University of Oxford Logo University of OxfordDepartment of Computer Science - Home

Shamal Faily : Publications

By dateBy titleBy typeBibtex

[1]

Developing secure‚ unified multi−device and multi−domain platforms: A case study from the webinos project

Andrea Atzeni‚ John Lyle and Shamal Faily

In Architectures and Protocols for Secure Information Technology. IGI Global. 2013.

To Appear

[2]

Guidelines for Integrating Personas into Software Engineering Tools

Shamal Faily and John Lyle

In Proceedings of the 5th ACM SIGCHI symposium on Engineering interactive computing systems. 2013.

To Appear

[3]

Formal Evaluation of Persona Trustworthiness with EUSTACE (Extended Abstract)

Shamal Faily‚ David Power‚ Philip Armstrong and Ivan Flechais

In Trust and Trustworthy Computing‚ 6th International Conference‚ TRUST 2013. 2013.

To Appear

[4]

Designing Interactive Secure Systems: CHI 2013 Special Interest Group

Shamal Faily‚ Lizzie Coles−Kemp‚ Paul Dunphy‚ Mike Just‚ Yoko Akama and Alexander De Luca

In CHI '13 Extended Abstracts on Human Factors in Computing Systems. ACM. 2013.

To Appear

[5]

Extending the web to support personal network services

John Lyle‚ Shamal Faily‚ Claes Nilsson and Anders Isberg

In (To appear) In the Proceedings of the 28th ACM Symposium On Applied Computing (SAC '13). 2013.

[6]

Model−driven architectural risk analysis using architectural and contextualised attack patterns

Shamal Faily‚ John Lyle‚ Cornelius Namiluko‚ Andrea Atzeni and Cesare Cameroni

In Proceedings of the Workshop on Model−Driven Security. Pages 3:1–3:6. ACM. 2012.

[7]

Requirements Sensemaking using Concept Maps

Shamal Faily‚ John Lyle‚ Andre Paul‚ Andrea Atzeni‚ Dieter Blomme‚ Heiko Desruelle and Krishna Bangalore

In HCSE'2012: Proceedings of the 4th International Conference on Human−Centered Software Engineering. Pages 217–232. Springer. 2012.

[8]

Software for Interactive Secure Systems Design: Lessons Learned Developing and Applying CAIRIS

Shamal Faily and Ivan Flechais

In Proceedings of BCS HCI 2012 Workshops: Designing Interactive Secure Systems. Pages 3:1–3:4. 2012.

[9]

Secure System? Challenge Accepted: Finding and Resolving Security Failures Using Security Premortems

Shamal Faily‚ John Lyle and Simon Parkin

In Proceedings of BCS HCI 2012 Workshops: Designing Interactive Secure Systems. Pages 5:1–5:4. 2012.

[10]

Personal PKI for the smart device era

John Lyle‚ Andrew Paverd‚ Justin King−Lacroix‚ Andrea Atzeni‚ Habib Virji‚ Ivan Flechais and Shamal Faily

In 9th European PKI Workshop: Research and Applications. 2012.

[11]

On the design and development of webinos: a distributed mobile application middleware

John Lyle‚ Shamal Faily‚ Ivan Flechais‚ Andre Paul‚ Ayse Goker‚ Hans Myrhaug‚ Heiko Desruelle and Andrew Martin

In Proceedings of the 12th IFIP WG 6.1 international conference on Distributed applications and interoperable systems. Pages 140–147. 2012.

[12]

Cross−platform access control for mobile web applications

John Lyle‚ Salvatore Monteleone‚ Shamal Faily‚ Davide Patti and Fabio Ricciato

In Policies for Distributed Systems and Networks (POLICY)‚ 2012 IEEE International Symposium on. Pages 37–44. 2012.

[13]

The webinos project

Christian Fuhrhop‚ John Lyle and Shamal Faily

In Proceedings of the 21st international conference companion on World Wide Web. Pages 259–262. ACM. 2012.

[14]

Analysing Chindogu: Applying Defamiliarisation to Security Design

Shamal Faily

In CHI 2012 Workshop on Defamiliarisation in Innovation and Usability. 2012.

[15]

Tool−support Premortems with Attack and Security Patterns

Shamal Faily‚ John Lyle and Simon Parkin

In First International Workshop on Cyberpatterns: Unifying Design Patterns with Security‚ Attack and Forensic Patterns. Pages 10–11. 2012.

[16]

“Do we know each other or is it just our Devices?”: A Federated Context Model for Describing Social Activity Across Devices

George Gionis‚ Heiko Desruelle‚ Dieter Blomme‚ John Lyle‚ Shamal Faily and Louay Bassbouss

In W3C/PrimeLife Federated Social Web Europe Conference 2011. June, 2011.

[17]

Eliciting Policy Requirements for Critical National Infrastructure using the IRIS Framework

Shamal Faily and Ivan Flechais

In International Journal of Secure Software Engineering. Vol. 2. No. 4. Pages 1–18. 2011.

[18]

Bridging User−Centered Design and Requirements Engineering with GRL and Persona Cases

Shamal Faily

In Proceedings of the 5th International i* Workshop. Pages 114–119. 2011.

[19]

Eliciting Usable Security Requirements with Misusability Cases

Shamal Faily and Ivan Flechais

In Proceedings of the 19th IEEE International Requirements Engineering Conference. Pages 339–340. IEEE Computer Society. 2011.

Pre−print available at http://www.cs.ox.ac.uk/files/4125/PID1921187.pdf

[20]

Here's Johnny: a Methodology for Developing Attacker Personas

Andrea Atzeni‚ Shamal Faily‚ John Lyle‚ Cesare Cameroni and Ivan Flechais

In Proceedings of the 6th International Conference on Availability‚ Reliability and Security. Pages 722–727. 2011.

[21]

User−Centered Information Security Policy Development in a Post−Stuxnet World

Shamal Faily and Ivan Flechais

In Proceedings of the 6th International Conference on Availability‚ Reliability and Security. Pages 716–721. 2011.

[22]

Security goes to ground: on the applicability of Security Entrepreneurship to Grassroot Activism

Shamal Faily

In CHI Workshop on HCI‚ Politics and the City: Engaging with Urban Grassroots Movements for Reflection and Action. 2011.

[23]

Two Requirements for Usable and Secure Software Engineering

Shamal Faily

In 1st Software and Usable Security Aligned for Good Engineering (SAUSAGE) Workshop. 2011.

[24]

Persona Cases: A Technique for grounding Personas

Shamal Faily and Ivan Flechais

In CHI '11: Proceedings of the 29th International conference on Human factors in computing systems. Pages 2267−2270. Vancouver‚ BC‚ Canada. 2011. ACM.

[25]

A framework for usable and secure system design

Shamal Faily

PhD Thesis University of Oxford. 2011.

[26]

A Meta−Model for Usable Secure Requirements Engineering

Shamal Faily and Ivan Flechais

In Software Engineering for Secure Systems‚ 2010. SESS '10. ICSE Workshop on. Pages 29–35. May, 2010.

[27]

Improving Secure Systems Design with Security Culture

Shamal Faily and Ivan Flechais

In Poster at: Human Factors in Information Security. February, 2010.

[28]

Analysing and Visualising Security and Usability in IRIS

Shamal Faily and Ivan Flechais

In Availability‚ Reliability and Security‚ 2010. ARES 10. Fifth International Conference on. February, 2010.

[29]

Designing and Aligning e−Science Security Culture with Design

Shamal Faily and Ivan Flechais

In Information Management & Computer Security. Vol. 18. No. 5. 2010.

[30]

Towards tool−support for Usable Secure Requirements Engineering with CAIRIS

Shamal Faily and Ivan Flechais

In International Journal of Secure Software Engineering. Vol. 1. No. 3. Pages 56–70. 2010.

[31]

Security through Usability: a user−centered approach for balanced security policy requirements

Shamal Faily and Ivan Flechais

In Poster at: Annual Computer Security Applications Conference. 2010.

[32]

Security and Usability: Searching for the philosopher's stone

Ivan Flechais and Shamal Faily

In Workshop on the development of EuroSOUPS (European Symposium on Usable Privacy and Security). 2010.

[33]

The Secret Lives of Assumptions: Developing and Refining Assumption Personas for Secure System Design

Shamal Faily and Ivan Flechais

In HCSE'2010: Proceedings of the 3rd Conference on Human−Centered Software Engineering. Pages 111–118. Springer. 2010.

[34]

To boldly go where invention isn't secure: applying Security Entrepreneurship to secure systems design

Shamal Faily and Ivan Flechais

In NSPW '10: Proceedings of the 2010 New Security Paradigms Workshop. Pages 73–84. New York‚ NY‚ USA. 2010. ACM.

[35]

Barry is not the weakest link: Eliciting Secure System Requirements with Personas

Shamal Faily and Ivan Flechais

In Proceedings of the 24th British HCI Group Annual Conference on People and Computers: Play is a Serious Business. Pages 113–120. British Computer Society. 2010.

[36]

A Model of Security Culture for e−Science

Shamal Faily and Ivan Flechais

In Nathan Clarke‚ Steven Furnell and Rossouw von Solms, editors, Proceedings of the South African Information Security Multi−Conference (SAISMC 2010). Pages 154–164. University of Plymouth. 2010.

[37]

Context−Sensitive Requirements and Risk Management with IRIS

Shamal Faily and Ivan Flechais

In International Requirements Engineering‚ 2009. RE'09. 17th IEEE. IEEE. August, 2009.

[38]

Context−Sensitive Requirements and Risk Analysis

Shamal Faily

In Requirements Engineering Doctoral Symposium. 2009.

[39]

Context Matters: designing security for contexts of use

Shamal Faily

2009.

[40]

Towards Requirements Engineering Practice for Professional End User Developers: A Case Study

Shamal Faily

In Requirements Engineering Education and Training‚ 2008. REET '08. Pages 38−44. IEEE. September, 2008.

[41]

PROCEEDINGS OF THE OXFORD UNIVERSITY COMPUTING LABORATORY STUDENT CONFERENCE 2008

Programme Co−Chairs: Shamal Faily‚ Stanislav Živný Conference Co−Chairs: Christo Fogelberg‚ Andras Salamon and Max Schafer

No. RR−08−10. OUCL. October, 2008.

[42]

Making the invisible visible: a theory of security culture for secure and usable grids

Shamal Faily and Ivan Flechais

In UK e−Science All Hands Conference 2008‚ Edinburgh‚ UK (Oral Presentation). 2008.

[43]

Living with Flight Dynamics : Proposals and Possible Pitfalls for Harmonising Flight Dynamics Systems with EGOS

Shamal Faily

In European Ground System Architecture Workshop (ESAW) 2007‚ ESOC‚ Darmstadt‚ Germany (Oral Presentation). 2007.