@conference{martin_informing_2022, title = ""It Becomes More of an Abstract Idea, this Privacy" - Informing the Design for Communal Privacy Experiences in Smart Homes.", author = "Martin Kraemer and Helena Webb and George Chalhoub and Ivan Flechais.", year = "2023", booktitle = "International Journal of Human-Computer Studies (IJHCS 2023)", journal = "International Journal of Human-Computer Studies", month = "December", url = "https://www.sciencedirect.com/science/article/pii/S1071581923001477", doi = "10.1016/j.ijhcs.2023.103138", } @conference{chalhoub2022discount, title = "Data Protection at a Discount: Investigating the UX of Data Protection from User, Designer, and Business Leader Perspectives", author = "Chalhoub, George and Flechais, Ivan", year = "2022", booktitle = "The 25th ACM Conference On Computer-Supported Cooperative Work And Social Computing (CSCW 2022)", location = "Taipei, Taiwan", month = "November", publisher = "ACM", doi = "10.1145/3555537", } @inproceedings{Albayaydh, Privacy Concerns, title = "Exploring Bystanders’ Privacy Concerns with Smart Homes in Jordan", author = "Wael Albayaydh and Ivan Flechais", year = "2022", affiliation = "University of Oxford", booktitle = "CHI Conference on Human Factors in Computing Systems (CHI '22), April 29-May 5, 2022, New Orleans, LA, USA", journal = "CHI Conference on Human Factors in Computing Systems", keywords = "Bystanders Privacy Smart Homes", language = "English", school = "University of Oxford", doi = "10.1145/3491102.3502097", } @conference{chalhoub2021longitudinal, title = ""It did not give me an option to decline": A Longitudinal Analysis of the User Experience of Security and Privacy in Smart Home Products", author = "Chalhoub, George and Kraemer, Martin J. and Nthala, Norbert and Flechais, Ivan", year = "2021", booktitle = "2021 CHI Conference on Human Factors in Computing Systems (CHI 2021)", month = "May", publisher = "ACM", doi = "10.1145/3411764.3445691", } @conference{chalhoub2020alexa, title = ""Alexa, are you spying on me?": Exploring the Effect of User Experience on the Security and Privacy of Smart Speaker Users", author = "Chalhoub, George and Flechais, Ivan", year = "2020", booktitle = "22nd International Conference on Human-Computer Interaction (HCII 2020)", month = "July", publisher = "Springer", doi = "10.1007/978-3-030-50309-3_21", } @conference{chalhoub2020innovation, title = "Innovation Inaction or In Action? The Role of User Experience in the Security and Privacy Design of Smart Home Cameras", author = "Chalhoub, George and Flechais, Ivan and Nthala, Norbert and Abu-Salma, Ruba", year = "2020", booktitle = "Sixteenth Symposium on Usable Privacy and Security (SOUPS 2020)", month = "August", publisher = "USENIX Association", url = "https://www.usenix.org/conference/soups2020/presentation/chalhoub", } @conference{chalhoub2020factoring, title = "Factoring User Experience into the Security and Privacy Design of Smart Home Devices: A Case Study", author = "Chalhoub, George and Flechais, Ivan and Nthala, Norbert and Abu-Salma, Ruba and Tom, Elie", year = "2020", booktitle = "Extended Abstracts of the 2020 CHI Conference on Human Factors in Computing Systems (CHI EA 2020)", isbn = "978-1-4503-6819-3/20/04", location = "Honolulu, HI, USA", month = "April", publisher = "ACM", doi = "10.1145/3334480.3382850", } @inproceedings{fahup13, title = "Policies in Context: Factors Influencing the Elicitation and Categorisation of Context-Sensitive Security Policies", author = "Shamal Faily and John Lyle and Ivan Flechais and Andrea Atzeni and Cesare Cameroni and Hans Myrhaug and Ayse Goker and Robert Kleinfeld", year = "2013", booktitle = "Proceedings of the Workshop on Home Usable Privacy and Security", } @inproceedings{fapotrust, title = "Formal Evaluation of Persona Trustworthiness with EUSTACE (Extended Abstract)", author = "Shamal Faily and David Power and Philip Armstrong and Ivan Flechais", year = "2013", booktitle = "Trust and Trustworthy Computing, 6th International Conference, TRUST 2013", note = "To Appear", } @inproceedings{fafldiss2012, title = "Software for Interactive Secure Systems Design: Lessons Learned Developing and Applying CAIRIS", author = "Shamal Faily and Ivan Flechais", year = "2012", booktitle = "Proceedings of BCS HCI 2012 Workshops: Designing Interactive Secure Systems", pages = "3:1--3:4", } @inproceedings{lypaepki12, title = "Personal PKI for the smart device era", author = "John Lyle and Andrew Paverd and Justin King-Lacroix and Andrea Atzeni and Habib Virji and Ivan Flechais and Shamal Faily", year = "2012", booktitle = "9th European PKI Workshop: Research and Applications", } @inproceedings{lyfadais12, title = "On the design and development of webinos: a distributed mobile application middleware", author = "John Lyle and Shamal Faily and Ivan Flechais and Andre Paul and Ayse Goker and Hans Myrhaug and Heiko Desruelle and Andrew Martin", year = "2012", booktitle = "Proceedings of the 12th IFIP WG 6.1 international conference on Distributed applications and interoperable systems", pages = "140--147", series = "DAIS' 12", } @article{fafl12, title = "Eliciting Policy Requirements for Critical National Infrastructure using the IRIS Framework", author = "Shamal Faily and Ivan Flechais", year = "2011", journal = "International Journal of Secure Software Engineering", number = "4", organization = "IGI Global", pages = "1--18", volume = "2", } @inproceedings{faflre11, title = "Eliciting Usable Security Requirements with Misusability Cases", author = "Shamal Faily and Ivan Flechais", year = "2011", booktitle = "Proceedings of the 19th IEEE International Requirements Engineering Conference", note = "Pre-print available at http://www.cs.ox.ac.uk/files/4125/PID1921187.pdf", pages = "339--340", publisher = "IEEE Computer Society", doi = "10.1109/RE.2011.6051665", } @inproceedings{atfasecse2011, title = "Here's Johnny: a Methodology for Developing Attacker Personas", author = "Andrea Atzeni and Shamal Faily and John Lyle and Cesare Cameroni and Ivan Flechais", year = "2011", booktitle = "Proceedings of the 6th International Conference on Availability, Reliability and Security", pages = "722--727", } @inproceedings{faflsecse2011, title = "User-Centered Information Security Policy Development in a Post-Stuxnet World", author = "Shamal Faily and Ivan Flechais", year = "2011", booktitle = "Proceedings of the 6th International Conference on Availability, Reliability and Security", pages = "716--721", } @inproceedings{fafl1101, title = "Persona Cases: A Technique for grounding Personas", author = "Shamal Faily and Ivan Flechais", year = "2011", address = "Vancouver, BC, Canada", booktitle = "CHI '11: Proceedings of the 29th International conference on Human factors in computing systems", location = "Vancouver, BC, Canada", pages = "2267-2270", publisher = "ACM", } @inproceedings{faflacsac2010, title = "Security through Usability: a user-centered approach for balanced security policy requirements", author = "Shamal Faily and Ivan Flechais", year = "2010", booktitle = "Poster at: Annual Computer Security Applications Conference", location = "Austin TX, USA", } @inproceedings{flfa101, title = "Security and Usability: Searching for the philosopher's stone", author = "Ivan Flechais and Shamal Faily", year = "2010", booktitle = "Workshop on the development of EuroSOUPS (European Symposium on Usable Privacy and Security)", location = "Northumbria University, Newcastle, UK", } @inproceedings{fafl101, title = "Analysing and Visualising Security and Usability in IRIS", author = "Shamal Faily and Ivan Flechais", year = "2010", booktitle = "Availability, Reliability and Security, 2010. ARES 10. Fifth International Conference on", month = "Feb", doi = "10.1109/ARES.2010.28", } @article{fafl106, title = "Towards tool-support for Usable Secure Requirements Engineering with CAIRIS", author = "Shamal Faily and Ivan Flechais", year = "2010", journal = "International Journal of Secure Software Engineering", number = "3", organization = "IGI Global", pages = "56--70", volume = "1", doi = "10.4018/ijsse.2010070104", } @inproceedings{fafl103, title = "A Meta-Model for Usable Secure Requirements Engineering", author = "Shamal Faily and Ivan Flechais", year = "2010", booktitle = "Software Engineering for Secure Systems, 2010. SESS '10. ICSE Workshop on", month = "May", pages = "29--35", doi = "10.1145/1809100.1809105", } @inproceedings{fafl105, title = "Improving Secure Systems Design with Security Culture", author = "Shamal Faily and Ivan Flechais", year = "2010", booktitle = "Poster at: Human Factors in Information Security", location = "London", month = "Feb", } @inproceedings{fafl106, title = "Barry is not the weakest link: Eliciting Secure System Requirements with Personas", author = "Shamal Faily and Ivan Flechais", year = "2010", booktitle = "Proceedings of the 24th British HCI Group Annual Conference on People and Computers: Play is a Serious Business", pages = "113--120", publisher = "British Computer Society", series = "BCS-HCI '10", } @inproceedings{faflhcse, title = "The Secret Lives of Assumptions: Developing and Refining Assumption Personas for Secure System Design", author = "Shamal Faily and Ivan Flechais", year = "2010", booktitle = "HCSE'2010: Proceedings of the 3rd Conference on Human-Centered Software Engineering", pages = "111--118", publisher = "Springer", } @article{failyimcs10, title = "Designing and Aligning e-Science Security Culture with Design", author = "Shamal Faily and Ivan Flechais", year = "2010", journal = "Information Management & Computer Security", number = "5", volume = "18", } @inproceedings{faflnspw10, title = "To boldly go where invention isn't secure: applying Security Entrepreneurship to secure systems design", author = "Shamal Faily and Ivan Flechais", year = "2010", address = "New York, NY, USA", booktitle = "NSPW '10: Proceedings of the 2010 New Security Paradigms Workshop", location = "Concord, Massachusetts, USA", pages = "73--84", publisher = "ACM", } @inproceedings{fafl10haisa, title = "A Model of Security Culture for e-Science", author = "Shamal Faily and Ivan Flechais", year = "2010", booktitle = "Proceedings of the South African Information Security Multi-Conference (SAISMC 2010)", editor = "Nathan Clarke and Steven Furnell and Rossouw von Solms", location = "Port Elizabeth, South Africa", pages = "154--164", publisher = "University of Plymouth", } @inproceedings{kainda2010c, title = "Two Heads are Better Than One: Security and Usability of Device Associations in Group Scenarios", author = "Ronald Kainda, Ivan Flechais, A. W. Roscoe", year = "2010", booktitle = "Proceedings of the 2010 Symposium on Usable Privacy and Security (SOUPS 2010)", location = "Redmond, WA", } @inproceedings{kainda2010b, title = "Secure and Usable Out-Of-Band Channels for Ad hoc Mobile Device Interactions", author = "Ronald Kainda and Ivan Flechais and A.W Roscoe", year = "2010", journal = "Information Security Theory and Practice. Security and Privacy of Pervasive Systems and Smart Devices", } @inproceedings{kainda2010, title = "Security and Usability: Analysis and Evaluation", author = "Ronald Kainda, Ivan Flechais, A. W. Roscoe", year = "2010", journal = "Availability, Reliability and Security, 2010. ARES 10. Fifth International Conference on", } @inproceedings{3123, title = "Secure Mobile Ad-hoc Interactions: Reasoning About Out-Of-Band (OOB) Channels", author = "Ronald Kainda, Ivan Flechais, A. W. Roscoe", year = "2010", booktitle = "Proceedings of IWSSI 2010, Second International Workshop on Security for Spontaneous Interaction, The Eighth International Conference on Pervasive Computing (Pervasive 2010)", location = "Helsinki, Finland", } @inproceedings{faily091, title = "Context-Sensitive Requirements and Risk Management with IRIS", author = "Shamal Faily and Ivan Flechais", year = "2009", booktitle = "International Requirements Engineering, 2009. RE'09. 17th IEEE", month = "Aug", organization = "IEEE", doi = "10.1109/RE.2009.54", } @inproceedings{kainda2009, title = "Usability and Security of Out-Of-Band Channels in Secure Device Pairing Protocols", author = "Ronald Kainda, Ivan Flechais, A. W. Roscoe", year = "2009", booktitle = "SOUPS '09: Proceedings of the 5th Symposium on Usable Privacy and Security", location = "Mountain View, CA", } @inproceedings{Flechais*2007:Stakeholder, title = "Stakeholder involvement, motivation, responsibility, communication: How to design usable security in e-Science", author = "I. Flechais and M. A. Sasse", year = "2009", issn = "1071-5819", journal = "International Journal of Human Computer Studies", number = "4", pages = "281-296", url = "http://www.sciencedirect.com/science/article/B6WGR-4PV94FB-2/2/81f2861921dabe354e4c684f6202429d", volume = "67", doi = "10.1016/j.ijhcs.2007.10.002", } @inproceedings{failyahm08, title = "Making the invisible visible: a theory of security culture for secure and usable grids", author = "Shamal Faily and Ivan Flechais", year = "2008", booktitle = "UK e-Science All Hands Conference 2008, Edinburgh, UK (Oral Presentation)", } @article{ktnwhitepaper, title = "Human Vulnerabilities in Security Systems", author = "M. Angela Sasse, Debi Ashenden, Darren Lawrence, Lizzie Coles-Kemp, Ivan Flechais, Paul Kearney", year = "2007", journal = "Human Factors Working Group White Paper, Cyber Security KTN Human Factors White Paper", url = "http://www.ktn.qinetiq-tim.net/content/files/groups/humanvuln/HFWGWhitePaperfinal.pdf", } @inproceedings{Flechais*2006:Integrating, title = "Integrating Security and Usability into the Requirements and Design Process", author = "I. Flechais and C. Mascolo and M. A. Sasse", year = "2006", booktitle = "Second International Conference on Global E-Security", url = "http://www.softeng.ox.ac.uk/personal/Ivan.Flechais/downloads/icges.pdf", } @incollection{Sasse&Flechais2005:Usable, title = "Usable Security: What Is It? How Do We Get It?", author = "M. A. Sasse and I. Flechais", year = "2005", booktitle = "Security and Usability: Designing Secure Systems that People can Use", editor = "Lorrie Faith Cranor and Simson Garfinkel", publisher = "O'Reilly Books", } @inproceedings{Flechais*2005:Divide, title = "Divide and Conquer: The Role of Trust and Assurance in the Design of Secure Socio-Technical Systems", author = "I. Flechais and J. Riegelsberger and M. A. Sasse", year = "2005", booktitle = "New Security Paradigms Workshop", url = "http://www.softeng.ox.ac.uk/personal/Ivan.Flechais/downloads/nspw2005.pdf", } @phdthesis{Flechais2005:Building, title = "Designing Secure and Usable Systems", author = "I. Flechais", year = "2005", school = "University College, London", } @inproceedings{Flechais*2003:Bringing, title = "Bringing Security Home: A Process for Developing Secure and Usable Systems", author = "I. Flechais and M. A. Sasse and S. M. V. Hailes", year = "2003", booktitle = "ACM/SIGSAC New Security Paradigms Workshop", url = "http://www.softeng.ox.ac.uk/personal/Ivan.Flechais/downloads/nspw2003.pdf", } @inproceedings{Flechais&Sasse2003:Developing, title = "Developing Secure and Usable Software", author = "I. Flechais and M. A. Sasse", booktitle = "OT2003", url = "http://www.softeng.ox.ac.uk/personal/Ivan.Flechais/downloads/ot2003.pdf", }