First of all, thank you very much for the fruitful discussion. Most of you vividly participated and interesting topics and challenges emerged. Very well done! I had the impression that most of you (for the first time) discussed papers from a... Read more
First of all, thank you very much for the fruitful discussion. Most of you vividly participated and interesting topics and challenges emerged. Very well done! I had the impression that most of you (for the first time) discussed papers from a critical perspective. As you may have noticed, the body of literature in this domain is very sparse and by far not complete. Furthermore, many papers only cover one perspective or population and hence cannot be used to generalize. Isn't it exciting that there is still so much room for future work in this domain? Especially if you feel that the literature is incomplete or that important other perspectives are missing, please include such a discussion in your seminar papers. Nevertheless, please treat related papers respectfully as research papers can never be complete, fully objective or cover all aspects of a topic.
I included all information on your todos for our next meeting in the main page of this seminar. Please use the forum to collect interesting resources on design methods and point other students to them.
Looking forward to our next meeting!
Designing Usable Security
Description: The goal of this seminar is to (1) understand usable security challenges based on user studies from scientific literature, (2) identify the design space based on these studies and (3) propose potential design approaches for user-friendly security and privacy technology.
In the first part of the seminar, we will focus on user studies published at top tier conferences to identify a design space for new usable security and privacy technology. The second part of the seminar will be focused on design methods from human computer interaction. We will search for relevant papers on design methods and discuss their applicability to security, and, in particular, the problems we identified in the first part of the seminar. You will also write a seminar paper on a usable security challenge of your choice consisting of a literature review of user studies and design methods, and your own reasoning about potential solutions. The goal of this seminar is to use interdisciplinary methods to understand and address hard usable security problems. You will be encouraged to be creative and think outside the box to find innovative and unconventional solutions.
Requirements: Foundations of Cybersecurity I and II, Usable Security (Advanced Lecture)
Important Dates (Presence is mandatory):
- 5 Nov 19 - Topic selection based on 3-5 scientific papers
- 19 Nov 19 - Design approaches from Industrial Design/UX/HCI
- 10 Dec 19 - Intermediate feedback, final presentations
- 14 Jan 20 - Final presentations
- 21 Jan 20 - Final presentations
- 28 Jan 20 - Final paper due
How do I get a grade?
You will be graded based on the seminar paper (to be submitted via CMS no later than 28 Jan 20) and your final presentation. An important criteria is the originality of your work. I strongly encourage you to think outside the box and discuss creative, controversial, disruptive design ideas in your paper. Your presentation should spark interesting and fruitful discussions in class. Don't be afraid of disagreement but make sure to justify your conclusions and reasoning.
What do I have to do until 5 Nov?
Choose one of the four topics presented during the kick-off:
- Privacy in the Internet of Things
- Privacy and security for underrepresented populations
- Usable security for experts, e.g., developers and administrators
- Usable encryption
Consider the recent editions of the most important venues for usable security papers and read (or briefly skim) 3-5 papers on the topic of your choice. Prepare arguments to describe the design space based on these papers. You do not have to prepare slides, just bring the papers and freely talk about the their findings and your reasoning on the design space.
Please consider at least three papers from the following conferences:
- Usenix SOUPS
- ACM CHI
- Usenix Security
- ACM CCS
- IEEE S&P
What do I have to do until 19 Nov?
Revise the Slides on Design Methods from the Usable Security Lecture. Spend additional 30-60 minutes (depending on your previous knowledge on design methods) researching the Internet on design methods from Industrial Design or UX. Hint: ACM CHI has design papers that could also be a fruitful source. You are encouraged to use the discussion forum of this seminar to point others to interesting sources.