The innovator's dilemma: when new technologies cause great firms to fail
The innovator's dilemma: when new technologies cause great firms to fail
Systems architecture: product designing and social engineering
WACC '99 Proceedings of the international joint conference on Work activities coordination and collaboration
Communications of the ACM
Investigating information systems with action research
Communications of the AIS
Eureka! Why Analysts Should Invent Requirements
IEEE Software
Ambiguity as a resource for design
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Software Architecture in Practice
Software Architecture in Practice
Managing information systems security: a soft approach
ISCNZ '96 Proceedings of the 1996 Information Systems Conference of New Zealand (ISCNZ '96)
Threat Modeling
Bringing security home: a process for developing secure and usable systems
Proceedings of the 2003 workshop on New security paradigms
Making by making strange: Defamiliarization and the design of domestic technologies
ACM Transactions on Computer-Human Interaction (TOCHI)
NeuroGrid: Using Grid Technology to Advance Neuroscience
CBMS '05 Proceedings of the 18th IEEE Symposium on Computer-Based Medical Systems
CBMS '05 Proceedings of the 18th IEEE Symposium on Computer-Based Medical Systems
SSH, the Secure Shell: The Definitive Guide
SSH, the Secure Shell: The Definitive Guide
Model-based security analysis in seven steps --- a guided tour to the CORAS method
BT Technology Journal
Why Johnny can't encrypt: a usability evaluation of PGP 5.0
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
Inventing Requirements with Creativity Support Tools
REFSQ '09 Proceedings of the 15th International Working Conference on Requirements Engineering: Foundation for Software Quality
So long, and no thanks for the externalities: the rational rejection of security advice by users
NSPW '09 Proceedings of the 2009 workshop on New security paradigms workshop
A meta-model for usable secure requirements engineering
Proceedings of the 2010 ICSE Workshop on Software Engineering for Secure Systems
Hi-index | 0.00 |
When designing secure systems, we are inundated with an eclectic mix of security and non-security requirements; this makes predicting a successful outcome from the universe of possible security design decisions a difficult problem. We propose augmenting the process of security design with the paradigm of Security Entrepreneurship: the application of innovation models and principles to organise, create, and manage security design elements to bring about improved system security. We propose three initial Security Entrepreneurship techniques as examples of this paradigm, describe how their underlying models align with secure systems design, and help predict the social and technical impact of possible design decisions. We also pose a number of thought experiments, and suggest possible research agendas for Security Entrepreneurship.