Secure System? Challenge Accepted: Finding and Resolving Security Failures Using Security Premortems.

Faily, S., Lyle, J. and Parkin, S., 2012. Secure System? Challenge Accepted: Finding and Resolving Security Failures Using Security Premortems. In: BCS HCI 2012 Workshops: Designing Interactive Secure Systems, 12 -14 September 2012, Birmingham, UK, 5:1 - 5:4 .

Full text available as:

[img]
Preview
PDF
falp121.pdf - Published Version

327kB

Abstract

Risk-driven approaches are dominant in secure systems design; these aim to elicit and treat vulnerabilities and the threats exploiting them. Such approaches, however, are so focused on driving risks out of system design, they fail to recognise the usefulness of failure as a vehicle for security innovation. To explore the role of failure as a design tool, we present the security premortem: a participative design technique where participants assume that a system has been exploited, and plausible reasons are given for explaining why. We describe this approach and illustrate how software tools can be used to support it.

Item Type:Conference or Workshop Item (Paper)
Additional Information:Proceedings of HCI 2012 The 26th BCS Conference on Human Computer Interaction
Uncontrolled Keywords:Risk, Premortem, CAIRIS
Subjects:UNSPECIFIED
Group:Faculty of Science and Technology
ID Code:22061
Deposited By: Unnamed user with email symplectic@symplectic
Deposited On:09 Jun 2015 11:04
Last Modified:09 Jun 2015 11:04

Downloads

Downloads per month over past year

More statistics for this item...
Repository Staff Only -