TY  - JOUR
AB  - Purpose– This paper aims to present an approach where assumption personas are used to engage stakeholders in the elicitation and specification of security requirements at a late stage of a system’s design. Design/methodology/approach– The author has devised an approach for developing assumption personas for use in participatory design sessions during the later stages of a system’s design. The author validates this approach using a case study in the e-Science domain. Findings– Engagement follows by focusing on the indirect, rather than direct, implications of security. More design approaches are needed for treating security at a comparatively late stage. Security design techniques should scale to working with sub-optimal input data. Originality/value– This paper contributes an approach where assumption personas engage project team members when eliciting and specifying security requirements at the late stages of a project.
VL  - 23
IS  - 4
SN  - 2056-4961
DO  - 10.1108/ICS-10-2014-0066
UR  - https://doi.org/10.1108/ICS-10-2014-0066
AU  - Faily Shamal
PY  - 2015
Y1  - 2015/01/01
TI  - Engaging stakeholders during late stage security design with assumption personas
T2  - Information & Computer Security
PB  - Emerald Group Publishing Limited
SP  - 435
EP  - 446
Y2  - 2024/04/19
ER  -