@inproceedings{lyfadais12, title = "On the design and development of webinos: a distributed mobile application middleware", author = "John Lyle and Shamal Faily and Ivan Flechais and Andre Paul and Ayse Goker and Hans Myrhaug and Heiko Desruelle and Andrew Martin", year = "2012", booktitle = "Proceedings of the 12th IFIP WG 6.1 international conference on Distributed applications and interoperable systems", note = "To appear", series = "DAIS' 12", } @inproceedings{lymo12, title = "Cross-plaform access control for mobile web applications", author = "John Lyle and Salvatore Monteleone and Shamal Faily and Davide Patti and Fabio Ricciato", year = "2012", booktitle = "Policies for Distributed Systems and Networks (POLICY), 2012 IEEE International Symposium on", note = "To appear", } @inproceedings{lyfa12, title = "The webinos project", author = "Christian Fuhrhop and John Lyle and Shamal Faily", year = "2012", booktitle = "Poster at: 21st International World Wide Web Conference", location = "Lyon, France", publisher = "ACM", series = "WWW '12", } @inproceedings{failydefam2012, title = "Analysing Chindogu: Applying Defamiliarisation to Security Design", author = "Shamal Faily", year = "2012", booktitle = "CHI 2012 Workshop on Defamiliarisation in Innovation and Usability", } @article{fafl12, title = "Eliciting Policy Requirements for Critical National Infrastructure using the IRIS Framework", author = "Shamal Faily and Ivan Flechais", year = "2011", journal = "International Journal of Secure Software Engineering", number = "4", organization = "IGI Global", pages = "1--18", volume = "2", } @inproceedings{failyistar11, title = "Bridging User-Centered Design and Requirements Engineering with GRL and Persona Cases", author = "Shamal Faily", year = "2011", booktitle = "Proceedings of the 5th International i* Workshop", pages = "114--119", } @inproceedings{AbbadiLyle2011, title = "Challenges for Provenance in Cloud Computing", author = "Imad M. Abbadi and John Lyle", year = "2011", booktitle = "TaPP 2011: Proceedings of the Third USENIX Workshop on the Theory and Practice of Provenance", publisher = "USENIX", url = "http://www.usenix.org/event/tapp11/tech/final_files/Abbadi.pdf", } @phdthesis{failythesis, title = "A framework for usable and secure system design", author = "Shamal Faily", year = "2011", school = "University of Oxford", } @phdthesis{Lyle2011, title = "Trustworthy Services Through Attestation", author = "John Lyle", year = "2011", school = "Department of Computer Science, University of Oxford", url = "http://www.cs.ox.ac.uk/people/John.Lyle/thesis-final-25-06-11.pdf", } @inproceedings{faflre11, title = "Eliciting Usable Security Requirements with Misusability Cases", author = "Shamal Faily and Ivan Flechais", year = "2011", booktitle = "Proceedings of the 19th IEEE International Requirements Engineering Conference", note = "Pre-print available at http://www.cs.ox.ac.uk/files/4125/PID1921187.pdf", pages = "339--340", publisher = "IEEE Computer Society", doi = "10.1109/RE.2011.6051665", } @inproceedings{atfasecse2011, title = "Here's Johnny: a Methodology for Developing Attacker Personas", author = "Andrea Atzeni and Shamal Faily and John Lyle and Cesare Cameroni and Ivan Flechais", year = "2011", booktitle = "Proceedings of the 6th International Conference on Availability, Reliability and Security", pages = "722--727", } @inproceedings{faflsecse2011, title = "User-Centered Information Security Policy Development in a Post-Stuxnet World", author = "Shamal Faily and Ivan Flechais", year = "2011", booktitle = "Proceedings of the 6th International Conference on Availability, Reliability and Security", pages = "716--721", } @inproceedings{faflchiw11, title = "Security goes to ground: on the applicability of Security Entrepreneurship to Grassroot Activism", author = "Shamal Faily", year = "2011", booktitle = "CHI Workshop on HCI, Politics and the City: Engaging with Urban Grassroots Movements for Reflection and Action", } @inproceedings{failysausage2011, title = "Two Requirements for Usable and Secure Software Engineering", author = "Shamal Faily", year = "2011", booktitle = "1st Software and Usable Security Aligned for Good Engineering (SAUSAGE) Workshop", location = "National Institute of Standards and Technology (NIST), Gaithersburg MD, USA", } @inproceedings{fafl1101, title = "Persona Cases: A Technique for grounding Personas", author = "Shamal Faily and Ivan Flechais", year = "2011", address = "Vancouver, BC, Canada", booktitle = "CHI '11: Proceedings of the 29th International conference on Human factors in computing systems", location = "Vancouver, BC, Canada", pages = "2267-2270", publisher = "ACM", } @inproceedings{faflacsac2010, title = "Security through Usability: a user-centered approach for balanced security policy requirements", author = "Shamal Faily and Ivan Flechais", year = "2010", booktitle = "Poster at: Annual Computer Security Applications Conference", location = "Austin TX, USA", } @inproceedings{flfa101, title = "Security and Usability: Searching for the philosopher's stone", author = "Ivan Flechais and Shamal Faily", year = "2010", booktitle = "Workshop on the development of EuroSOUPS (European Symposium on Usable Privacy and Security)", location = "Northumbria University, Newcastle, UK", } @inproceedings{kainda2010, title = "Security and Usability: Analysis and Evaluation", author = "Ronald Kainda, Ivan Flechais, A. W. Roscoe", year = "2010", journal = "Availability, Reliability and Security, 2010. ARES 10. Fifth International Conference on", } @inproceedings{kainda2010c, title = "Two Heads are Better Than One: Security and Usability of Device Associations in Group Scenarios", author = "Ronald Kainda, Ivan Flechais, A. W. Roscoe", year = "2010", booktitle = "Proceedings of the 2010 Symposium on Usable Privacy and Security (SOUPS 2010)", location = "Redmond, WA", } @inproceedings{Loughry2010a, title = "Unsteady Ground: Certification to Unstable Criteria", author = "Joe Loughry", year = "2010", address = "Nice, France", booktitle = "Proceedings of the Second International Conference on Advances in System Testing and Validation Life Cycle", month = "22--27 August", } @article{Huh2010, title = "Managing application whitelists in trusted distributed systems", author = "Jun Ho Huh and John Lyle and Cornelius Namiluko and Andrew Martin", year = "2010", issn = "0167-739X", journal = "Future Generation Computer Systems", keywords = ""Configuration management", "Trusted computing","Trusted grid", "Virtual organisations", "Whitelisting"", url = ""http://www.sciencedirect.com/science/article/B6V06-50XCXVD-2/2/6efb0eda0beeb1edcc156190e2f843e8", volume = "In Press, Accepted Manuscript", doi = "DOI: 10.1016/j.future.2010.08.014", } @inproceedings{lyle-tapp10, title = "Trusted Computing and Provenance: Better Together", author = "John Lyle and Andrew Martin", year = "2010", booktitle = "Proceedings of the 2nd Workshop on the Theory and Practice of Provenance", publisher = "Usenix", url = "http://www.usenix.org/events/tapp10/tech/full_papers/lyle.pdf", } @inproceedings{lyle-martin-trust2010, title = "Engineering Attestable Services (short paper)", author = "John Lyle and Andrew Martin", year = "2010", booktitle = "Proceedings of the 3rd International Conference on Trust and Trustworthy Computing", editor = "Acquisti, Alessandro; Smith, Sean W.; Sadeghi, Ahmad-Reza", location = "Berlin", month = "June", pages = "257--264", publisher = "Springer", series = "Lecture Notes in Computer Science", url = "http://www.springerlink.com/content/4NG0010448040134", doi = "10.1007/978-3-642-13869-0", } @inproceedings{fafl10haisa, title = "A Model of Security Culture for e-Science", author = "Shamal Faily and Ivan Flechais", year = "2010", booktitle = "Proceedings of the South African Information Security Multi-Conference (SAISMC 2010)", editor = "Nathan Clarke and Steven Furnell and Rossouw von Solms", location = "Port Elizabeth, South Africa", pages = "154--164", publisher = "University of Plymouth", } @inproceedings{faflnspw10, title = "To boldly go where invention isn't secure: applying Security Entrepreneurship to secure systems design", author = "Shamal Faily and Ivan Flechais", year = "2010", address = "New York, NY, USA", booktitle = "NSPW '10: Proceedings of the 2010 New Security Paradigms Workshop", location = "Concord, Massachusetts, USA", pages = "73--84", publisher = "ACM", } @article{failyimcs10, title = "Designing and Aligning e-Science Security Culture with Design", author = "Shamal Faily and Ivan Flechais", year = "2010", journal = "Information Management & Computer Security", number = "5", volume = "18", } @inproceedings{faflhcse, title = "The Secret Lives of Assumptions: Developing and Refining Assumption Personas for Secure System Design", author = "Shamal Faily and Ivan Flechais", year = "2010", booktitle = "HCSE'2010: Proceedings of the 3rd Conference on Human-Centered Software Engineering", pages = "111--118", publisher = "Springer", } @inproceedings{fafl106, title = "Barry is not the weakest link: Eliciting Secure System Requirements with Personas", author = "Shamal Faily and Ivan Flechais", year = "2010", booktitle = "Proceedings of the 24th British HCI Group Annual Conference on People and Computers: Play is a Serious Business", pages = "113--120", publisher = "British Computer Society", series = "BCS-HCI '10", } @inproceedings{fafl105, title = "Improving Secure Systems Design with Security Culture", author = "Shamal Faily and Ivan Flechais", year = "2010", booktitle = "Poster at: Human Factors in Information Security", location = "London", month = "Feb", } @inproceedings{fafl101, title = "Analysing and Visualising Security and Usability in IRIS", author = "Shamal Faily and Ivan Flechais", year = "2010", booktitle = "Availability, Reliability and Security, 2010. ARES 10. Fifth International Conference on", month = "Feb", doi = "10.1109/ARES.2010.28", } @inproceedings{fafl103, title = "A Meta-Model for Usable Secure Requirements Engineering", author = "Shamal Faily and Ivan Flechais", year = "2010", booktitle = "Software Engineering for Secure Systems, 2010. SESS '10. ICSE Workshop on", month = "May", pages = "29--35", doi = "10.1145/1809100.1809105", } @article{fafl106, title = "Towards tool-support for Usable Secure Requirements Engineering with CAIRIS", author = "Shamal Faily and Ivan Flechais", year = "2010", journal = "International Journal of Secure Software Engineering", number = "3", organization = "IGI Global", pages = "56--70", volume = "1", doi = "10.4018/ijsse.2010070104", } @inproceedings{kainda2009, title = "Usability and Security of Out-Of-Band Channels in Secure Device Pairing Protocols", author = "Ronald Kainda, Ivan Flechais, A. W. Roscoe", year = "2009", booktitle = "SOUPS '09: Proceedings of the 5th Symposium on Usable Privacy and Security", location = "Mountain View, CA", } @inproceedings{Flechais*2007:Stakeholder, title = "Stakeholder involvement, motivation, responsibility, communication: How to design usable security in e-Science", author = "I. Flechais and M. A. Sasse", year = "2009", issn = "1071-5819", journal = "International Journal of Human Computer Studies", number = "4", pages = "281-296", url = "http://www.sciencedirect.com/science/article/B6WGR-4PV94FB-2/2/81f2861921dabe354e4c684f6202429d", volume = "67", doi = "10.1016/j.ijhcs.2007.10.002", } @inproceedings{LyleSecureCom09, title = "On the Feasibility of Remote Attestation for Web Services", author = "John Lyle and Andrew Martin", year = "2009", booktitle = "SecureCom09: Proceedings of the International Symposium on Secure Computing", isbn = "978-0-7695-3823-5", pages = "283-288", publisher = "IEEE", url = "http://doi.ieeecomputersociety.org/10.1109/CSE.2009.213", } @inproceedings{DBLP:conf/trust/HuhL09, title = "Trustworthy Log Reconciliation for Distributed Virtual Organisations", author = "Jun Ho Huh and John Lyle", year = "2009", address = "Berlin, Heidelberg", booktitle = "Trust '09: Proceedings of the 2nd International Conference on Trusted Computing", editor = "Liqun Chen and Chris J. Mitchell and Andrew Martin", isbn = "978-3-642-00586-2", location = "Oxford, UK", month = "April", pages = "169-182", publisher = "Springer-Verlag", series = "Lecture Notes in Computer Science", doi = "10.1007/978-3-642-00587-9_11", } @inproceedings{DBLP:conf/trust/Lyle09, title = "Trustable Remote Verification of Web Services", author = "John Lyle", year = "2009", booktitle = "TRUST", editor = "Liqun Chen and Chris J. Mitchell and Andrew Martin", isbn = "978-3-642-00586-2", location = "Oxford, UK", month = "April", pages = "153-168", publisher = "Springer", series = "Lecture Notes in Computer Science", url = "http://dx.doi.org/10.1007/978-3-642-00587-9_10", } @inproceedings{failydocsym09, title = "Context-Sensitive Requirements and Risk Analysis", author = "Shamal Faily", year = "2009", booktitle = "Requirements Engineering Doctoral Symposium", } @inproceedings{faily091, title = "Context-Sensitive Requirements and Risk Management with IRIS", author = "Shamal Faily and Ivan Flechais", year = "2009", booktitle = "International Requirements Engineering, 2009. RE'09. 17th IEEE", month = "Aug", organization = "IEEE", doi = "10.1109/RE.2009.54", } @article{Power_et_al_2008, title = "On formalising and normalising role-based access control systems", author = "D. J. Power, M. A. Slaymaker, and A. C. Simpson", year = "2009", journal = "The Computer Journal", number = "3", pages = "305-325", volume = "52", doi = "doi:10.1093/comjnl/bxn016", } @inproceedings{failyahm08, title = "Making the invisible visible: a theory of security culture for secure and usable grids", author = "Shamal Faily and Ivan Flechais", year = "2008", booktitle = "UK e-Science All Hands Conference 2008, Edinburgh, UK (Oral Presentation)", } @techreport{RR-08-11, title = "The Ten Page Introduction to Trusted Computing", author = "Andrew Martin", year = "2008", institution = "OUCL", month = "December", number = "RR-08-11", } @inproceedings{Slaymaker_et_al_2008, title = "On the facilitation of fine-grained access to distributed healthcare data", author = "M. A. Slaymaker, D. J. Power, D. Russell and A. C. Simpson", year = "2008", booktitle = "Proceedings of Secure Data Management 2008", } @inproceedings{APM:ac:grid, title = "Towards a Secure, Tamper-Proof Grid Platform.", author = "Andrew Cooper and Andrew Martin", year = "2006", booktitle = "Sixth IEEE International Symposium on Cluster Computing and the Grid (CCGrid 2006), 16-19 May 2006, Singapore", isbn = "0-7695-2585-7", pages = "373-380", publisher = "IEEE Computer Society", } @article{Power_et_al_2006, title = "Securing web services for deployment in health grids", author = "D. J. Power and E. A. Politou and M. A. Slaymaker and A. C. Simpson", year = "2006", journal = "Future Generation Computer Systems", number = "5", pages = "547--570", volume = "22", } @article{Loughry2002a, title = "Information Leakage from Optical Emanations", author = "Joe Loughry and David A. Umphress", year = "2002", journal = "ACM Transactions on Information and Systems Security", month = "August", number = "3", pages = "262--289", volume = "5", }