Abstract
This chapter presents a process framework for specifying usable and secure systems. Building on the meta-model described in Chap. 3, I describe the different perspectives of IRIS, and their make up, propose a number of exemplar techniques for each perspective.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Nuseibeh B. Weaving together requirements and architectures. Computer. 2001;34(3):115–7.
“Technique, 3” OED Online. Oxford University Press; 2010. http://dictionary.oed.com/cgi/entry/50248085.
Corbin JM, Strauss AL. Basics of qualitative research: techniques and procedures for developing grounded theory. 3rd ed. Sage Publications, Inc.; 2008.
Fléchais I. designing secure and usable systems. University College London; 2005.
Dupree JLW, Lank E, Berry DM. A case study of using grounded analysis as a requirement engineering method: Identifying personas that specify privacy and security tool users. Sci Comput Program. 2018;152:1–37.
Muhr T. User’s manual for ATLAS.ti 5.0. Berlin; 2004.
Pruitt J, Adlin T. The persona lifecycle: keeping people in mind throughout product design. Boston: Elsevier; 2006.
Friedman B, Lin P, Miller JK. Informed consent by design. In: Cranor LF, Garfinkel S, editors. Security and usability: designing secure systems that people can use. O’Reilly Media; 2005.
Rosson MB, Carroll JM. Usability engineering: scenario-based development of human-computer interaction. London: Academic Press; 2002.
Rosson MB, Carroll JM. Scenario-based design. In: Sears A, Jacko JA, editors. The human-computer interaction handbook: fundamentals, evolving technologies, and emerging applications. 2nd ed. Boca Raton: CRC Press; 2008. p. 1041–1060.
Checkland P, Scholes J. Soft systems methodology in action. New York: Wiley; 1990.
Alexander I, Beus-Dukic L. Discovering requirements: how to specify products and services. New York: Wiley; 2009.
Jackson M. Problem frames: analysing and structuring software development problems. New York: Addison-Wesley; 2001.
Robertson J, Robertson S. Volere requirements specification template: edition 14 - January 2009; 2009. http://www.volere.co.uk/template.htm.
van Lamsweerde A. Requirements engineering: from system goals to UML models to software specifications. New York: Wiley; 2009.
Robertson S, Robertson J. Mastering the requirements process. 2nd ed. Cambridge: Addison-Wesley; 2006.
Fairclough J, Jones M, Mortensen U, Melton B, Scheffer A, de Pablo D, et al. ESA software engineering standards and ISO 9001: theory and practice. Eur Space Agency (Special Publication) ESA SP. 1996;377:303–308.
IEEE. IEEE recommended practice for software requirements specifications. IEEE Std 830–1998. 1998 Oct.
den Braber F, Hogganvik I, Lund MS, Stølen K, Vraalsen F. Model-based security analysis in seven steps - a guided tour to the CORAS method. BT Technol J. 2007;25(1):101–17.
Mayer N. Model-based Management of Information System Security Risk. University of Namur; 2009.
Alexander I. Negative scenarios and misuse cases. In: Alexander IF, Maiden N, editors. Scenarios. Stories, use cases: through the systems development life-cycle. New York: Wiley; 2004.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG, part of Springer Nature
About this chapter
Cite this chapter
Faily, S. (2018). The IRIS Framework. In: Designing Usable and Secure Software with IRIS and CAIRIS. Springer, Cham. https://doi.org/10.1007/978-3-319-75493-2_4
Download citation
DOI: https://doi.org/10.1007/978-3-319-75493-2_4
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-75492-5
Online ISBN: 978-3-319-75493-2
eBook Packages: Computer ScienceComputer Science (R0)