840
views
0
recommends
+1 Recommend
1 collections
    0
    shares

      Studying business & IT? Drive your professional career forwards with BCS books - for a 20% discount click here: shop.bcs.org

      scite_
       
      • Record: found
      • Abstract: found
      • Conference Proceedings: found
      Is Open Access

      Secure System? Challenge Accepted: Finding and Resolving Security Failures Using Security Premortems

      Published
      proceedings-article
      , ,
      The 26th BCS Conference on Human Computer Interaction (HCI)
      Human Computer Interaction
      12 - 14 September 2012
      Risk, Premortem, CAIRIS
      Bookmark

            Abstract

            Risk–driven approaches are dominant in secure systems design; these aim to elicit and treat vulnerabilities and the threats exploiting them. Such approaches, however, are so focused on driving risks out of system design, they fail to recognise the usefulness of failure as a vehicle for security innovation. To explore the role of failure as a design tool, we present the security premortem: a participative design technique where participants assume that a system has been exploited, and plausible reasons are given for explaining why. We describe this approach and illustrate how software tools can be used to support it.

            Content

            Author and article information

            Contributors
            Conference
            September 2012
            September 2012
            : 1-4
            Affiliations
            [0001]Department of Computer Science

            University of Oxford
            [0002]School of Computer Science

            Newcastle University
            Article
            10.14236/ewic/HCI2012.66
            97108ec5-e8cf-459f-8b2b-16aaaa10ebbc
            © Shamal Faily et al. Published by BCS Learning and Development Ltd. The 26th BCS Conference on Human Computer Interaction, Birmingham, UK

            This work is licensed under a Creative Commons Attribution 4.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/

            The 26th BCS Conference on Human Computer Interaction
            HCI
            26
            Birmingham, UK
            12 - 14 September 2012
            Electronic Workshops in Computing (eWiC)
            Human Computer Interaction
            History
            Product

            1477-9358 BCS Learning & Development

            Self URI (article page): https://www.scienceopen.com/hosted-document?doi=10.14236/ewic/HCI2012.66
            Self URI (journal page): https://ewic.bcs.org/
            Categories
            Electronic Workshops in Computing

            Applied computer science,Computer science,Security & Cryptology,Graphics & Multimedia design,General computer science,Human-computer-interaction
            Premortem,Risk,CAIRIS

            Comments

            Comment on this article