My research examines how the design of secure and usable software systems can be better supported with design techniques and tools.
My doctoral research led to the design of the IRIS (Integrating Requirements and Information Security) design framework, and accompanying open-source CAIRIS (Computer Aided Integration of Requirements and Information Security) software tool. As part of the EUSTACE project, I am currently exploring how usability models (such as personas) can be formalised and used as a basis for model-checking a software system's usability. I am also looking at how IRIS design models might be used to drive a model-driven architectural risk analysis.
I am also interested in understanding how entrepreneurship and innovation theories can be used to inform the design of security.
Since August 2013, I have been a lecturer at Bournemouth University.
- Programme Committee
- Publicity Co-Chair, Programme Committee (Socio-Economic Track)
Developing secure‚ unified multi−device and multi−domain platforms: A case study from the webinos project
Andrea Atzeni‚ John Lyle and Shamal Faily
In Architectures and Protocols for Secure Information Technology. IGI Global. 2013.
Policies in Context: Factors Influencing the Elicitation and Categorisation of Context−Sensitive Security Policies
Shamal Faily‚ John Lyle‚ Ivan Flechais‚ Andrea Atzeni‚ Cesare Cameroni‚ Hans Myrhaug‚ Ayse Goker and Robert Kleinfeld
In Proceedings of the Workshop on Home Usable Privacy and Security. 2013.
Security Patterns Considered Harmful?
In Proceedings of The Second International Workshop on Cyberpatterns: Unifying Design Patterns with Security‚ Attack and Forensic Patterns. 2013.