University of Maryland, College Park - Usable Security
INSTRUCTORS
Instructors: Jennifer Golbeck
Course Description
This course focuses on how to design and build secure systems with a human-centric focus. We will look at basic principles of human-computer interaction, and apply these insights to the design of secure systems with the goal of developing security measures that respect human performance and their goals within a system.
The Curriculum
Week 1
- Fundamentals of Human-Computer Interaction: users, usability, tasks, and cognitive models
- Integrate an understanding of human abilities with technological demands
- Develop task lists
- Identify usability issues, problems, and successes
Week 2
- Design: design methodology, prototyping, cybersecurity case study
- Exercise design methodology to develop an interface
- Choose appropriate design techniques for your task
- See how design lessons apply to building secure systems
Week 3
- Evaluation: usability studies, A/B testing, quantitative and qualitative evaluation, cybersecurity case study
- Perform qualitative usability analysis
- Run quantitative analyses
- Execute a usability study
- Read and analyze evaluations conducted by others
Week 4
- Strategies for Secure Interaction Design: authority, guidelines for interface design
- Apply guidelines for creating usable security
- Analyze the delegation of authority in secure systems
- Understand how guidelines are applied (or not) in existing systems and how it affects usability
Week 5
- Usable Authentication: authentication mechanisms, biometrics, two-factor authentication
- Describe many types of authentication mechanisms
- Understand the usability of various authentication mechanisms and how they relate to security
Week 6
- Usable Privacy: privacy settings, personal data sharing, data inference
- Design usable privacy systems
- Help users express privacy preferences
- Evaluate the usability of privacy systems