Home > Research > Publications & Outputs > I'd Like to Have an Argument, Please

Electronic data

  • ArgumentPlease-WeirRashidNoble

    Rights statement: Permission to freely reproduce all or part of this paper for non-commercial purposes is granted provided that copies bear this notice and the full citation on the first page. Reproduction for commercial purposes is strictly prohibited without the prior written consent of the Internet Society, the first-named author (for reproduction of an entire paper only), and the author’s employer if the paper was prepared within the scope of employment.

    Final published version, 642 KB, PDF document

    Available under license: Other

View graph of relations

I'd Like to Have an Argument, Please: Using Dialectic for Effective App Security

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSNConference contribution/Paper

Published

Standard

I'd Like to Have an Argument, Please : Using Dialectic for Effective App Security. / Weir, Charles; Rashid, Awais; Noble, James.

EuroUSEC 2017: the 2nd European Workshop on Usable Security. Reston, VA : Internet Society, 2017.

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSNConference contribution/Paper

Harvard

Weir, C, Rashid, A & Noble, J 2017, I'd Like to Have an Argument, Please: Using Dialectic for Effective App Security. in EuroUSEC 2017: the 2nd European Workshop on Usable Security. Internet Society, Reston, VA, The 2nd European Workshop on Usable Security, Paris, France, 29/04/17.

APA

Weir, C., Rashid, A., & Noble, J. (2017). I'd Like to Have an Argument, Please: Using Dialectic for Effective App Security. In EuroUSEC 2017: the 2nd European Workshop on Usable Security Internet Society.

Vancouver

Weir C, Rashid A, Noble J. I'd Like to Have an Argument, Please: Using Dialectic for Effective App Security. In EuroUSEC 2017: the 2nd European Workshop on Usable Security. Reston, VA: Internet Society. 2017

Author

Weir, Charles ; Rashid, Awais ; Noble, James. / I'd Like to Have an Argument, Please : Using Dialectic for Effective App Security. EuroUSEC 2017: the 2nd European Workshop on Usable Security. Reston, VA : Internet Society, 2017.

Bibtex

@inproceedings{c31f27ef4e1f4335b061041621a5ab23,
title = "I'd Like to Have an Argument, Please: Using Dialectic for Effective App Security",
abstract = "The lack of good secure development practice for app developers threatens everyone who uses mobile software. Current practice emphasizes checklists of processes and security errors to avoid, and has not proved effective in the application development domain. Based on analysis of interviews with relevant security experts, we suggest that secure app development requires 'dialectic': challenging dialog with a range of counterparties, continued throughout the development cycle. By further studying the different dialectic techniques possible in programmers' communications, we shall be able to empower app developers to produce the secure software that we need.",
keywords = "app developer, app development, app programmer, app security, application security, dialectic, dialectical security, dialectical security technique, grounded theory, mobile app, penetration testing, secure app, secure app development, secure development, secure software, security code review, security issue, security pattern, software engineering, software security, whole system security",
author = "Charles Weir and Awais Rashid and James Noble",
year = "2017",
month = apr
day = "29",
language = "English",
booktitle = "EuroUSEC 2017",
publisher = "Internet Society",
note = "The 2nd European Workshop on Usable Security, EuroUSec17 ; Conference date: 29-04-2017 Through 29-04-2017",
url = "https://usec.cispa.uni-saarland.de/eurousec17/",

}

RIS

TY - GEN

T1 - I'd Like to Have an Argument, Please

T2 - The 2nd European Workshop on Usable Security

AU - Weir, Charles

AU - Rashid, Awais

AU - Noble, James

PY - 2017/4/29

Y1 - 2017/4/29

N2 - The lack of good secure development practice for app developers threatens everyone who uses mobile software. Current practice emphasizes checklists of processes and security errors to avoid, and has not proved effective in the application development domain. Based on analysis of interviews with relevant security experts, we suggest that secure app development requires 'dialectic': challenging dialog with a range of counterparties, continued throughout the development cycle. By further studying the different dialectic techniques possible in programmers' communications, we shall be able to empower app developers to produce the secure software that we need.

AB - The lack of good secure development practice for app developers threatens everyone who uses mobile software. Current practice emphasizes checklists of processes and security errors to avoid, and has not proved effective in the application development domain. Based on analysis of interviews with relevant security experts, we suggest that secure app development requires 'dialectic': challenging dialog with a range of counterparties, continued throughout the development cycle. By further studying the different dialectic techniques possible in programmers' communications, we shall be able to empower app developers to produce the secure software that we need.

KW - app developer

KW - app development

KW - app programmer

KW - app security

KW - application security

KW - dialectic

KW - dialectical security

KW - dialectical security technique

KW - grounded theory

KW - mobile app

KW - penetration testing

KW - secure app

KW - secure app development

KW - secure development

KW - secure software

KW - security code review

KW - security issue

KW - security pattern

KW - software engineering

KW - software security

KW - whole system security

M3 - Conference contribution/Paper

BT - EuroUSEC 2017

PB - Internet Society

CY - Reston, VA

Y2 - 29 April 2017 through 29 April 2017

ER -