There is growing evidence that many software systems are not designed for the people who use them, the goals they need to achieve, the tasks they need to perform, and the environments these systems are situated in. Although such systems may be well-specified, a change in the cultural or socio-technical environment may change assumptions made, and introduce exploitable vulnerabilities. As the world around us changes more often than not, there is a need to reason about how changes to one context of use can impact others.
My work involves understanding how factors relating to 'context of use' impact security, and how these factors can be applied to secure systems design. This work has led to the design of the IRIS (Integrating Requirements and Information Security) framework; this framework consists of a user-centered design process, and tool-support to support this.
I am a doctoral student at the Oxford University Computing Laboratory and a member of Wolfson College. Before this, I was a software engineer within LogicaCMG's Space business.
