University of Maryland, College Park - Usable Security

INSTRUCTORS

Instructors: Jennifer Golbeck

Course Description

This course focuses on how to design and build secure systems with a human-centric focus. We will look at basic principles of human-computer interaction, and apply these insights to the design of secure systems with the goal of developing security measures that respect human performance and their goals within a system.

The Curriculum

Week 1

• Fundamentals of Human-Computer Interaction: users, usability, tasks, and cognitive models
• Integrate an understanding of human abilities with technological demands
• Develop task lists
• Identify usability issues, problems, and successes

Week 2

• Design: design methodology, prototyping, cybersecurity case study
• Exercise design methodology to develop an interface
• Choose appropriate design techniques for your task
• See how design lessons apply to building secure systems

Week 3

• Evaluation: usability studies, A/B testing, quantitative and qualitative evaluation, cybersecurity case study
• Perform qualitative usability analysis
• Run quantitative analyses
• Execute a usability study
• Read and analyze evaluations conducted by others

Week 4

• Strategies for Secure Interaction Design: authority, guidelines for interface design
• Apply guidelines for creating usable security
• Analyze the delegation of authority in secure systems
• Understand how guidelines are applied (or not) in existing systems and how it affects usability

Week 5

• Usable Authentication: authentication mechanisms, biometrics, two-factor authentication
• Describe many types of authentication mechanisms
• Understand the usability of various authentication mechanisms and how they relate to security

Week 6

• Usable Privacy: privacy settings, personal data sharing, data inference
• Design usable privacy systems
• Help users express privacy preferences
• Evaluate the usability of privacy systems