Ivan Flechais : Publications
Journal papers
|
[1] |
Eliciting Policy Requirements for Critical National Infrastructure using the IRIS Framework Shamal Faily and Ivan Flechais In International Journal of Secure Software Engineering. Vol. 2. No. 4. Pages 1–18. 2011. |
|
[2] |
Towards tool−support for Usable Secure Requirements Engineering with CAIRIS Shamal Faily and Ivan Flechais In International Journal of Secure Software Engineering. Vol. 1. No. 3. Pages 56–70. 2010. |
|
[3] |
Designing and Aligning e−Science Security Culture with Design Shamal Faily and Ivan Flechais In Information Management & Computer Security. Vol. 18. No. 5. 2010. |
|
[4] |
Human Vulnerabilities in Security Systems Paul Kearney M. Angela Sasse Debi Ashenden Darren Lawrence Lizzie Coles−Kemp Ivan Flechais In Human Factors Working Group White Paper‚ Cyber Security KTN Human Factors White Paper. 2007. |
Conference papers
|
[1] |
Formal Evaluation of Persona Trustworthiness with EUSTACE (Extended Abstract) Shamal Faily‚ David Power‚ Philip Armstrong and Ivan Flechais In Trust and Trustworthy Computing‚ 6th International Conference‚ TRUST 2013. 2013. To Appear |
|
[2] |
Software for Interactive Secure Systems Design: Lessons Learned Developing and Applying CAIRIS Shamal Faily and Ivan Flechais In Proceedings of BCS HCI 2012 Workshops: Designing Interactive Secure Systems. Pages 3:1–3:4. 2012. |
|
[3] |
Personal PKI for the smart device era John Lyle‚ Andrew Paverd‚ Justin King−Lacroix‚ Andrea Atzeni‚ Habib Virji‚ Ivan Flechais and Shamal Faily In 9th European PKI Workshop: Research and Applications. 2012. |
|
[4] |
On the design and development of webinos: a distributed mobile application middleware John Lyle‚ Shamal Faily‚ Ivan Flechais‚ Andre Paul‚ Ayse Goker‚ Hans Myrhaug‚ Heiko Desruelle and Andrew Martin In Proceedings of the 12th IFIP WG 6.1 international conference on Distributed applications and interoperable systems. Pages 140–147. 2012. |
|
[5] |
Eliciting Usable Security Requirements with Misusability Cases Shamal Faily and Ivan Flechais In Proceedings of the 19th IEEE International Requirements Engineering Conference. Pages 339–340. IEEE Computer Society. 2011. Pre−print available at http://www.cs.ox.ac.uk/files/4125/PID1921187.pdf Details | BibTeX | Download (pdf) | DOI (10.1109/RE.2011.6051665) |
|
[6] |
Here's Johnny: a Methodology for Developing Attacker Personas Andrea Atzeni‚ Shamal Faily‚ John Lyle‚ Cesare Cameroni and Ivan Flechais In Proceedings of the 6th International Conference on Availability‚ Reliability and Security. Pages 722–727. 2011. |
|
[7] |
User−Centered Information Security Policy Development in a Post−Stuxnet World Shamal Faily and Ivan Flechais In Proceedings of the 6th International Conference on Availability‚ Reliability and Security. Pages 716–721. 2011. |
|
[8] |
Persona Cases: A Technique for grounding Personas Shamal Faily and Ivan Flechais In CHI '11: Proceedings of the 29th International conference on Human factors in computing systems. Pages 2267−2270. Vancouver‚ BC‚ Canada. 2011. ACM. |
|
[9] |
Security through Usability: a user−centered approach for balanced security policy requirements Shamal Faily and Ivan Flechais In Poster at: Annual Computer Security Applications Conference. 2010. |
|
[10] |
Security and Usability: Searching for the philosopher's stone Ivan Flechais and Shamal Faily In Workshop on the development of EuroSOUPS (European Symposium on Usable Privacy and Security). 2010. |
|
[11] |
Analysing and Visualising Security and Usability in IRIS Shamal Faily and Ivan Flechais In Availability‚ Reliability and Security‚ 2010. ARES 10. Fifth International Conference on. February, 2010. Details | BibTeX | Download (pdf) | DOI (10.1109/ARES.2010.28) |
|
[12] |
Context−Sensitive Requirements and Risk Management with IRIS Shamal Faily and Ivan Flechais In International Requirements Engineering‚ 2009. RE'09. 17th IEEE. IEEE. August, 2009. Details | BibTeX | Download (pdf) | DOI (10.1109/RE.2009.54) |
|
[13] |
Making the invisible visible: a theory of security culture for secure and usable grids Shamal Faily and Ivan Flechais In UK e−Science All Hands Conference 2008‚ Edinburgh‚ UK (Oral Presentation). 2008. |
|
[14] |
A Meta−Model for Usable Secure Requirements Engineering Shamal Faily and Ivan Flechais In Software Engineering for Secure Systems‚ 2010. SESS '10. ICSE Workshop on. Pages 29–35. May, 2010. Details | BibTeX | Download (pdf) | DOI (10.1145/1809100.1809105) |
|
[15] |
Improving Secure Systems Design with Security Culture Shamal Faily and Ivan Flechais In Poster at: Human Factors in Information Security. February, 2010. |
|
[16] |
Barry is not the weakest link: Eliciting Secure System Requirements with Personas Shamal Faily and Ivan Flechais In Proceedings of the 24th British HCI Group Annual Conference on People and Computers: Play is a Serious Business. Pages 113–120. British Computer Society. 2010. |
|
[17] |
The Secret Lives of Assumptions: Developing and Refining Assumption Personas for Secure System Design Shamal Faily and Ivan Flechais In HCSE'2010: Proceedings of the 3rd Conference on Human−Centered Software Engineering. Pages 111–118. Springer. 2010. |
|
[18] |
To boldly go where invention isn't secure: applying Security Entrepreneurship to secure systems design Shamal Faily and Ivan Flechais In NSPW '10: Proceedings of the 2010 New Security Paradigms Workshop. Pages 73–84. New York‚ NY‚ USA. 2010. ACM. |
|
[19] |
A Model of Security Culture for e−Science Shamal Faily and Ivan Flechais In Nathan Clarke‚ Steven Furnell and Rossouw von Solms, editors, Proceedings of the South African Information Security Multi−Conference (SAISMC 2010). Pages 154–164. University of Plymouth. 2010. |
|
[20] |
Two Heads are Better Than One: Security and Usability of Device Associations in Group Scenarios A. W. Roscoe Ronald Kainda Ivan Flechais In Proceedings of the 2010 Symposium on Usable Privacy and Security (SOUPS 2010). 2010. |
|
[21] |
Secure and Usable Out−Of−Band Channels for Ad hoc Mobile Device Interactions Ronald Kainda‚ Ivan Flechais and A.W Roscoe 2010. |
|
[22] |
Security and Usability: Analysis and Evaluation A. W. Roscoe Ronald Kainda Ivan Flechais 2010. |
|
[23] |
Secure Mobile Ad−hoc Interactions: Reasoning About Out−Of−Band (OOB) Channels A. W. Roscoe Ronald Kainda Ivan Flechais In Proceedings of IWSSI 2010‚ Second International Workshop on Security for Spontaneous Interaction‚ The Eighth International Conference on Pervasive Computing (Pervasive 2010). 2010. |
|
[24] |
Usability and Security of Out−Of−Band Channels in Secure Device Pairing Protocols A. W. Roscoe Ronald Kainda Ivan Flechais In SOUPS '09: Proceedings of the 5th Symposium on Usable Privacy and Security. 2009. |
|
[25] |
Stakeholder involvement‚ motivation‚ responsibility‚ communication: How to design usable security in e−Science I. Flechais and M. A. Sasse Vol. 67. No. 4. Pages 281−296. 2009. Details | BibTeX | Download (pdf) | DOI (10.1016/j.ijhcs.2007.10.002) | Link |
|
[26] |
Bringing Security Home: A Process for Developing Secure and Usable Systems I. Flechais‚ M. A. Sasse and S. M. V. Hailes In ACM/SIGSAC New Security Paradigms Workshop. 2003. |
|
[27] |
Developing Secure and Usable Software I. Flechais and M. A. Sasse In OT2003. |
|
[28] |
Divide and Conquer: The Role of Trust and Assurance in the Design of Secure Socio−Technical Systems I. Flechais‚ J. Riegelsberger and M. A. Sasse In New Security Paradigms Workshop. 2005. |
|
[29] |
Integrating Security and Usability into the Requirements and Design Process I. Flechais‚ C. Mascolo and M. A. Sasse In Second International Conference on Global E−Security. 2006. |
Theses
|
[1] |
Designing Secure and Usable Systems I. Flechais PhD Thesis University College‚ London. 2005. |
Miscellaneous
|
[1] |
Usable Security: What Is It? How Do We Get It? M. A. Sasse and I. Flechais In Lorrie Faith Cranor and Simson Garfinkel, editors, Security and Usability: Designing Secure Systems that People can Use. O'Reilly Books. 2005. |