Title :
Here´s Johnny: A Methodology for Developing Attacker Personas
Author :
Atzeni, Andrea ; Cameroni, Cesare ; Faily, Shamal ; Lyle, John ; Flechais, Ivan
Author_Institution :
Dip. di Autom. e Inf., Politec. di Torino, Torino, Italy
Abstract :
The adversarial element is an intrinsic part of the design of secure systems, but our assumptions about attackers and threat is often limited or stereotypical. Although there has been previous work on applying User-Centered Design on Persona development to build personas for possible attackers, such work is only speculative and fails to build upon recent research. This paper presents an approach for developing Attacker Personas which is both grounded and validated by structured data about attackers. We describe a case study example where the personas were developed and used to support the development of a Context of Use description for the EU FP7 webinos project.
Keywords :
data structures; security of data; user centred design; EU FP7 webinos project; adversarial element; attacker personas; persona development; secure systems; structured data; user-centered design; Conferences; Context; Helium; Security; Taxonomy; Usability; Attack Tree; Attacker; Persona; Toulmin Model;
Conference_Titel :
Availability, Reliability and Security (ARES), 2011 Sixth International Conference on
Conference_Location :
Vienna
Print_ISBN :
978-1-4577-0979-1
Electronic_ISBN :
978-0-7695-4485-4
DOI :
10.1109/ARES.2011.115
