Visualising personas as goal models to find security tensions

Shamal Faily*, Claudia Iacob, Raian Ali, Duncan Ki-Aries

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

35 Downloads (Pure)

Abstract

Purpose: This paper aims to present a tool-supported approach for visualising personas as social goal models, which can subsequently be used to identify security tensions. 

Design/methodology/approach: The authors devised an approach to partially automate the construction of social goal models from personas. The authors provide two examples of how this approach can identify previously hidden implicit vulnerabilities and validate ethical hazards faced by penetration testers and their safeguards. 

Findings: Visualising personas as goal models makes it easier for stakeholders to see implications of their goals being satisfied or denied and designers to incorporate the creation and analysis of such models into the broader requirements engineering (RE) tool-chain. 

Originality/value: The approach can be used with minimal changes to existing user experience and goal modelling approaches and security RE tools.

Original languageEnglish
Pages (from-to)787-815
Number of pages29
JournalInformation and Computer Security
Volume29
Issue number5
DOIs
Publication statusPublished - 12 Nov 2021

Keywords

  • goal models
  • I*
  • personas

Fingerprint

Dive into the research topics of 'Visualising personas as goal models to find security tensions'. Together they form a unique fingerprint.

Cite this