Skip to main content

Engaging Stakeholders during Late Stage Security Design with Assumption Personas.

Faily, S., 2015. Engaging Stakeholders during Late Stage Security Design with Assumption Personas. Information and Computer Security, 23 (4), 435-446.

Full text available as:

ICS-10-2014-0066.pdf - Accepted Version
Available under License Creative Commons Attribution.


DOI: 10.1108/ICS-10-2014-0066


Purpose – This paper aims to present an approach where assumption personas are used to engage stakeholders in the elicitation and specification of security requirements at a late stage of a system’s design. Design/methodology/approach – The author has devised an approach for developing assumption personas for use in participatory design sessions during the later stages of a system’s design. The author validates this approach using a case study in the e-Science domain. Findings – Engagement follows by focusing on the indirect, rather than direct, implications of security. More design approaches are needed for treating security at a comparatively late stage. Security design techniques should scale to working with sub-optimal input data. Originality/value – This paper contributes an approach where assumption personas engage project team members when eliciting and specifying security requirements at the late stages of a project.

Item Type:Article
Uncontrolled Keywords:Information security, Business analysis, Software engineering
Group:Faculty of Science & Technology
ID Code:22704
Deposited By: Symplectic RT2
Deposited On:19 Oct 2015 10:15
Last Modified:14 Mar 2022 13:53


Downloads per month over past year

More statistics for this item...
Repository Staff Only -