Systems Security: Publications
Book chapters
-
[1]
Security and Privacy in Smart Grid Demand Response Systems
Andrew J Paverd‚ Andrew P Martin and Ian Brown
In Jorge Cuellar, editor, Smart Grid Security. Pages 1−15. Springer International Publishing. 2014.
Details about Security and Privacy in Smart Grid Demand Response Systems | BibTeX data for Security and Privacy in Smart Grid Demand Response Systems | Download (pdf) of Security and Privacy in Smart Grid Demand Response Systems | DOI (10.1007/978-3-319-10329-7_1) | Link to Security and Privacy in Smart Grid Demand Response Systems
-
[2]
Developing secure‚ unified multi−device and multi−domain platforms: A case study from the webinos project
Andrea Atzeni‚ John Lyle and Shamal Faily
In Architectures and Protocols for Secure Information Technology. IGI Global. 2013.
To Appear
Details about Developing secure‚ unified multi−device and multi−domain platforms: A case study from the webinos project | BibTeX data for Developing secure‚ unified multi−device and multi−domain platforms: A case study from the webinos project
-
[3]
Tool−support Premortems with Attack and Security Patterns
Shamal Faily‚ John Lyle and Simon Parkin
In First International Workshop on Cyberpatterns: Unifying Design Patterns with Security‚ Attack and Forensic Patterns. Pages 10–11. 2012.
Details about Tool−support Premortems with Attack and Security Patterns | BibTeX data for Tool−support Premortems with Attack and Security Patterns
Journal papers
-
[1]
Eliciting Policy Requirements for Critical National Infrastructure using the IRIS Framework
Shamal Faily and Ivan Flechais
In International Journal of Secure Software Engineering. Vol. 2. No. 4. Pages 1–18. 2011.
Details about Eliciting Policy Requirements for Critical National Infrastructure using the IRIS Framework | BibTeX data for Eliciting Policy Requirements for Critical National Infrastructure using the IRIS Framework
-
[2]
Managing application whitelists in trusted distributed systems
Jun Ho Huh‚ John Lyle‚ Cornelius Namiluko and Andrew Martin
In Future Generation Computer Systems. Vol. In Press‚ Accepted Manuscript. 2010.
Details about Managing application whitelists in trusted distributed systems | BibTeX data for Managing application whitelists in trusted distributed systems | DOI (DOI: 10.1016/j.future.2010.08.014) | Link to Managing application whitelists in trusted distributed systems
-
[3]
Designing and Aligning e−Science Security Culture with Design
Shamal Faily and Ivan Flechais
In Information Management & Computer Security. Vol. 18. No. 5. 2010.
Details about Designing and Aligning e−Science Security Culture with Design | BibTeX data for Designing and Aligning e−Science Security Culture with Design
-
[4]
Towards tool−support for Usable Secure Requirements Engineering with CAIRIS
Shamal Faily and Ivan Flechais
In International Journal of Secure Software Engineering. Vol. 1. No. 3. Pages 56–70. 2010.
Details about Towards tool−support for Usable Secure Requirements Engineering with CAIRIS | BibTeX data for Towards tool−support for Usable Secure Requirements Engineering with CAIRIS | DOI (10.4018/ijsse.2010070104)
-
[5]
On formalising and normalising role−based access control systems
D. J. Power M. A. Slaymaker and A. C. Simpson
In The Computer Journal. Vol. 52. No. 3. Pages 305−325. 2009.
Details about On formalising and normalising role−based access control systems | BibTeX data for On formalising and normalising role−based access control systems | DOI (doi:10.1093/comjnl/bxn016)
-
[6]
Securing web services for deployment in health grids
D. J. Power‚ E. A. Politou‚ M. A. Slaymaker and A. C. Simpson
In Future Generation Computer Systems. Vol. 22. No. 5. Pages 547–570. 2006.
Details about Securing web services for deployment in health grids | BibTeX data for Securing web services for deployment in health grids
-
[7]
Information Leakage from Optical Emanations
Joe Loughry and David A. Umphress
In ACM Transactions on Information and Systems Security. Vol. 5. No. 3. Pages 262–289. August, 2002.
Details about Information Leakage from Optical Emanations | BibTeX data for Information Leakage from Optical Emanations
Conference papers
-
[1]
Exploring the use of Intel SGX for Secure Many−Party Applications
K.A. Küçük‚ A. Paverd‚ A. Martin‚ N. Asokan‚ A. Simpson and R. Ankele
In Proceedings of the 1st Workshop on System Software for Trusted Execution (SysTEX '16). New York‚ NY‚ USA. 2016. ACM.
The theoretical construct of a Trusted Third Party (TTP) has the potential to solve many security and privacy challenges. In particular‚ a TTP is an ideal way to achieve secure multiparty computation—a privacy−enhancing technique in which mutually distrusting participants jointly compute a function over their private inputs without revealing these inputs. Although there exist cryptographic protocols to achieve this‚ their performance often limits them to the two−party case‚ or to a small number of participants. However‚ many real−world applications involve thousands or tens of thousands of participants. Examples of this type of many−party application include privacy−preserving energy metering‚ location−based services‚ and mobile network roaming. Challenging the notion that a trustworthy TTP does not exist‚ recent research has shown how trusted hardware and remote attestation can be used to establish a sufficient level of assurance in a real system such that it can serve as a trustworthy remote entity (TRE). We explore the use of Intel SGX‚ the most recent and arguably most promising trusted hardware technology‚ as the basis for a TRE for many−party applications. Using privacy−preserving energy metering as a case study‚ we design and implement a prototype TRE using SGX‚ and compare its performance to a previous system based on the Trusted Platform Module (TPM). Our results show that even without specialized optimizations‚ SGX provides comparable performance to the optimized TPM system‚ and therefore has significant potential for large−scale many−party applications.
Details about Exploring the use of Intel SGX for Secure Many−Party Applications | BibTeX data for Exploring the use of Intel SGX for Secure Many−Party Applications | DOI (10.1145/3007788.3007793) | Link to Exploring the use of Intel SGX for Secure Many−Party Applications
-
[2]
Privacy−Enhanced Bi−Directional Communication in the Smart Grid using Trusted Computing
Andrew J Paverd‚ Andrew P Martin and Ian Brown
In Fifth IEEE International Conference on Smart Grid Communications (SmartGridComm 2014). 2014.
Details about Privacy−Enhanced Bi−Directional Communication in the Smart Grid using Trusted Computing | BibTeX data for Privacy−Enhanced Bi−Directional Communication in the Smart Grid using Trusted Computing | Download Paverd-SmartGridComm-2014.pdf of Privacy−Enhanced Bi−Directional Communication in the Smart Grid using Trusted Computing | Download Paverd-SmartGridComm-2014-slides.pdf of Privacy−Enhanced Bi−Directional Communication in the Smart Grid using Trusted Computing | DOI (10.1109/SmartGridComm.2014.7007758) | Link to Privacy−Enhanced Bi−Directional Communication in the Smart Grid using Trusted Computing
-
[3]
Characteristic−Based Security Analysis for the Personal Network
Andrew J. Paverd‚ Fadi El−Moussa and Ian Brown
In HomeSys Workshop at ACM UbiComp. 2014.
Details about Characteristic−Based Security Analysis for the Personal Network | BibTeX data for Characteristic−Based Security Analysis for the Personal Network | Download Paverd-HomeSys-2014-slides.pdf of Characteristic−Based Security Analysis for the Personal Network | Download Paverd-HomeSys-2014-v4.pdf of Characteristic−Based Security Analysis for the Personal Network | DOI (10.1145/2638728.2641549) | Link to Characteristic−Based Security Analysis for the Personal Network
-
[4]
Security and Privacy in Smart Grid Demand Response Systems
Andrew Paverd‚ Andrew Martin and Ian Brown
In Second Open EIT ICT Labs Workshop on Smart Grid Security − SmartGridSec14. 2014.
Details about Security and Privacy in Smart Grid Demand Response Systems | BibTeX data for Security and Privacy in Smart Grid Demand Response Systems | Download (pdf) of Security and Privacy in Smart Grid Demand Response Systems
-
[5]
Policies in Context: Factors Influencing the Elicitation and Categorisation of Context−Sensitive Security Policies
Shamal Faily‚ John Lyle‚ Ivan Flechais‚ Andrea Atzeni‚ Cesare Cameroni‚ Hans Myrhaug‚ Ayse Goker and Robert Kleinfeld
In Proceedings of the Workshop on Home Usable Privacy and Security. 2013.
Details about Policies in Context: Factors Influencing the Elicitation and Categorisation of Context−Sensitive Security Policies | BibTeX data for Policies in Context: Factors Influencing the Elicitation and Categorisation of Context−Sensitive Security Policies
-
[6]
Security Patterns Considered Harmful?
Shamal Faily
In Proceedings of The Second International Workshop on Cyberpatterns: Unifying Design Patterns with Security‚ Attack and Forensic Patterns. 2013.
To Appear
Details about Security Patterns Considered Harmful? | BibTeX data for Security Patterns Considered Harmful?
-
[7]
Trustworthy Remote Entities in the Smart Grid
Andrew Paverd
In 28th ACM Symposium On Applied Computing − SAC2013. Coimbra‚ Portugal. 2013.
Student Research Competition Finalist
Details about Trustworthy Remote Entities in the Smart Grid | BibTeX data for Trustworthy Remote Entities in the Smart Grid | Download (pdf) of Trustworthy Remote Entities in the Smart Grid | Link to Trustworthy Remote Entities in the Smart Grid
-
[8]
Guidelines for Integrating Personas into Software Engineering Tools
Shamal Faily and John Lyle
In Proceedings of the 5th ACM SIGCHI symposium on Engineering interactive computing systems. Pages 69–74. 2013.
Details about Guidelines for Integrating Personas into Software Engineering Tools | BibTeX data for Guidelines for Integrating Personas into Software Engineering Tools
-
[9]
Formal Evaluation of Persona Trustworthiness with EUSTACE (Extended Abstract)
Shamal Faily‚ David Power‚ Philip Armstrong and Ivan Flechais
In Trust and Trustworthy Computing‚ 6th International Conference‚ TRUST 2013. 2013.
To Appear
Details about Formal Evaluation of Persona Trustworthiness with EUSTACE (Extended Abstract) | BibTeX data for Formal Evaluation of Persona Trustworthiness with EUSTACE (Extended Abstract)
-
[10]
Designing Interactive Secure Systems: CHI 2013 Special Interest Group
Shamal Faily‚ Lizzie Coles−Kemp‚ Paul Dunphy‚ Mike Just‚ Yoko Akama and Alexander De Luca
In CHI '13 Extended Abstracts on Human Factors in Computing Systems. ACM. 2013.
To Appear
Details about Designing Interactive Secure Systems: CHI 2013 Special Interest Group | BibTeX data for Designing Interactive Secure Systems: CHI 2013 Special Interest Group | Download (pdf) of Designing Interactive Secure Systems: CHI 2013 Special Interest Group
-
[11]
Hardware Security for Device Authentication in the Smart Grid
Andrew Paverd and Andrew Martin
In First Open EIT ICT Labs Workshop on Smart Grid Security − SmartGridSec12. Berlin‚ Germany. 2012.
Details about Hardware Security for Device Authentication in the Smart Grid | BibTeX data for Hardware Security for Device Authentication in the Smart Grid | Download (pdf) of Hardware Security for Device Authentication in the Smart Grid | Link to Hardware Security for Device Authentication in the Smart Grid
-
[12]
BottleCap: a Credential Manager for Capability Systems
Justin King−Lacroix and Andrew Martin
In Proceedings of The Seventh ACM Workshop on Scalable Trusted Computing. 2012.
To appear
Details about BottleCap: a Credential Manager for Capability Systems | BibTeX data for BottleCap: a Credential Manager for Capability Systems
-
[13]
Model−driven architectural risk analysis using architectural and contextualised attack patterns
Shamal Faily‚ John Lyle‚ Cornelius Namiluko‚ Andrea Atzeni and Cesare Cameroni
In Proceedings of the Workshop on Model−Driven Security. Pages 3:1–3:6. ACM. 2012.
Details about Model−driven architectural risk analysis using architectural and contextualised attack patterns | BibTeX data for Model−driven architectural risk analysis using architectural and contextualised attack patterns | Download (pdf) of Model−driven architectural risk analysis using architectural and contextualised attack patterns
-
[14]
Requirements Sensemaking using Concept Maps
Shamal Faily‚ John Lyle‚ Andre Paul‚ Andrea Atzeni‚ Dieter Blomme‚ Heiko Desruelle and Krishna Bangalore
In HCSE'2012: Proceedings of the 4th International Conference on Human−Centered Software Engineering. Pages 217–232. Springer. 2012.
Details about Requirements Sensemaking using Concept Maps | BibTeX data for Requirements Sensemaking using Concept Maps | Download (pdf) of Requirements Sensemaking using Concept Maps
-
[15]
Software for Interactive Secure Systems Design: Lessons Learned Developing and Applying CAIRIS
Shamal Faily and Ivan Flechais
In Proceedings of BCS HCI 2012 Workshops: Designing Interactive Secure Systems. Pages 3:1–3:4. 2012.
Details about Software for Interactive Secure Systems Design: Lessons Learned Developing and Applying CAIRIS | BibTeX data for Software for Interactive Secure Systems Design: Lessons Learned Developing and Applying CAIRIS | Download (pdf) of Software for Interactive Secure Systems Design: Lessons Learned Developing and Applying CAIRIS
-
[16]
Secure System? Challenge Accepted: Finding and Resolving Security Failures Using Security Premortems
Shamal Faily‚ John Lyle and Simon Parkin
In Proceedings of BCS HCI 2012 Workshops: Designing Interactive Secure Systems. Pages 5:1–5:4. 2012.
Details about Secure System? Challenge Accepted: Finding and Resolving Security Failures Using Security Premortems | BibTeX data for Secure System? Challenge Accepted: Finding and Resolving Security Failures Using Security Premortems | Download (pdf) of Secure System? Challenge Accepted: Finding and Resolving Security Failures Using Security Premortems
-
[17]
Personal PKI for the smart device era
John Lyle‚ Andrew Paverd‚ Justin King−Lacroix‚ Andrea Atzeni‚ Habib Virji‚ Ivan Flechais and Shamal Faily
In 9th European PKI Workshop: Research and Applications. 2012.
Details about Personal PKI for the smart device era | BibTeX data for Personal PKI for the smart device era | Download (pdf) of Personal PKI for the smart device era
-
[18]
Provenance as a Security Control
Andrew Martin‚ John Lyle and Cornelius Namiluko
In Proceedings of TaPP'12: the 4th USENIX Workshop on the Theory and Practice of Provenance. USENIX. 2012.
Details about Provenance as a Security Control | BibTeX data for Provenance as a Security Control | Link to Provenance as a Security Control
-
[19]
On the design and development of webinos: a distributed mobile application middleware
John Lyle‚ Shamal Faily‚ Ivan Flechais‚ Andre Paul‚ Ayse Goker‚ Hans Myrhaug‚ Heiko Desruelle and Andrew Martin
In Proceedings of the 12th IFIP WG 6.1 international conference on Distributed applications and interoperable systems. Pages 140–147. 2012.
Details about On the design and development of webinos: a distributed mobile application middleware | BibTeX data for On the design and development of webinos: a distributed mobile application middleware | Download (pdf) of On the design and development of webinos: a distributed mobile application middleware
-
[20]
Cross−platform access control for mobile web applications
John Lyle‚ Salvatore Monteleone‚ Shamal Faily‚ Davide Patti and Fabio Ricciato
In Policies for Distributed Systems and Networks (POLICY)‚ 2012 IEEE International Symposium on. Pages 37–44. 2012.
Details about Cross−platform access control for mobile web applications | BibTeX data for Cross−platform access control for mobile web applications | Download (pdf) of Cross−platform access control for mobile web applications
-
[21]
The webinos project
Christian Fuhrhop‚ John Lyle and Shamal Faily
In Proceedings of the 21st international conference companion on World Wide Web. Pages 259–262. ACM. 2012.
Details about The webinos project | BibTeX data for The webinos project | Download (pdf) of The webinos project
-
[22]
Analysing Chindogu: Applying Defamiliarisation to Security Design
Shamal Faily
In CHI 2012 Workshop on Defamiliarisation in Innovation and Usability. 2012.
Details about Analysing Chindogu: Applying Defamiliarisation to Security Design | BibTeX data for Analysing Chindogu: Applying Defamiliarisation to Security Design | Download (pdf) of Analysing Chindogu: Applying Defamiliarisation to Security Design
-
[23]
Bridging User−Centered Design and Requirements Engineering with GRL and Persona Cases
Shamal Faily
In Proceedings of the 5th International i* Workshop. Pages 114–119. 2011.
Details about Bridging User−Centered Design and Requirements Engineering with GRL and Persona Cases | BibTeX data for Bridging User−Centered Design and Requirements Engineering with GRL and Persona Cases | Download (pdf) of Bridging User−Centered Design and Requirements Engineering with GRL and Persona Cases
-
[24]
Challenges for Provenance in Cloud Computing
Imad M. Abbadi and John Lyle
In TaPP 2011: Proceedings of the Third USENIX Workshop on the Theory and Practice of Provenance. USENIX. 2011.
Details about Challenges for Provenance in Cloud Computing | BibTeX data for Challenges for Provenance in Cloud Computing | Download (pdf) of Challenges for Provenance in Cloud Computing
-
[25]
Eliciting Usable Security Requirements with Misusability Cases
Shamal Faily and Ivan Flechais
In Proceedings of the 19th IEEE International Requirements Engineering Conference. Pages 339–340. IEEE Computer Society. 2011.
Pre−print available at http://www.cs.ox.ac.uk/files/4125/PID1921187.pdf
Details about Eliciting Usable Security Requirements with Misusability Cases | BibTeX data for Eliciting Usable Security Requirements with Misusability Cases | Download (pdf) of Eliciting Usable Security Requirements with Misusability Cases | DOI (10.1109/RE.2011.6051665)
-
[26]
Here's Johnny: a Methodology for Developing Attacker Personas
Andrea Atzeni‚ Shamal Faily‚ John Lyle‚ Cesare Cameroni and Ivan Flechais
In Proceedings of the 6th International Conference on Availability‚ Reliability and Security. Pages 722–727. 2011.
Details about Here's Johnny: a Methodology for Developing Attacker Personas | BibTeX data for Here's Johnny: a Methodology for Developing Attacker Personas | Download (pdf) of Here's Johnny: a Methodology for Developing Attacker Personas
-
[27]
User−Centered Information Security Policy Development in a Post−Stuxnet World
Shamal Faily and Ivan Flechais
In Proceedings of the 6th International Conference on Availability‚ Reliability and Security. Pages 716–721. 2011.
Details about User−Centered Information Security Policy Development in a Post−Stuxnet World | BibTeX data for User−Centered Information Security Policy Development in a Post−Stuxnet World | Download (pdf) of User−Centered Information Security Policy Development in a Post−Stuxnet World
-
[28]
Security goes to ground: on the applicability of Security Entrepreneurship to Grassroot Activism
Shamal Faily
In CHI Workshop on HCI‚ Politics and the City: Engaging with Urban Grassroots Movements for Reflection and Action. 2011.
Details about Security goes to ground: on the applicability of Security Entrepreneurship to Grassroot Activism | BibTeX data for Security goes to ground: on the applicability of Security Entrepreneurship to Grassroot Activism
-
[29]
Two Requirements for Usable and Secure Software Engineering
Shamal Faily
In 1st Software and Usable Security Aligned for Good Engineering (SAUSAGE) Workshop. 2011.
Details about Two Requirements for Usable and Secure Software Engineering | BibTeX data for Two Requirements for Usable and Secure Software Engineering | Download (pdf) of Two Requirements for Usable and Secure Software Engineering
-
[30]
Persona Cases: A Technique for grounding Personas
Shamal Faily and Ivan Flechais
In CHI '11: Proceedings of the 29th International conference on Human factors in computing systems. Pages 2267−2270. Vancouver‚ BC‚ Canada. 2011. ACM.
Details about Persona Cases: A Technique for grounding Personas | BibTeX data for Persona Cases: A Technique for grounding Personas
-
[31]
Security through Usability: a user−centered approach for balanced security policy requirements
Shamal Faily and Ivan Flechais
In Poster at: Annual Computer Security Applications Conference. 2010.
Details about Security through Usability: a user−centered approach for balanced security policy requirements | BibTeX data for Security through Usability: a user−centered approach for balanced security policy requirements | Download (pdf) of Security through Usability: a user−centered approach for balanced security policy requirements
-
[32]
Security and Usability: Searching for the philosopher's stone
Ivan Flechais and Shamal Faily
In Workshop on the development of EuroSOUPS (European Symposium on Usable Privacy and Security). 2010.
Details about Security and Usability: Searching for the philosopher's stone | BibTeX data for Security and Usability: Searching for the philosopher's stone | Download (pdf) of Security and Usability: Searching for the philosopher's stone
-
[33]
Security and Usability: Analysis and Evaluation
A. W. Roscoe Ronald Kainda Ivan Flechais
2010.
Details about Security and Usability: Analysis and Evaluation | BibTeX data for Security and Usability: Analysis and Evaluation
-
[34]
Two Heads are Better Than One: Security and Usability of Device Associations in Group Scenarios
A. W. Roscoe Ronald Kainda Ivan Flechais
In Proceedings of the 2010 Symposium on Usable Privacy and Security (SOUPS 2010). 2010.
Details about Two Heads are Better Than One: Security and Usability of Device Associations in Group Scenarios | BibTeX data for Two Heads are Better Than One: Security and Usability of Device Associations in Group Scenarios
-
[35]
Unsteady Ground: Certification to Unstable Criteria
Joe Loughry
In Proceedings of the Second International Conference on Advances in System Testing and Validation Life Cycle. Nice‚ France. 2010.
Details about Unsteady Ground: Certification to Unstable Criteria | BibTeX data for Unsteady Ground: Certification to Unstable Criteria
-
[36]
Trusted Computing and Provenance: Better Together
John Lyle and Andrew Martin
In Proceedings of the 2nd Workshop on the Theory and Practice of Provenance. Usenix. 2010.
Details about Trusted Computing and Provenance: Better Together | BibTeX data for Trusted Computing and Provenance: Better Together | Download (pdf) of Trusted Computing and Provenance: Better Together | Download (pdf) of Trusted Computing and Provenance: Better Together
-
[37]
Engineering Attestable Services (short paper)
John Lyle and Andrew Martin
In Ahmad−Reza Acquisti Alessandro; Smith Sean W.; Sadeghi, editor, Proceedings of the 3rd International Conference on Trust and Trustworthy Computing. Pages 257–264. Springer. June, 2010.
Details about Engineering Attestable Services (short paper) | BibTeX data for Engineering Attestable Services (short paper) | Download (pdf) of Engineering Attestable Services (short paper) | DOI (10.1007/978-3-642-13869-0) | Link to Engineering Attestable Services (short paper)
-
[38]
A Model of Security Culture for e−Science
Shamal Faily and Ivan Flechais
In Nathan Clarke‚ Steven Furnell and Rossouw von Solms, editors, Proceedings of the South African Information Security Multi−Conference (SAISMC 2010). Pages 154–164. University of Plymouth. 2010.
Details about A Model of Security Culture for e−Science | BibTeX data for A Model of Security Culture for e−Science | Download (pdf) of A Model of Security Culture for e−Science
-
[39]
To boldly go where invention isn't secure: applying Security Entrepreneurship to secure systems design
Shamal Faily and Ivan Flechais
In NSPW '10: Proceedings of the 2010 New Security Paradigms Workshop. Pages 73–84. New York‚ NY‚ USA. 2010. ACM.
Details about To boldly go where invention isn't secure: applying Security Entrepreneurship to secure systems design | BibTeX data for To boldly go where invention isn't secure: applying Security Entrepreneurship to secure systems design | Download (pdf) of To boldly go where invention isn't secure: applying Security Entrepreneurship to secure systems design
-
[40]
The Secret Lives of Assumptions: Developing and Refining Assumption Personas for Secure System Design
Shamal Faily and Ivan Flechais
In HCSE'2010: Proceedings of the 3rd Conference on Human−Centered Software Engineering. Pages 111–118. Springer. 2010.
Details about The Secret Lives of Assumptions: Developing and Refining Assumption Personas for Secure System Design | BibTeX data for The Secret Lives of Assumptions: Developing and Refining Assumption Personas for Secure System Design | Download (pdf) of The Secret Lives of Assumptions: Developing and Refining Assumption Personas for Secure System Design
-
[41]
Barry is not the weakest link: Eliciting Secure System Requirements with Personas
Shamal Faily and Ivan Flechais
In Proceedings of the 24th British HCI Group Annual Conference on People and Computers: Play is a Serious Business. Pages 113–120. British Computer Society. 2010.
Details about Barry is not the weakest link: Eliciting Secure System Requirements with Personas | BibTeX data for Barry is not the weakest link: Eliciting Secure System Requirements with Personas | Download (pdf) of Barry is not the weakest link: Eliciting Secure System Requirements with Personas
-
[42]
Improving Secure Systems Design with Security Culture
Shamal Faily and Ivan Flechais
In Poster at: Human Factors in Information Security. February, 2010.
Details about Improving Secure Systems Design with Security Culture | BibTeX data for Improving Secure Systems Design with Security Culture | Download (pdf) of Improving Secure Systems Design with Security Culture
-
[43]
Analysing and Visualising Security and Usability in IRIS
Shamal Faily and Ivan Flechais
In Availability‚ Reliability and Security‚ 2010. ARES 10. Fifth International Conference on. February, 2010.
Details about Analysing and Visualising Security and Usability in IRIS | BibTeX data for Analysing and Visualising Security and Usability in IRIS | Download (pdf) of Analysing and Visualising Security and Usability in IRIS | DOI (10.1109/ARES.2010.28)
-
[44]
A Meta−Model for Usable Secure Requirements Engineering
Shamal Faily and Ivan Flechais
In Software Engineering for Secure Systems‚ 2010. SESS '10. ICSE Workshop on. Pages 29–35. May, 2010.
Details about A Meta−Model for Usable Secure Requirements Engineering | BibTeX data for A Meta−Model for Usable Secure Requirements Engineering | Download (pdf) of A Meta−Model for Usable Secure Requirements Engineering | DOI (10.1145/1809100.1809105)
-
[45]
Usability and Security of Out−Of−Band Channels in Secure Device Pairing Protocols
A. W. Roscoe Ronald Kainda Ivan Flechais
In SOUPS '09: Proceedings of the 5th Symposium on Usable Privacy and Security. 2009.
Details about Usability and Security of Out−Of−Band Channels in Secure Device Pairing Protocols | BibTeX data for Usability and Security of Out−Of−Band Channels in Secure Device Pairing Protocols
-
[46]
Stakeholder involvement‚ motivation‚ responsibility‚ communication: How to design usable security in e−Science
I. Flechais and M. A. Sasse
Vol. 67. No. 4. Pages 281−296. 2009.
Details about Stakeholder involvement‚ motivation‚ responsibility‚ communication: How to design usable security in e−Science | BibTeX data for Stakeholder involvement‚ motivation‚ responsibility‚ communication: How to design usable security in e−Science | Download (pdf) of Stakeholder involvement‚ motivation‚ responsibility‚ communication: How to design usable security in e−Science | DOI (10.1016/j.ijhcs.2007.10.002) | Link to Stakeholder involvement‚ motivation‚ responsibility‚ communication: How to design usable security in e−Science
-
[47]
On the Feasibility of Remote Attestation for Web Services
John Lyle and Andrew Martin
In SecureCom09: Proceedings of the International Symposium on Secure Computing. Pages 283−288. IEEE. 2009.
Details about On the Feasibility of Remote Attestation for Web Services | BibTeX data for On the Feasibility of Remote Attestation for Web Services | Download PublicationFile of On the Feasibility of Remote Attestation for Web Services | Download feasibility-ieee.pdf of On the Feasibility of Remote Attestation for Web Services | Link to On the Feasibility of Remote Attestation for Web Services
-
[48]
Trustworthy Log Reconciliation for Distributed Virtual Organisations
Jun Ho Huh and John Lyle
In Liqun Chen‚ Chris J. Mitchell and Andrew Martin, editors, Trust '09: Proceedings of the 2nd International Conference on Trusted Computing. Pages 169−182. Berlin‚ Heidelberg. April, 2009. Springer−Verlag.
Details about Trustworthy Log Reconciliation for Distributed Virtual Organisations | BibTeX data for Trustworthy Log Reconciliation for Distributed Virtual Organisations | DOI (10.1007/978-3-642-00587-9_11)
-
[49]
Trustable Remote Verification of Web Services
John Lyle
In Liqun Chen‚ Chris J. Mitchell and Andrew Martin, editors, TRUST. Pages 153−168. Springer. April, 2009.
Details about Trustable Remote Verification of Web Services | BibTeX data for Trustable Remote Verification of Web Services | Download (pdf) of Trustable Remote Verification of Web Services | Link to Trustable Remote Verification of Web Services
-
[50]
Context−Sensitive Requirements and Risk Analysis
Shamal Faily
In Requirements Engineering Doctoral Symposium. 2009.
Details about Context−Sensitive Requirements and Risk Analysis | BibTeX data for Context−Sensitive Requirements and Risk Analysis | Download (pdf) of Context−Sensitive Requirements and Risk Analysis
-
[51]
Context−Sensitive Requirements and Risk Management with IRIS
Shamal Faily and Ivan Flechais
In International Requirements Engineering‚ 2009. RE'09. 17th IEEE. IEEE. August, 2009.
Details about Context−Sensitive Requirements and Risk Management with IRIS | BibTeX data for Context−Sensitive Requirements and Risk Management with IRIS | Download (pdf) of Context−Sensitive Requirements and Risk Management with IRIS | DOI (10.1109/RE.2009.54)
-
[52]
Making the invisible visible: a theory of security culture for secure and usable grids
Shamal Faily and Ivan Flechais
In UK e−Science All Hands Conference 2008‚ Edinburgh‚ UK (Oral Presentation). 2008.
Details about Making the invisible visible: a theory of security culture for secure and usable grids | BibTeX data for Making the invisible visible: a theory of security culture for secure and usable grids | Download (pdf) of Making the invisible visible: a theory of security culture for secure and usable grids
-
[53]
On the facilitation of fine−grained access to distributed healthcare data
D. Russell M. A. Slaymaker D. J. Power and A. C. Simpson
In Proceedings of Secure Data Management 2008. 2008.
Details about On the facilitation of fine−grained access to distributed healthcare data | BibTeX data for On the facilitation of fine−grained access to distributed healthcare data
-
[54]
Towards a Secure‚ Tamper−Proof Grid Platform.
Andrew Cooper and Andrew Martin
In Sixth IEEE International Symposium on Cluster Computing and the Grid (CCGrid 2006)‚ 16−19 May 2006‚ Singapore. Pages 373−380. IEEE Computer Society. 2006.
Details about Towards a Secure‚ Tamper−Proof Grid Platform. | BibTeX data for Towards a Secure‚ Tamper−Proof Grid Platform.
Technical reports
-
[1]
The Ten Page Introduction to Trusted Computing
Andrew Martin
No. RR−08−11. OUCL. December, 2008.
Details about The Ten Page Introduction to Trusted Computing | BibTeX data for The Ten Page Introduction to Trusted Computing | Download of The Ten Page Introduction to Trusted Computing
Theses
-
[1]
A framework for usable and secure system design
Shamal Faily
PhD Thesis University of Oxford. 2011.
Details about A framework for usable and secure system design | BibTeX data for A framework for usable and secure system design | Download (pdf) of A framework for usable and secure system design
-
[2]
Trustworthy Services Through Attestation
John Lyle
PhD Thesis Department of Computer Science‚ University of Oxford. 2011.
Details about Trustworthy Services Through Attestation | BibTeX data for Trustworthy Services Through Attestation | Download (pdf) of Trustworthy Services Through Attestation