Faily, S., Lyle, J. and Parkin, S., 2012. Secure System? Challenge Accepted: Finding and Resolving Security Failures Using Security Premortems. In: BCS HCI 2012 Workshops: Designing Interactive Secure Systems, 12 -14 September 2012, Birmingham, UK, 5:1 - 5:4 .
Full text available as:
|
PDF
falp121.pdf - Published Version 327kB | |
Copyright to original material in this document is with the original owner(s). Access to this content through BURO is granted on condition that you use it only for research, scholarly or other non-commercial purposes. If you wish to use it for any other purposes, you must contact BU via BURO@bournemouth.ac.uk. Any third party copyright material in this document remains the property of its respective owner(s). BU grants no licence for further use of that third party material. |
Abstract
Risk-driven approaches are dominant in secure systems design; these aim to elicit and treat vulnerabilities and the threats exploiting them. Such approaches, however, are so focused on driving risks out of system design, they fail to recognise the usefulness of failure as a vehicle for security innovation. To explore the role of failure as a design tool, we present the security premortem: a participative design technique where participants assume that a system has been exploited, and plausible reasons are given for explaining why. We describe this approach and illustrate how software tools can be used to support it.
Item Type: | Conference or Workshop Item (Paper) |
---|---|
Additional Information: | Proceedings of HCI 2012 The 26th BCS Conference on Human Computer Interaction |
Uncontrolled Keywords: | Risk, Premortem, CAIRIS |
Group: | Faculty of Science & Technology |
ID Code: | 22061 |
Deposited By: | Symplectic RT2 |
Deposited On: | 09 Jun 2015 11:04 |
Last Modified: | 14 Mar 2022 13:51 |
Downloads
Downloads per month over past year
Repository Staff Only - |