USEC: Usable Security and Privacy

Welcome to Usable Security and Privacy

Are you curious about the little consent popup when you visit a website? Are you satisfied with the multi-factor authentication enforced by the bank or the school? If you are interested in these questions (and more!), we look forward to seeing you in Usable Security and Privacy :) I am your course organizer, Jingjie Li, and you can find my homepage here.

Learning Outcomes

This course will be focused on engaging critical thinking within the area of Usable Security and Privacy. On successful completion of this course, you should be able to: 

  • Understand key topics and recent advances in Security, Privacy, and Human-Computer Interaction.
  • Identify privacy and security concerns in different contexts.
  • Critically evaluate the literature to develop an academically informed view of proposed security and privacy solutions from a human factors perspective.
  • Design user studies to rigorously evaluate a security or privacy tool.
  • Apply techniques and design approaches to security and privacy problems to create usable solutions.

Usable Security and Privacy is interdisciplinary. It is suggested that you have experience with either Human Computer Interaction or Computer Security to be best suited to this course.

Course Outline

The course contains the following major themes.

  • Introduction: History and overview of the Usable Security and Privacy research area.
  • Study design: Methods and practices of designing and analyzing user studies for security and privacy technologies.
  • Privacy: Basic overview of the definitions of privacy as well as some of the legal and social aspects of it. Analysis of common privacy issues and how they are expressed through user interaction with systems.
  • Security: Overview of common security technologies and how they are impacted by usability. In-depth look at select topics such as password construction and management.
  • Ethics: Discussion of ethics, particularly around research in topics in security and privacy where participants can be particularly vulnerable.
License
All rights reserved The University of Edinburgh