Systems Security Trusted Computing: Publications
Click here to download all publications in a single bibtex file
@inproceedings{lyfadais12,
title = "On the design and development of webinos: a distributed mobile application middleware",
author = "John Lyle and Shamal Faily and Ivan Flechais and Andre Paul and Ayse Goker and Hans Myrhaug and Heiko Desruelle and Andrew Martin",
year = "2012",
booktitle = "Proceedings of the 12th IFIP WG 6.1 international conference on Distributed applications and interoperable systems",
note = "To appear",
series = "DAIS' 12",
}
@inproceedings{lymo12,
title = "Cross-plaform access control for mobile web applications",
author = "John Lyle and Salvatore Monteleone and Shamal Faily and Davide Patti and Fabio Ricciato",
year = "2012",
booktitle = "Policies for Distributed Systems and Networks (POLICY), 2012 IEEE International Symposium on",
note = "To appear",
}
@inproceedings{lyfa12,
title = "The webinos project",
author = "Christian Fuhrhop and John Lyle and Shamal Faily",
year = "2012",
booktitle = "Poster at: 21st International World Wide Web Conference",
location = "Lyon, France",
publisher = "ACM",
series = "WWW '12",
}
@inproceedings{failydefam2012,
title = "Analysing Chindogu: Applying Defamiliarisation to Security Design",
author = "Shamal Faily",
year = "2012",
booktitle = "CHI 2012 Workshop on Defamiliarisation in Innovation and Usability",
}
@article{fafl12,
title = "Eliciting Policy Requirements for Critical National Infrastructure using the IRIS Framework",
author = "Shamal Faily and Ivan Flechais",
year = "2011",
journal = "International Journal of Secure Software Engineering",
number = "4",
organization = "IGI Global",
pages = "1--18",
volume = "2",
}
@inproceedings{failyistar11,
title = "Bridging User-Centered Design and Requirements Engineering with GRL and Persona Cases",
author = "Shamal Faily",
year = "2011",
booktitle = "Proceedings of the 5th International i* Workshop",
pages = "114--119",
}
@inproceedings{AbbadiLyle2011,
title = "Challenges for Provenance in Cloud Computing",
author = "Imad M. Abbadi and John Lyle",
year = "2011",
booktitle = "TaPP 2011: Proceedings of the Third USENIX Workshop on the Theory and Practice of Provenance",
publisher = "USENIX",
url = "http://www.usenix.org/event/tapp11/tech/final_files/Abbadi.pdf",
}
@inproceedings{faflre11,
title = "Eliciting Usable Security Requirements with Misusability Cases",
author = "Shamal Faily and Ivan Flechais",
year = "2011",
booktitle = "Proceedings of the 19th IEEE International Requirements Engineering Conference",
note = "Pre-print available at http://www.cs.ox.ac.uk/files/4125/PID1921187.pdf",
pages = "339--340",
publisher = "IEEE Computer Society",
doi = "10.1109/RE.2011.6051665",
}
@inproceedings{atfasecse2011,
title = "Here's Johnny: a Methodology for Developing Attacker Personas",
author = "Andrea Atzeni and Shamal Faily and John Lyle and Cesare Cameroni and Ivan Flechais",
year = "2011",
booktitle = "Proceedings of the 6th International Conference on Availability, Reliability and Security",
pages = "722--727",
}
@inproceedings{faflsecse2011,
title = "User-Centered Information Security Policy Development in a Post-Stuxnet World",
author = "Shamal Faily and Ivan Flechais",
year = "2011",
booktitle = "Proceedings of the 6th International Conference on Availability, Reliability and Security",
pages = "716--721",
}
@inproceedings{faflchiw11,
title = "Security goes to ground: on the applicability of Security Entrepreneurship to Grassroot Activism",
author = "Shamal Faily",
year = "2011",
booktitle = "CHI Workshop on HCI, Politics and the City: Engaging with Urban Grassroots Movements for Reflection and Action",
}
@inproceedings{failysausage2011,
title = "Two Requirements for Usable and Secure Software Engineering",
author = "Shamal Faily",
year = "2011",
booktitle = "1st Software and Usable Security Aligned for Good Engineering (SAUSAGE) Workshop",
location = "National Institute of Standards and Technology (NIST), Gaithersburg MD, USA",
}
@inproceedings{fafl1101,
title = "Persona Cases: A Technique for grounding Personas",
author = "Shamal Faily and Ivan Flechais",
year = "2011",
address = "Vancouver, BC, Canada",
booktitle = "CHI '11: Proceedings of the 29th International conference on Human factors in computing systems",
location = "Vancouver, BC, Canada",
pages = "2267-2270",
publisher = "ACM",
}
@phdthesis{failythesis,
title = "A framework for usable and secure system design",
author = "Shamal Faily",
year = "2011",
school = "University of Oxford",
}
@phdthesis{Lyle2011,
title = "Trustworthy Services Through Attestation",
author = "John Lyle",
year = "2011",
school = "Department of Computer Science, University of Oxford",
url = "http://www.cs.ox.ac.uk/people/John.Lyle/thesis-final-25-06-11.pdf",
}
@inproceedings{lyle-martin-trust2010,
title = "Engineering Attestable Services (short paper)",
author = "John Lyle and Andrew Martin",
year = "2010",
booktitle = "Proceedings of the 3rd International Conference on Trust and Trustworthy Computing",
editor = "Acquisti, Alessandro; Smith, Sean W.; Sadeghi, Ahmad-Reza",
location = "Berlin",
month = "June",
pages = "257--264",
publisher = "Springer",
series = "Lecture Notes in Computer Science",
url = "http://www.springerlink.com/content/4NG0010448040134",
doi = "10.1007/978-3-642-13869-0",
}
@inproceedings{fafl103,
title = "A Meta-Model for Usable Secure Requirements Engineering",
author = "Shamal Faily and Ivan Flechais",
year = "2010",
booktitle = "Software Engineering for Secure Systems, 2010. SESS '10. ICSE Workshop on",
month = "May",
pages = "29--35",
doi = "10.1145/1809100.1809105",
}
@inproceedings{fafl105,
title = "Improving Secure Systems Design with Security Culture",
author = "Shamal Faily and Ivan Flechais",
year = "2010",
booktitle = "Poster at: Human Factors in Information Security",
location = "London",
month = "Feb",
}
@inproceedings{fafl101,
title = "Analysing and Visualising Security and Usability in IRIS",
author = "Shamal Faily and Ivan Flechais",
year = "2010",
booktitle = "Availability, Reliability and Security, 2010. ARES 10. Fifth International Conference on",
month = "Feb",
doi = "10.1109/ARES.2010.28",
}
@article{Huh2010,
title = "Managing application whitelists in trusted distributed systems",
author = "Jun Ho Huh and John Lyle and Cornelius Namiluko and Andrew Martin",
year = "2010",
issn = "0167-739X",
journal = "Future Generation Computer Systems",
keywords = ""Configuration management", "Trusted computing","Trusted grid", "Virtual organisations", "Whitelisting"",
url = ""http://www.sciencedirect.com/science/article/B6V06-50XCXVD-2/2/6efb0eda0beeb1edcc156190e2f843e8",
volume = "In Press, Accepted Manuscript",
doi = "DOI: 10.1016/j.future.2010.08.014",
}
@article{failyimcs10,
title = "Designing and Aligning e-Science Security Culture with Design",
author = "Shamal Faily and Ivan Flechais",
year = "2010",
journal = "Information Management & Computer Security",
number = "5",
volume = "18",
}
@article{fafl106,
title = "Towards tool-support for Usable Secure Requirements Engineering with CAIRIS",
author = "Shamal Faily and Ivan Flechais",
year = "2010",
journal = "International Journal of Secure Software Engineering",
number = "3",
organization = "IGI Global",
pages = "56--70",
volume = "1",
doi = "10.4018/ijsse.2010070104",
}
@inproceedings{faflacsac2010,
title = "Security through Usability: a user-centered approach for balanced security policy requirements",
author = "Shamal Faily and Ivan Flechais",
year = "2010",
booktitle = "Poster at: Annual Computer Security Applications Conference",
location = "Austin TX, USA",
}
@inproceedings{flfa101,
title = "Security and Usability: Searching for the philosopher's stone",
author = "Ivan Flechais and Shamal Faily",
year = "2010",
booktitle = "Workshop on the development of EuroSOUPS (European Symposium on Usable Privacy and Security)",
location = "Northumbria University, Newcastle, UK",
}
@inproceedings{kainda2010,
title = "Security and Usability: Analysis and Evaluation",
author = "Ronald Kainda, Ivan Flechais, A. W. Roscoe",
year = "2010",
journal = "Availability, Reliability and Security, 2010. ARES 10. Fifth International Conference on",
}
@inproceedings{kainda2010c,
title = "Two Heads are Better Than One: Security and Usability of Device Associations in Group Scenarios",
author = "Ronald Kainda, Ivan Flechais, A. W. Roscoe",
year = "2010",
booktitle = "Proceedings of the 2010 Symposium on Usable Privacy and Security (SOUPS 2010)",
location = "Redmond, WA",
}
@inproceedings{Loughry2010a,
title = "Unsteady Ground: Certification to Unstable Criteria",
author = "Joe Loughry",
year = "2010",
address = "Nice, France",
booktitle = "Proceedings of the Second International Conference on Advances in System Testing and Validation Life Cycle",
month = "22--27 August",
}
@inproceedings{lyle-tapp10,
title = "Trusted Computing and Provenance: Better Together",
author = "John Lyle and Andrew Martin",
year = "2010",
booktitle = "Proceedings of the 2nd Workshop on the Theory and Practice of Provenance",
publisher = "Usenix",
url = "http://www.usenix.org/events/tapp10/tech/full_papers/lyle.pdf",
}
@inproceedings{fafl10haisa,
title = "A Model of Security Culture for e-Science",
author = "Shamal Faily and Ivan Flechais",
year = "2010",
booktitle = "Proceedings of the South African Information Security Multi-Conference (SAISMC 2010)",
editor = "Nathan Clarke and Steven Furnell and Rossouw von Solms",
location = "Port Elizabeth, South Africa",
pages = "154--164",
publisher = "University of Plymouth",
}
@inproceedings{faflnspw10,
title = "To boldly go where invention isn't secure: applying Security Entrepreneurship to secure systems design",
author = "Shamal Faily and Ivan Flechais",
year = "2010",
address = "New York, NY, USA",
booktitle = "NSPW '10: Proceedings of the 2010 New Security Paradigms Workshop",
location = "Concord, Massachusetts, USA",
pages = "73--84",
publisher = "ACM",
}
@inproceedings{faflhcse,
title = "The Secret Lives of Assumptions: Developing and Refining Assumption Personas for Secure System Design",
author = "Shamal Faily and Ivan Flechais",
year = "2010",
booktitle = "HCSE'2010: Proceedings of the 3rd Conference on Human-Centered Software Engineering",
pages = "111--118",
publisher = "Springer",
}
@inproceedings{fafl106,
title = "Barry is not the weakest link: Eliciting Secure System Requirements with Personas",
author = "Shamal Faily and Ivan Flechais",
year = "2010",
booktitle = "Proceedings of the 24th British HCI Group Annual Conference on People and Computers: Play is a Serious Business",
pages = "113--120",
publisher = "British Computer Society",
series = "BCS-HCI '10",
}
@inproceedings{faily091,
title = "Context-Sensitive Requirements and Risk Management with IRIS",
author = "Shamal Faily and Ivan Flechais",
year = "2009",
booktitle = "International Requirements Engineering, 2009. RE'09. 17th IEEE",
month = "Aug",
organization = "IEEE",
doi = "10.1109/RE.2009.54",
}
@inproceedings{DBLP:conf/trust/HuhL09,
title = "Trustworthy Log Reconciliation for Distributed Virtual Organisations",
author = "Jun Ho Huh and John Lyle",
year = "2009",
address = "Berlin, Heidelberg",
booktitle = "Trust '09: Proceedings of the 2nd International Conference on Trusted Computing",
editor = "Liqun Chen and Chris J. Mitchell and Andrew Martin",
isbn = "978-3-642-00586-2",
location = "Oxford, UK",
month = "April",
pages = "169-182",
publisher = "Springer-Verlag",
series = "Lecture Notes in Computer Science",
doi = "10.1007/978-3-642-00587-9_11",
}
@inproceedings{DBLP:conf/trust/Lyle09,
title = "Trustable Remote Verification of Web Services",
author = "John Lyle",
year = "2009",
booktitle = "TRUST",
editor = "Liqun Chen and Chris J. Mitchell and Andrew Martin",
isbn = "978-3-642-00586-2",
location = "Oxford, UK",
month = "April",
pages = "153-168",
publisher = "Springer",
series = "Lecture Notes in Computer Science",
url = "http://dx.doi.org/10.1007/978-3-642-00587-9_10",
}
@article{Power_et_al_2008,
title = "On formalising and normalising role-based access control systems",
author = "D. J. Power, M. A. Slaymaker, and A. C. Simpson",
year = "2009",
journal = "The Computer Journal",
number = "3",
pages = "305-325",
volume = "52",
doi = "doi:10.1093/comjnl/bxn016",
}
@inproceedings{kainda2009,
title = "Usability and Security of Out-Of-Band Channels in Secure Device Pairing Protocols",
author = "Ronald Kainda, Ivan Flechais, A. W. Roscoe",
year = "2009",
booktitle = "SOUPS '09: Proceedings of the 5th Symposium on Usable Privacy and Security",
location = "Mountain View, CA",
}
@inproceedings{Flechais*2007:Stakeholder,
title = "Stakeholder involvement, motivation, responsibility, communication: How to design usable security in e-Science",
author = "I. Flechais and M. A. Sasse",
year = "2009",
issn = "1071-5819",
journal = "International Journal of Human Computer Studies",
number = "4",
pages = "281-296",
url = "http://www.sciencedirect.com/science/article/B6WGR-4PV94FB-2/2/81f2861921dabe354e4c684f6202429d",
volume = "67",
doi = "10.1016/j.ijhcs.2007.10.002",
}
@inproceedings{LyleSecureCom09,
title = "On the Feasibility of Remote Attestation for Web Services",
author = "John Lyle and Andrew Martin",
year = "2009",
booktitle = "SecureCom09: Proceedings of the International Symposium on Secure Computing",
isbn = "978-0-7695-3823-5",
pages = "283-288",
publisher = "IEEE",
url = "http://doi.ieeecomputersociety.org/10.1109/CSE.2009.213",
}
@inproceedings{failydocsym09,
title = "Context-Sensitive Requirements and Risk Analysis",
author = "Shamal Faily",
year = "2009",
booktitle = "Requirements Engineering Doctoral Symposium",
}
@techreport{RR-08-11,
title = "The Ten Page Introduction to Trusted Computing",
author = "Andrew Martin",
year = "2008",
institution = "OUCL",
month = "December",
number = "RR-08-11",
}
@inproceedings{failyahm08,
title = "Making the invisible visible: a theory of security culture for secure and usable grids",
author = "Shamal Faily and Ivan Flechais",
year = "2008",
booktitle = "UK e-Science All Hands Conference 2008, Edinburgh, UK (Oral Presentation)",
}
@inproceedings{Slaymaker_et_al_2008,
title = "On the facilitation of fine-grained access to distributed healthcare data",
author = "M. A. Slaymaker, D. J. Power, D. Russell and A. C. Simpson",
year = "2008",
booktitle = "Proceedings of Secure Data Management 2008",
}
@article{Power_et_al_2006,
title = "Securing web services for deployment in health grids",
author = "D. J. Power and E. A. Politou and M. A. Slaymaker and A. C. Simpson",
year = "2006",
journal = "Future Generation Computer Systems",
number = "5",
pages = "547--570",
volume = "22",
}
@inproceedings{APM:ac:grid,
title = "Towards a Secure, Tamper-Proof Grid Platform.",
author = "Andrew Cooper and Andrew Martin",
year = "2006",
booktitle = "Sixth IEEE International Symposium on Cluster Computing and the Grid (CCGrid 2006), 16-19 May 2006, Singapore",
isbn = "0-7695-2585-7",
pages = "373-380",
publisher = "IEEE Computer Society",
}
@article{Loughry2002a,
title = "Information Leakage from Optical Emanations",
author = "Joe Loughry and David A. Umphress",
year = "2002",
journal = "ACM Transactions on Information and Systems Security",
month = "August",
number = "3",
pages = "262--289",
volume = "5",
}