Lecture: Usable Security and Privacy
Course:
- Responsible: Prof. Dr. Matthew Smith, Sergej Dechand
- Start: 08.04.2014 10:00, LBH II.27, weekly
- Dates: Tuesday, 10-12AM, LBH II.27, weekly
Other:
- Term: Master Computer Science, Diploma (Graduate), Bachelor Lehramt
- Requirements:
- Faculty:
- Effort: 6 CP
Description
Doodle Link: 
http://doodle.com/xeqvgxy6nn4cammn
There will be no lecture on the following dates:
- 29.4
- 20.5
- 10.6
- 8.7
Many aspects of information security combine technical and human factors. If a highly secure system is unusable, users will try to circumvent the system or move entirely to less secure but more usable systems. Problems with usability are a major contributor to many high-profile security failures today.
However, usable security is not well-aligned with traditional usability for three reasons. First, security is rarely the desired goal of the individual. In fact, security is usually orthogonal and often in opposition to the actual goal. Second, security information is about risk and threats. Such communication is often unwelcome. Increasing unwelcome interaction is not a goal of usable design. Third, since individuals must trust their machines to implement their desired tasks, risk communication itself may undermine the value of the networked interaction. For the individual, discrete technical problems are all understood under the rubric of online security (e.g., privacy from third parties use of personally identifiable information, malware). A broader conception of both security and usability is therefore needed for usable security.
The lecture on Usable Security and Privacy deals with many aspects of human factors and usability in the context of security and privacy. The lecture includes both the foundations of usable security and privacy as well as a selection of cutting edge international research in this area. Topics include:
Evaluation of usability issues of existing security & privacy models or technology
Design and evaluation of new usable security & privacy technology
Impact of organizational policy on security and privacy interaction
Lessons learned from designing, deploying, managing or evaluating security & privacy technologies
Foundations of usable security & privacy
Methodology for usable security & privacy research
Ethical, psychological, sociological and economic aspects of security & privacy technologies