Text size
  • Small
  • Medium
  • Large
Contrast
  • Standard
  • Blue text on blue
  • High contrast (Yellow text on black)
  • Blue text on beige

    Barry is not the weakest link: Eliciting Secure System Requirements with Personas

    People and Computers XXIV Games are a Serious Business

    Proceedings of HCI 2010
    The 24th British HCI Group Annual Conference
    University of Abertay, Dundee, UK

    6 - 10 September 2010

    AUTHORS

    Shamal Faily and Ivan Fléchais

    ABSTRACT

    Building secure and usable systems means specifying systems for the people using it and the tasks they carry out, rather than vice-versa. User-Centered design approaches encourage an early focus on users and their contexts of use, but these need to be integrated with approaches for engineering secure systems. This paper describes how personas can augment a process for eliciting and specifying requirements for secure and usable systems. Our results suggest that personas increase stakeholder empathy towards users represented by personas, and the empirical data used to build personas can also be used to obtain a better understanding of prospective attackers and their motivations.

    PAPER FORMATS

    PDF filePDF Version of this Paper (781kb)