Risk-driven approaches are dominant in secure systems design; these aim to elicit and treat vulnerabilities and the threats exploiting them. Such approaches, however, are so focused on driving risks out of system design, they fail to recognise the usefulness of failure as a vehicle for security innovation. To explore the role of failure as a design tool, we present the security premortem: a participative design technique where participants assume that a system has been exploited, and plausible reasons are given for explaining why. We describe this approach and illustrate how software tools can be used to support it
As systems become more complex, the potential for security vulnerabilities being introduced increase...
Many secure systems rely on a “human in the loop ” to perform security-critical functions. However, ...
Both academia and industry advocate the security by design principle to stress the importance of dea...
Risk-driven approaches are dominant in secure systems design; these aim to elicit and treat vulnerab...
Risk-driven approaches are dominant in secure systems design; these aim to elicit and treat vulnerab...
Risk-driven approaches are dominant in secure systems design; these aim to elicit and treat vulnerab...
Security patterns are a useful way of describing, packaging and applying security knowledge which mi...
When designing secure systems, we are inundated with an eclectic mix of security and non-security re...
Security patterns are a useful technique for packaging and applying security knowledge. However, bec...
Abstract Security patterns are a useful way of describing, packaging and apply-ing security knowledg...
The fact that security was often neglected in the design and construction of computer software has l...
Although widely used for both security and usability concerns, scenarios used in security design may...
Although widely used for both security and usability concerns, scenarios used in security design may...
As systems become more complex, the potential for security vulnerabilities being introduced increase...
“People are the weakest link in the security chain ” – Bruce Schneier The aim of the thesis is to i...
As systems become more complex, the potential for security vulnerabilities being introduced increase...
Many secure systems rely on a “human in the loop ” to perform security-critical functions. However, ...
Both academia and industry advocate the security by design principle to stress the importance of dea...
Risk-driven approaches are dominant in secure systems design; these aim to elicit and treat vulnerab...
Risk-driven approaches are dominant in secure systems design; these aim to elicit and treat vulnerab...
Risk-driven approaches are dominant in secure systems design; these aim to elicit and treat vulnerab...
Security patterns are a useful way of describing, packaging and applying security knowledge which mi...
When designing secure systems, we are inundated with an eclectic mix of security and non-security re...
Security patterns are a useful technique for packaging and applying security knowledge. However, bec...
Abstract Security patterns are a useful way of describing, packaging and apply-ing security knowledg...
The fact that security was often neglected in the design and construction of computer software has l...
Although widely used for both security and usability concerns, scenarios used in security design may...
Although widely used for both security and usability concerns, scenarios used in security design may...
As systems become more complex, the potential for security vulnerabilities being introduced increase...
“People are the weakest link in the security chain ” – Bruce Schneier The aim of the thesis is to i...
As systems become more complex, the potential for security vulnerabilities being introduced increase...
Many secure systems rely on a “human in the loop ” to perform security-critical functions. However, ...
Both academia and industry advocate the security by design principle to stress the importance of dea...