Skip to main content
University of Oxford Department of Computer Science
  Contact Us     Search  
  1. Home
  2. Our Students
  3. Online Resources & Handbooks
  4. Student projects - Supporting Agile Security using CAIRIS

Supporting Agile Security using CAIRIS

Supervisor

Personal photo - Marina Jirotka Marina Jirotka

Suitable for

MSc in Computer Science

Abstract

Pre-requisite: * Attendance of the Requirements course. * Attendance of the Computer Security course, or a practical interest in secure system design issues. * Attendance of Databases course, or practical experience with SQL and relational database design.

There is a growing interest in aligning ideas from user-centered design and secure software engineering with those associated with agile software development. However, the primacy of code in the agile mindset, and the need for more abstract models to reason about security and usability concerns makes any form of alignment a challenge. One way of bridging these communities involves using security and usability models to inform testdriven development.

This MSc project will examine how recent work in usable secure requirements engineering [1] can be used to inform the creation of test cases that not only test core functionality, but also test security and usability concerns highlighted in other models. As source of security and usability models, this project will involve developing extensions or interfaces to the CAIRIS tool (http://www.cs.ox.ac.uk/cairis). For this reason, good programming skills (ideally in Python and SQL) will be required for this project.

The project will be carried out in the context of the EU FP7 webinos project. webinos is a large European project featuring organisations such as Samsung, Ericsson, Fraunhofer FOKUS, Deutsche Telekom, and the W3C. It aims to create a cross-platform mobile application platform based on web standards. The student will be provided access to the security, usability, and requirements models created by the webinos project, and will have an opportunity to collaborate with webinos partners while carrying out the MSc project. More details on webinos are available at http://webinos.org .

[1] Faily, S., and Fléchais, I. A Meta-Model for Usable Secure Requirements Engineering. In Proceedings of the 6th International Workshop on Software Engineering for Secure Systems (2010), IEEE Computer Society, pp. 126–135.

Our Students

Back to Top