For Publishers
DiscoveryMetadataPeer reviewHostingPublishing
For Researchers
JoinPublishReviewCollect
Register
Blog
About
Search
Advanced search

156
views
5
references
 Top references
0
cited by
 Most cited
    
0 reviews
 Review
0
comments
 Comment
0
recommends
+1 Recommend
1 collections
    0
    shares
      293
      similar
       All similar
      • Record: found
      • Abstract: found
      • Conference Proceedings: found
      Is Open Access

      Secure System? Challenge Accepted: Finding and Resolving Security Failures Using Security Premortems

      Author(s): , ,

      Publication date (Print):

      Conference name: The 26th BCS Conference on Human Computer Interaction (HCI)

      Conference theme: Human Computer Interaction

      Conference date: 12 - 14 September 2012

      Keywords: Risk, Premortem, CAIRIS

      Read this article at

      ScienceOpen
      Bookmark
          There is no author summary for this article yet. Authors can add summaries to their articles on ScienceOpen to make them more accessible to a non-specialist audience.

          Abstract

          Risk–driven approaches are dominant in secure systems design; these aim to elicit and treat vulnerabilities and the threats exploiting them. Such approaches, however, are so focused on driving risks out of system design, they fail to recognise the usefulness of failure as a vehicle for security innovation. To explore the role of failure as a design tool, we present the security premortem: a participative design technique where participants assume that a system has been exploited, and plausible reasons are given for explaining why. We describe this approach and illustrate how software tools can be used to support it.

          Related collections

          Most cited references 5

          • Record: found
          • Abstract: not found
          • Article: not found

          Eliciting security requirements with misuse cases

           Guttorm Sindre,  Andreas Opdahl (2005)
          Article 0 comments Cited 21 times – based on 0 reviews     Review now
            Bookmark
            • Record: found
            • Abstract: not found
            • Conference Proceedings: not found

            A meta-model for usable secure requirements engineering

             Shamal Faily,  Ivan Flechais (2010)
            Article 0 comments Cited 6 times – based on 0 reviews
              Bookmark
              • Record: found
              • Abstract: not found
              • Conference Proceedings: not found

              Here's Johnny: A Methodology for Developing Attacker Personas

               Andrea Atzeni,  Cesare Cameroni,  Shamal Faily (2011)
              Article 0 comments Cited 2 times – based on 0 reviews
                Bookmark
                All references

                Author and article information

                Contributors
                Shamal Faily
                Simon Parkin
                John Lyle
                Conference
                Publication date: September 2012
                Publication date (Print): September 2012
                Pages: 1-4
                Affiliations
                Department of Computer Science

                University of Oxford
                School of Computer Science

                Newcastle University
                Article
                DOI: 10.14236/ewic/HCI2012.66
                Copyright statement: © Shamal Faily et al. Published by BCS Learning and Development Ltd. The 26th BCS Conference on Human Computer Interaction, Birmingham, UK
                License:

                This work is licensed under a Creative Commons Attribution 4.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/

                Conference name: The 26th BCS Conference on Human Computer Interaction
                Conference acronym: HCI
                Conference number: 26
                Conference location: Birmingham, UK
                Conference date: 12 - 14 September 2012
                Conference sponsor: Electronic Workshops in Computing (eWiC)
                Conference theme: Human Computer Interaction
                Product
                Product Information: 1477-9358BCS Learning & Development
                Self URI (journal page): https://ewic.bcs.org/
                Categories
                Series title: Electronic Workshops in Computing

                Data availability:

                ScienceOpen disciplines: Applied computer science, Computer science, Security & Cryptology, Graphics & Multimedia design, General computer science, Human-computer-interaction

                Keywords: CAIRIS, Risk, Premortem

                Comments

                Comment on this article