Home > Research > Publications & Outputs > I'd Like to Have an Argument, Please

Electronic data

  • ArgumentPlease-WeirRashidNoble

    Rights statement: Permission to freely reproduce all or part of this paper for non-commercial purposes is granted provided that copies bear this notice and the full citation on the first page. Reproduction for commercial purposes is strictly prohibited without the prior written consent of the Internet Society, the first-named author (for reproduction of an entire paper only), and the author’s employer if the paper was prepared within the scope of employment.

    Final published version, 642 KB, PDF-document

    Available under license: Other

View graph of relations

I'd Like to Have an Argument, Please: Using Dialectic for Effective App Security

Research output: Contribution in Book/Report/ProceedingsConference contribution

Published
Publication date29/04/2017
Host publicationEuroUSEC 2017: the 2nd European Workshop on Usable Security
Place of PublicationReston, VA
PublisherInternet Society
Number of pages13
ISBN (Electronic)1891562452
<mark>Original language</mark>English
EventThe 2nd European Workshop on Usable Security - Paris, France

Workshop

WorkshopThe 2nd European Workshop on Usable Security
Abbreviated titleEuroUSec17
CountryFrance
CityParis
Period29/04/1729/04/17
Internet address

Workshop

WorkshopThe 2nd European Workshop on Usable Security
Abbreviated titleEuroUSec17
CountryFrance
CityParis
Period29/04/1729/04/17
Internet address

Abstract

The lack of good secure development practice for app developers threatens everyone who uses mobile software. Current practice emphasizes checklists of processes and security errors to avoid, and has not proved effective in the application development domain. Based on analysis of interviews with relevant security experts, we suggest that secure app development requires 'dialectic': challenging dialog with a range of counterparties, continued throughout the development cycle. By further studying the different dialectic techniques possible in programmers' communications, we shall be able to empower app developers to produce the secure software that we need.