Engaging Stakeholders during Late Stage Security Design with Assumption Personas.

Faily, S., 2015. Engaging Stakeholders during Late Stage Security Design with Assumption Personas. Information and Computer Security, 23 (4), pp. 435-446.

Full text available as:

[img]
Preview
PDF (OPEN ACCESS ARTICLE)
ICS-10-2014-0066.pdf - Accepted Version
Available under License Creative Commons Attribution.

230kB

DOI: 10.1108/ICS-10-2014-0066

Abstract

Purpose – This paper aims to present an approach where assumption personas are used to engage stakeholders in the elicitation and specification of security requirements at a late stage of a system’s design. Design/methodology/approach – The author has devised an approach for developing assumption personas for use in participatory design sessions during the later stages of a system’s design. The author validates this approach using a case study in the e-Science domain. Findings – Engagement follows by focusing on the indirect, rather than direct, implications of security. More design approaches are needed for treating security at a comparatively late stage. Security design techniques should scale to working with sub-optimal input data. Originality/value – This paper contributes an approach where assumption personas engage project team members when eliciting and specifying security requirements at the late stages of a project.

Item Type:Article
ISSN:2056-4961
Uncontrolled Keywords:Information security, Business analysis, Software engineering
Subjects:UNSPECIFIED
Group:Faculty of Science and Technology
ID Code:22704
Deposited By: Unnamed user with email symplectic@symplectic
Deposited On:19 Oct 2015 10:15
Last Modified:19 Oct 2015 10:15

Downloads

Downloads per month over past year

More statistics for this item...
Repository Staff Only -