You are not your developer, either: A research agenda for usable security and privacy research beyond end users
While researchers have developed many tools, techniques, and protocols for improving
software security, exploits and breaches are only becoming more frequent. Some of this gap …
software security, exploits and breaches are only becoming more frequent. Some of this gap …
A survey on developer-centred security
Software developers are key players in the security ecosystem as they produce code that
runs on millions of devices. Yet we continue to see insecure code being developed and …
runs on millions of devices. Yet we continue to see insecure code being developed and …
Stack overflow considered harmful? the impact of copy&paste on android application security
Online programming discussion platforms such as Stack Overflow serve as a rich source of
information for software developers. Available information include vibrant discussions and …
information for software developers. Available information include vibrant discussions and …
Comparing the usability of cryptographic apis
Potentially dangerous cryptography errors are well-documented in many applications.
Conventional wisdom suggests that many of these errors are caused by cryptographic …
Conventional wisdom suggests that many of these errors are caused by cryptographic …
Security in the software development lifecycle
H Assal, S Chiasson - Fourteenth symposium on usable privacy and …, 2018 - usenix.org
We interviewed developers currently employed in industry to explore real-life software
security practices during each stage of the development lifecycle. This paper explores steps …
security practices during each stage of the development lifecycle. This paper explores steps …
'Think secure from the beginning' A Survey with Software Developers
H Assal, S Chiasson - Proceedings of the 2019 CHI conference on …, 2019 - dl.acm.org
Vulnerabilities persist despite existing software security initiatives and best practices. This
paper focuses on the human factors of software security, including human behaviour and …
paper focuses on the human factors of software security, including human behaviour and …
Hackers vs. testers: A comparison of software vulnerability discovery processes
Identifying security vulnerabilities in software is a critical task that requires significant human
effort. Currently, vulnerability discovery is often the responsibility of software testers before …
effort. Currently, vulnerability discovery is often the responsibility of software testers before …
Secure coding practices in java: Challenges and vulnerabilities
The Java platform and its third-party libraries provide useful features to facilitate secure
coding. However, misusing them can cost developers time and effort, as well as introduce …
coding. However, misusing them can cost developers time and effort, as well as introduce …
Why do developers get password storage wrong? A qualitative usability study
A Naiakshina, A Danilova, C Tiefenau… - Proceedings of the …, 2017 - dl.acm.org
Passwords are still a mainstay of various security systems, as well as the cause of many
usability issues. For end-users, many of these issues have been studied extensively …
usability issues. For end-users, many of these issues have been studied extensively …
Sotorrent: reconstructing and analyzing the evolution of stack overflow posts
Stack Overflow (SO) is the most popular question-and-answer website for software
developers, providing a large amount of code snippets and free-form text on a wide variety …
developers, providing a large amount of code snippets and free-form text on a wide variety …