: Oxford University Computing Laboratory, Computing Laboratory (OUCL), University of Oxford Oxford -University of Oxford Oxford, Regina Bernhaupt; Peter Forbrig; Jan Gulliksen; Marta Lárusdóttir
Format: Conference Object
Language:English
Published: HAL CCSD 2010
Subjects:
[INFO.INFO-DL]Computer Science [cs]/Digital Libraries [cs.DL]
Iceland
Online Access:https://hal.inria.fr/hal-01055193
https://hal.inria.fr/hal-01055193/document
https://hal.inria.fr/hal-01055193/file/p9_8.pdf
https://doi.org/10.1007/978-3-642-16488-0_9
id ftccsdartic:oai:HAL:hal-01055193v1
record_format openpolar
spelling ftccsdartic:oai:HAL:hal-01055193v1 2023-05-15T16:49:53+02:00 The Secret Lives of Assumptions: Developing and Refining Assumption Personas for Secure System Design Faily, Shamal Fléchais, Ivan Oxford University Computing Laboratory Computing Laboratory (OUCL) University of Oxford Oxford -University of Oxford Oxford Regina Bernhaupt; Peter Forbrig; Jan Gulliksen; Marta Lárusdóttir Reykjavik, Iceland 2010-10-14 https://hal.inria.fr/hal-01055193 https://hal.inria.fr/hal-01055193/document https://hal.inria.fr/hal-01055193/file/p9_8.pdf https://doi.org/10.1007/978-3-642-16488-0_9 en eng HAL CCSD Springer info:eu-repo/semantics/altIdentifier/doi/10.1007/978-3-642-16488-0_9 hal-01055193 https://hal.inria.fr/hal-01055193 https://hal.inria.fr/hal-01055193/document https://hal.inria.fr/hal-01055193/file/p9_8.pdf doi:10.1007/978-3-642-16488-0_9 http://creativecommons.org/licenses/by/ info:eu-repo/semantics/OpenAccess Lecture Notes in Computer Science Third IFIP WG 13.2 International Conference on Human-Centred Software Engineering (HCSE) https://hal.inria.fr/hal-01055193 Third IFIP WG 13.2 International Conference on Human-Centred Software Engineering (HCSE), Oct 2010, Reykjavik, Iceland. pp.111-118, ⟨10.1007/978-3-642-16488-0_9⟩ [INFO.INFO-DL]Computer Science [cs]/Digital Libraries [cs.DL] info:eu-repo/semantics/conferenceObject Conference papers 2010 ftccsdartic https://doi.org/10.1007/978-3-642-16488-0_9 2020-12-25T22:12:51Z International audience Personas are useful for obtaining an empirically grounded understanding of a secure system's user population, its contexts of use, and possible vulnerabilities and threats endangering it. Often, however, personas need to be partly derived from assumptions; these may be embedded in a variety of different representations. Assumption Personas have been proposed as boundary objects for articulating assumptions about a user population, but no methods or tools currently exist for developing and refining these within the context of secure and usable design. This paper presents an approach for developing and refining assumption personas before and during the design of secure systems. We present a model for structuring the contribution of assumptions to assumption personas, together with a process for developing assumption personas founded on this model. We also present some preliminary results based on an application of this approach in a recent case study. Conference Object Iceland Archive ouverte HAL (Hyper Article en Ligne, CCSD - Centre pour la Communication Scientifique Directe) 111 118
institution Open Polar
collection Archive ouverte HAL (Hyper Article en Ligne, CCSD - Centre pour la Communication Scientifique Directe)
op_collection_id ftccsdartic
language English
topic [INFO.INFO-DL]Computer Science [cs]/Digital Libraries [cs.DL]
spellingShingle [INFO.INFO-DL]Computer Science [cs]/Digital Libraries [cs.DL]
Faily, Shamal
Fléchais, Ivan
The Secret Lives of Assumptions: Developing and Refining Assumption Personas for Secure System Design
topic_facet [INFO.INFO-DL]Computer Science [cs]/Digital Libraries [cs.DL]
description International audience Personas are useful for obtaining an empirically grounded understanding of a secure system's user population, its contexts of use, and possible vulnerabilities and threats endangering it. Often, however, personas need to be partly derived from assumptions; these may be embedded in a variety of different representations. Assumption Personas have been proposed as boundary objects for articulating assumptions about a user population, but no methods or tools currently exist for developing and refining these within the context of secure and usable design. This paper presents an approach for developing and refining assumption personas before and during the design of secure systems. We present a model for structuring the contribution of assumptions to assumption personas, together with a process for developing assumption personas founded on this model. We also present some preliminary results based on an application of this approach in a recent case study.
author2 Oxford University Computing Laboratory
Computing Laboratory (OUCL)
University of Oxford Oxford -University of Oxford Oxford
Regina Bernhaupt; Peter Forbrig; Jan Gulliksen; Marta Lárusdóttir
format Conference Object
author Faily, Shamal
Fléchais, Ivan
author_facet Faily, Shamal
Fléchais, Ivan
author_sort Faily, Shamal
title The Secret Lives of Assumptions: Developing and Refining Assumption Personas for Secure System Design
title_short The Secret Lives of Assumptions: Developing and Refining Assumption Personas for Secure System Design
title_full The Secret Lives of Assumptions: Developing and Refining Assumption Personas for Secure System Design
title_fullStr The Secret Lives of Assumptions: Developing and Refining Assumption Personas for Secure System Design
title_full_unstemmed The Secret Lives of Assumptions: Developing and Refining Assumption Personas for Secure System Design
title_sort secret lives of assumptions: developing and refining assumption personas for secure system design
publisher HAL CCSD
publishDate 2010
url https://hal.inria.fr/hal-01055193
https://hal.inria.fr/hal-01055193/document
https://hal.inria.fr/hal-01055193/file/p9_8.pdf
https://doi.org/10.1007/978-3-642-16488-0_9
op_coverage Reykjavik, Iceland
genre Iceland
genre_facet Iceland
op_source Lecture Notes in Computer Science
Third IFIP WG 13.2 International Conference on Human-Centred Software Engineering (HCSE)
https://hal.inria.fr/hal-01055193
Third IFIP WG 13.2 International Conference on Human-Centred Software Engineering (HCSE), Oct 2010, Reykjavik, Iceland. pp.111-118, ⟨10.1007/978-3-642-16488-0_9⟩
op_relation info:eu-repo/semantics/altIdentifier/doi/10.1007/978-3-642-16488-0_9
hal-01055193
https://hal.inria.fr/hal-01055193
https://hal.inria.fr/hal-01055193/document
https://hal.inria.fr/hal-01055193/file/p9_8.pdf
doi:10.1007/978-3-642-16488-0_9
op_rights http://creativecommons.org/licenses/by/
info:eu-repo/semantics/OpenAccess
op_doi https://doi.org/10.1007/978-3-642-16488-0_9
container_start_page 111
op_container_end_page 118
_version_ 1766040061922508800

Similar Items