Shamal Faily : Publications

Developing secure‚ unified multi−device and multi−domain platforms: A case study from the webinos project

Andrea Atzeni‚ John Lyle and Shamal Faily

In Architectures and Protocols for Secure Information Technology. IGI Global. 2013.

To Appear

Details about Developing secure‚ unified multi−device and multi−domain platforms: A case study from the webinos project | BibTeX data for Developing secure‚ unified multi−device and multi−domain platforms: A case study from the webinos project

Policies in Context: Factors Influencing the Elicitation and Categorisation of Context−Sensitive Security Policies

Shamal Faily‚ John Lyle‚ Ivan Flechais‚ Andrea Atzeni‚ Cesare Cameroni‚ Hans Myrhaug‚ Ayse Goker and Robert Kleinfeld

In Proceedings of the Workshop on Home Usable Privacy and Security. 2013.

Details about Policies in Context: Factors Influencing the Elicitation and Categorisation of Context−Sensitive Security Policies | BibTeX data for Policies in Context: Factors Influencing the Elicitation and Categorisation of Context−Sensitive Security Policies

Security Patterns Considered Harmful?

Shamal Faily

In Proceedings of The Second International Workshop on Cyberpatterns: Unifying Design Patterns with Security‚ Attack and Forensic Patterns. 2013.

To Appear

Details about Security Patterns Considered Harmful? | BibTeX data for Security Patterns Considered Harmful?

Guidelines for Integrating Personas into Software Engineering Tools

Shamal Faily and John Lyle

In Proceedings of the 5th ACM SIGCHI symposium on Engineering interactive computing systems. Pages 69–74. 2013.

Details about Guidelines for Integrating Personas into Software Engineering Tools | BibTeX data for Guidelines for Integrating Personas into Software Engineering Tools

Formal Evaluation of Persona Trustworthiness with EUSTACE (Extended Abstract)

Shamal Faily‚ David Power‚ Philip Armstrong and Ivan Flechais

In Trust and Trustworthy Computing‚ 6th International Conference‚ TRUST 2013. 2013.

To Appear

Details about Formal Evaluation of Persona Trustworthiness with EUSTACE (Extended Abstract) | BibTeX data for Formal Evaluation of Persona Trustworthiness with EUSTACE (Extended Abstract)

Designing Interactive Secure Systems: CHI 2013 Special Interest Group

Shamal Faily‚ Lizzie Coles−Kemp‚ Paul Dunphy‚ Mike Just‚ Yoko Akama and Alexander De Luca

In CHI '13 Extended Abstracts on Human Factors in Computing Systems. ACM. 2013.

To Appear

Details about Designing Interactive Secure Systems: CHI 2013 Special Interest Group | BibTeX data for Designing Interactive Secure Systems: CHI 2013 Special Interest Group | Download  (pdf) of Designing Interactive Secure Systems: CHI 2013 Special Interest Group

Extending the web to support personal network services

John Lyle‚ Shamal Faily‚ Claes Nilsson and Anders Isberg

In (To appear) In the Proceedings of the 28th ACM Symposium On Applied Computing (SAC '13). 2013.

Details about Extending the web to support personal network services | BibTeX data for Extending the web to support personal network services | Download  (pdf) of Extending the web to support personal network services

Model−driven architectural risk analysis using architectural and contextualised attack patterns

Shamal Faily‚ John Lyle‚ Cornelius Namiluko‚ Andrea Atzeni and Cesare Cameroni

In Proceedings of the Workshop on Model−Driven Security. Pages 3:1–3:6. ACM. 2012.

Details about Model−driven architectural risk analysis using architectural and contextualised attack patterns | BibTeX data for Model−driven architectural risk analysis using architectural and contextualised attack patterns | Download  (pdf) of Model−driven architectural risk analysis using architectural and contextualised attack patterns

Requirements Sensemaking using Concept Maps

Shamal Faily‚ John Lyle‚ Andre Paul‚ Andrea Atzeni‚ Dieter Blomme‚ Heiko Desruelle and Krishna Bangalore

In HCSE'2012: Proceedings of the 4th International Conference on Human−Centered Software Engineering. Pages 217–232. Springer. 2012.

Details about Requirements Sensemaking using Concept Maps | BibTeX data for Requirements Sensemaking using Concept Maps | Download  (pdf) of Requirements Sensemaking using Concept Maps

Software for Interactive Secure Systems Design: Lessons Learned Developing and Applying CAIRIS

Shamal Faily and Ivan Flechais

In Proceedings of BCS HCI 2012 Workshops: Designing Interactive Secure Systems. Pages 3:1–3:4. 2012.

Details about Software for Interactive Secure Systems Design: Lessons Learned Developing and Applying CAIRIS | BibTeX data for Software for Interactive Secure Systems Design: Lessons Learned Developing and Applying CAIRIS | Download  (pdf) of Software for Interactive Secure Systems Design: Lessons Learned Developing and Applying CAIRIS

Secure System? Challenge Accepted: Finding and Resolving Security Failures Using Security Premortems

Shamal Faily‚ John Lyle and Simon Parkin

In Proceedings of BCS HCI 2012 Workshops: Designing Interactive Secure Systems. Pages 5:1–5:4. 2012.

Details about Secure System? Challenge Accepted: Finding and Resolving Security Failures Using Security Premortems | BibTeX data for Secure System? Challenge Accepted: Finding and Resolving Security Failures Using Security Premortems | Download  (pdf) of Secure System? Challenge Accepted: Finding and Resolving Security Failures Using Security Premortems

Personal PKI for the smart device era

John Lyle‚ Andrew Paverd‚ Justin King−Lacroix‚ Andrea Atzeni‚ Habib Virji‚ Ivan Flechais and Shamal Faily

In 9th European PKI Workshop: Research and Applications. 2012.

Details about Personal PKI for the smart device era | BibTeX data for Personal PKI for the smart device era | Download  (pdf) of Personal PKI for the smart device era

On the design and development of webinos: a distributed mobile application middleware

John Lyle‚ Shamal Faily‚ Ivan Flechais‚ Andre Paul‚ Ayse Goker‚ Hans Myrhaug‚ Heiko Desruelle and Andrew Martin

In Proceedings of the 12th IFIP WG 6.1 international conference on Distributed applications and interoperable systems. Pages 140–147. 2012.

Details about On the design and development of webinos: a distributed mobile application middleware | BibTeX data for On the design and development of webinos: a distributed mobile application middleware | Download  (pdf) of On the design and development of webinos: a distributed mobile application middleware

Cross−platform access control for mobile web applications

John Lyle‚ Salvatore Monteleone‚ Shamal Faily‚ Davide Patti and Fabio Ricciato

In Policies for Distributed Systems and Networks (POLICY)‚ 2012 IEEE International Symposium on. Pages 37–44. 2012.

Details about Cross−platform access control for mobile web applications | BibTeX data for Cross−platform access control for mobile web applications | Download  (pdf) of Cross−platform access control for mobile web applications

The webinos project

Christian Fuhrhop‚ John Lyle and Shamal Faily

In Proceedings of the 21st international conference companion on World Wide Web. Pages 259–262. ACM. 2012.

Details about The webinos project | BibTeX data for The webinos project | Download  (pdf) of The webinos project

Analysing Chindogu: Applying Defamiliarisation to Security Design

Shamal Faily

In CHI 2012 Workshop on Defamiliarisation in Innovation and Usability. 2012.

Details about Analysing Chindogu: Applying Defamiliarisation to Security Design | BibTeX data for Analysing Chindogu: Applying Defamiliarisation to Security Design | Download  (pdf) of Analysing Chindogu: Applying Defamiliarisation to Security Design

Tool−support Premortems with Attack and Security Patterns

Shamal Faily‚ John Lyle and Simon Parkin

In First International Workshop on Cyberpatterns: Unifying Design Patterns with Security‚ Attack and Forensic Patterns. Pages 10–11. 2012.

Details about Tool−support Premortems with Attack and Security Patterns | BibTeX data for Tool−support Premortems with Attack and Security Patterns

“Do we know each other or is it just our Devices?”: A Federated Context Model for Describing Social Activity Across Devices

George Gionis‚ Heiko Desruelle‚ Dieter Blomme‚ John Lyle‚ Shamal Faily and Louay Bassbouss

In W3C/PrimeLife Federated Social Web Europe Conference 2011. June, 2011.

Details about “Do we know each other or is it just our Devices?”: A Federated Context Model for Describing Social Activity Across Devices | BibTeX data for “Do we know each other or is it just our Devices?”: A Federated Context Model for Describing Social Activity Across Devices | Download (pdf) of “Do we know each other or is it just our Devices?”: A Federated Context Model for Describing Social Activity Across Devices

Eliciting Policy Requirements for Critical National Infrastructure using the IRIS Framework

Shamal Faily and Ivan Flechais

In International Journal of Secure Software Engineering. Vol. 2. No. 4. Pages 1–18. 2011.

Details about Eliciting Policy Requirements for Critical National Infrastructure using the IRIS Framework | BibTeX data for Eliciting Policy Requirements for Critical National Infrastructure using the IRIS Framework

Bridging User−Centered Design and Requirements Engineering with GRL and Persona Cases

Shamal Faily

In Proceedings of the 5th International i* Workshop. Pages 114–119. 2011.

Details about Bridging User−Centered Design and Requirements Engineering with GRL and Persona Cases | BibTeX data for Bridging User−Centered Design and Requirements Engineering with GRL and Persona Cases | Download  (pdf) of Bridging User−Centered Design and Requirements Engineering with GRL and Persona Cases

Eliciting Usable Security Requirements with Misusability Cases

Shamal Faily and Ivan Flechais

In Proceedings of the 19th IEEE International Requirements Engineering Conference. Pages 339–340. IEEE Computer Society. 2011.

Pre−print available at http://www.cs.ox.ac.uk/files/4125/PID1921187.pdf

Details about Eliciting Usable Security Requirements with Misusability Cases | BibTeX data for Eliciting Usable Security Requirements with Misusability Cases | Download  (pdf) of Eliciting Usable Security Requirements with Misusability Cases | DOI (10.1109/RE.2011.6051665)

Here's Johnny: a Methodology for Developing Attacker Personas

Andrea Atzeni‚ Shamal Faily‚ John Lyle‚ Cesare Cameroni and Ivan Flechais

In Proceedings of the 6th International Conference on Availability‚ Reliability and Security. Pages 722–727. 2011.

Details about Here's Johnny: a Methodology for Developing Attacker Personas | BibTeX data for Here's Johnny: a Methodology for Developing Attacker Personas | Download  (pdf) of Here's Johnny: a Methodology for Developing Attacker Personas

User−Centered Information Security Policy Development in a Post−Stuxnet World

Shamal Faily and Ivan Flechais

In Proceedings of the 6th International Conference on Availability‚ Reliability and Security. Pages 716–721. 2011.

Details about User−Centered Information Security Policy Development in a Post−Stuxnet World | BibTeX data for User−Centered Information Security Policy Development in a Post−Stuxnet World | Download  (pdf) of User−Centered Information Security Policy Development in a Post−Stuxnet World

Security goes to ground: on the applicability of Security Entrepreneurship to Grassroot Activism

Shamal Faily

In CHI Workshop on HCI‚ Politics and the City: Engaging with Urban Grassroots Movements for Reflection and Action. 2011.

Details about Security goes to ground: on the applicability of Security Entrepreneurship to Grassroot Activism | BibTeX data for Security goes to ground: on the applicability of Security Entrepreneurship to Grassroot Activism

Two Requirements for Usable and Secure Software Engineering

Shamal Faily

In 1st Software and Usable Security Aligned for Good Engineering (SAUSAGE) Workshop. 2011.

Details about Two Requirements for Usable and Secure Software Engineering | BibTeX data for Two Requirements for Usable and Secure Software Engineering | Download  (pdf) of Two Requirements for Usable and Secure Software Engineering

Persona Cases: A Technique for grounding Personas

Shamal Faily and Ivan Flechais

In CHI '11: Proceedings of the 29th International conference on Human factors in computing systems. Pages 2267−2270. Vancouver‚ BC‚ Canada. 2011. ACM.

Details about Persona Cases: A Technique for grounding Personas | BibTeX data for Persona Cases: A Technique for grounding Personas

A framework for usable and secure system design

Shamal Faily

PhD Thesis University of Oxford. 2011.

Details about A framework for usable and secure system design | BibTeX data for A framework for usable and secure system design | Download  (pdf) of A framework for usable and secure system design

A Meta−Model for Usable Secure Requirements Engineering

Shamal Faily and Ivan Flechais

In Software Engineering for Secure Systems‚ 2010. SESS '10. ICSE Workshop on. Pages 29–35. May, 2010.

Details about A Meta−Model for Usable Secure Requirements Engineering | BibTeX data for A Meta−Model for Usable Secure Requirements Engineering | Download  (pdf) of A Meta−Model for Usable Secure Requirements Engineering | DOI (10.1145/1809100.1809105)

Improving Secure Systems Design with Security Culture

Shamal Faily and Ivan Flechais

In Poster at: Human Factors in Information Security. February, 2010.

Details about Improving Secure Systems Design with Security Culture | BibTeX data for Improving Secure Systems Design with Security Culture | Download  (pdf) of Improving Secure Systems Design with Security Culture

Analysing and Visualising Security and Usability in IRIS

Shamal Faily and Ivan Flechais

In Availability‚ Reliability and Security‚ 2010. ARES 10. Fifth International Conference on. February, 2010.

Details about Analysing and Visualising Security and Usability in IRIS | BibTeX data for Analysing and Visualising Security and Usability in IRIS | Download  (pdf) of Analysing and Visualising Security and Usability in IRIS | DOI (10.1109/ARES.2010.28)

Designing and Aligning e−Science Security Culture with Design

Shamal Faily and Ivan Flechais

In Information Management & Computer Security. Vol. 18. No. 5. 2010.

Details about Designing and Aligning e−Science Security Culture with Design | BibTeX data for Designing and Aligning e−Science Security Culture with Design

Towards tool−support for Usable Secure Requirements Engineering with CAIRIS

Shamal Faily and Ivan Flechais

In International Journal of Secure Software Engineering. Vol. 1. No. 3. Pages 56–70. 2010.

Details about Towards tool−support for Usable Secure Requirements Engineering with CAIRIS | BibTeX data for Towards tool−support for Usable Secure Requirements Engineering with CAIRIS | DOI (10.4018/ijsse.2010070104)

Security through Usability: a user−centered approach for balanced security policy requirements

Shamal Faily and Ivan Flechais

In Poster at: Annual Computer Security Applications Conference. 2010.

Details about Security through Usability: a user−centered approach for balanced security policy requirements | BibTeX data for Security through Usability: a user−centered approach for balanced security policy requirements | Download  (pdf) of Security through Usability: a user−centered approach for balanced security policy requirements

Security and Usability: Searching for the philosopher's stone

Ivan Flechais and Shamal Faily

In Workshop on the development of EuroSOUPS (European Symposium on Usable Privacy and Security). 2010.

Details about Security and Usability: Searching for the philosopher's stone | BibTeX data for Security and Usability: Searching for the philosopher's stone | Download  (pdf) of Security and Usability: Searching for the philosopher's stone

The Secret Lives of Assumptions: Developing and Refining Assumption Personas for Secure System Design

Shamal Faily and Ivan Flechais

In HCSE'2010: Proceedings of the 3rd Conference on Human−Centered Software Engineering. Pages 111–118. Springer. 2010.

Details about The Secret Lives of Assumptions: Developing and Refining Assumption Personas for Secure System Design | BibTeX data for The Secret Lives of Assumptions: Developing and Refining Assumption Personas for Secure System Design | Download  (pdf) of The Secret Lives of Assumptions: Developing and Refining Assumption Personas for Secure System Design

To boldly go where invention isn't secure: applying Security Entrepreneurship to secure systems design

Shamal Faily and Ivan Flechais

In NSPW '10: Proceedings of the 2010 New Security Paradigms Workshop. Pages 73–84. New York‚ NY‚ USA. 2010. ACM.

Details about To boldly go where invention isn't secure: applying Security Entrepreneurship to secure systems design | BibTeX data for To boldly go where invention isn't secure: applying Security Entrepreneurship to secure systems design | Download  (pdf) of To boldly go where invention isn't secure: applying Security Entrepreneurship to secure systems design

Barry is not the weakest link: Eliciting Secure System Requirements with Personas

Shamal Faily and Ivan Flechais

In Proceedings of the 24th British HCI Group Annual Conference on People and Computers: Play is a Serious Business. Pages 113–120. British Computer Society. 2010.

Details about Barry is not the weakest link: Eliciting Secure System Requirements with Personas | BibTeX data for Barry is not the weakest link: Eliciting Secure System Requirements with Personas | Download  (pdf) of Barry is not the weakest link: Eliciting Secure System Requirements with Personas

A Model of Security Culture for e−Science

Shamal Faily and Ivan Flechais

In Nathan Clarke‚ Steven Furnell and Rossouw von Solms, editors, Proceedings of the South African Information Security Multi−Conference (SAISMC 2010). Pages 154–164. University of Plymouth. 2010.

Details about A Model of Security Culture for e−Science | BibTeX data for A Model of Security Culture for e−Science | Download  (pdf) of A Model of Security Culture for e−Science

Context−Sensitive Requirements and Risk Management with IRIS

Shamal Faily and Ivan Flechais

In International Requirements Engineering‚ 2009. RE'09. 17th IEEE. IEEE. August, 2009.

Details about Context−Sensitive Requirements and Risk Management with IRIS | BibTeX data for Context−Sensitive Requirements and Risk Management with IRIS | Download  (pdf) of Context−Sensitive Requirements and Risk Management with IRIS | DOI (10.1109/RE.2009.54)

Context−Sensitive Requirements and Risk Analysis

Shamal Faily

In Requirements Engineering Doctoral Symposium. 2009.

Details about Context−Sensitive Requirements and Risk Analysis | BibTeX data for Context−Sensitive Requirements and Risk Analysis | Download  (pdf) of Context−Sensitive Requirements and Risk Analysis

Context Matters: designing security for contexts of use

Shamal Faily

2009.

Details about Context Matters: designing security for contexts of use | BibTeX data for Context Matters: designing security for contexts of use | Download  (pdf) of Context Matters: designing security for contexts of use

Towards Requirements Engineering Practice for Professional End User Developers: A Case Study

Shamal Faily

In Requirements Engineering Education and Training‚ 2008. REET '08. Pages 38−44. IEEE. September, 2008.

Details about Towards Requirements Engineering Practice for Professional End User Developers: A Case Study | BibTeX data for Towards Requirements Engineering Practice for Professional End User Developers: A Case Study | Download of Towards Requirements Engineering Practice for Professional End User Developers: A Case Study | DOI (10.1109/REET.2008.8)

PROCEEDINGS OF THE OXFORD UNIVERSITY COMPUTING LABORATORY STUDENT CONFERENCE 2008

Programme Co−Chairs: Shamal Faily‚ Stanislav Živný Conference Co−Chairs: Christo Fogelberg‚ Andras Salamon and Max Schafer

No. RR−08−10. OUCL. October, 2008.

Details about PROCEEDINGS OF THE OXFORD UNIVERSITY COMPUTING LABORATORY STUDENT CONFERENCE 2008 | BibTeX data for PROCEEDINGS OF THE OXFORD UNIVERSITY COMPUTING LABORATORY STUDENT CONFERENCE 2008 | Download  (pdf) of PROCEEDINGS OF THE OXFORD UNIVERSITY COMPUTING LABORATORY STUDENT CONFERENCE 2008

Making the invisible visible: a theory of security culture for secure and usable grids

Shamal Faily and Ivan Flechais

In UK e−Science All Hands Conference 2008‚ Edinburgh‚ UK (Oral Presentation). 2008.

Details about Making the invisible visible: a theory of security culture for secure and usable grids | BibTeX data for Making the invisible visible: a theory of security culture for secure and usable grids | Download  (pdf) of Making the invisible visible: a theory of security culture for secure and usable grids

Living with Flight Dynamics : Proposals and Possible Pitfalls for Harmonising Flight Dynamics Systems with EGOS

Shamal Faily

In European Ground System Architecture Workshop (ESAW) 2007‚ ESOC‚ Darmstadt‚ Germany (Oral Presentation). 2007.

Details about Living with Flight Dynamics : Proposals and Possible Pitfalls for Harmonising Flight Dynamics Systems with EGOS | BibTeX data for Living with Flight Dynamics : Proposals and Possible Pitfalls for Harmonising Flight Dynamics Systems with EGOS | Download  (pdf) of Living with Flight Dynamics : Proposals and Possible Pitfalls for Harmonising Flight Dynamics Systems with EGOS